def test_login_and_logout(self):
factory = APIRequestFactory()
request = factory.post(
"/api/v1/auth/login",
{
"username": "******",
"password": "******"
},
format="json",
)
response = obtain_auth_token(request)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertIn("token", response.data)
# Logout this token
token = response.data["token"]
request = factory.get("/api/v1/auth/logout",
HTTP_AUTHORIZATION="Token {}".format(token))
view = Logout.as_view()
response = view(request)
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertIsNone(response.data)
# Retry same token and fails as unauthorized
request = factory.get("/api/v1/auth/logout",
HTTP_AUTHORIZATION="Token {}".format(token))
view = Logout.as_view()
response = view(request)
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def test_auth_analysis(self):
# Include an appropriate `Authorization:` header on all requests.
token = views.obtain_auth_token(username="******", password="******")
client = APIClient()
client.credentials(HTTP_AUTHORIZATION='Token ' + token.key)
response = client.get('http://localhost:8000/api/v1/analysis')
self.assertEqual(response.status_code, 200)
def test_obtain_auth_token(self):
self.create_user()
print 'wrong authentication'
request = self.factory.post('/api-token-auth/', {
'username': self.user.username,
'password': '******'
},
format='json')
response = obtain_auth_token(request)
self.assertEquals(response.data, {
u'non_field_errors':
[u'Unable to login with provided credentials.']
})
print 'correct authentication'
request = self.factory.post('/api-token-auth/', {
'username': self.user.username,
'password': '******'
},
format='json')
print "this is the request:\n", request
print "body:\n", request.body
self.assertEquals(request.body,
'{"username": "******", "password": "******"}')
response = obtain_auth_token(request)
print "response is\n", response.data
self.assertEquals(response.data, {'token': self.user.auth_token.key})
print 'non authenticated get'
request = self.factory.get('/labs/coplay/api/example_view/',
format='json')
response = api.example_view(request)
print "response is\n", response.data
found_user = simple_auth_token(self.user.auth_token.key)
self.assertEquals(self.user, found_user)
print 'authenticated get'
request = self.factory.get('/labs/coplay/api/example_view/',
format='json')
request.user = self.user
response = api.example_view(request)
print "response is\n", response.data
def login(self, data=None):
if data is None:
data = self.TEST_DATA
self.signup_view(data)
request = APIRequestFactory().post('/api/token-auth', data=data)
response = obtain_auth_token(request).render()
content = response.content.decode()
content = eval(content)
return response, content['token']
def userLogin(request):
username = request.POST.get("username")
password = request.POST.get("password")
user = authenticate(username=username, password=password)
if user is not None:
login(request, user)
token = views.obtain_auth_token(request).data
result = {'code': 20000, 'data': token}
return JsonResponse(result)
else:
return render(request,"error.html",{"message":"账户名或密码错误"})
def test_login_wrong_credentials(self):
factory = APIRequestFactory()
request = factory.post(
"/api/v1/login",
{
"username": "******",
"password": "******"
},
content_type="application/json",
)
response = obtain_auth_token(request)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
def test_obtain_auth_token(self):
self.create_user()
print 'wrong authentication'
request = self.factory.post('/api-token-auth/', {'username': self.user.username, 'password':'******'}, format='json')
response = obtain_auth_token(request)
self.assertEquals( response.data, {u'non_field_errors': [u'Unable to login with provided credentials.']})
print 'correct authentication'
request = self.factory.post('/api-token-auth/', {'username': self.user.username, 'password':'******'}, format='json')
print "this is the request:\n", request
print "body:\n", request.body
self.assertEquals( request.body, '{"username": "******", "password": "******"}')
response = obtain_auth_token(request)
print "response is\n", response.data
self.assertEquals( response.data, {'token': self.user.auth_token.key})
print 'non authenticated get'
request = self.factory.get('/labs/coplay/api/example_view/', format='json')
response = api.example_view(request)
print "response is\n", response.data
found_user = simple_auth_token(self.user.auth_token.key)
self.assertEquals( self.user, found_user)
print 'authenticated get'
request = self.factory.get('/labs/coplay/api/example_view/', format='json')
request.user = self.user
response = api.example_view(request)
print "response is\n", response.data
def create( self, request, *args, **kwargs ):
username = request.POST.get( 'username', None )
email = request.POST.get( 'email', None )
password = request.POST.get( 'password', None )
try:
User.objects.get( username=username )
# User already exists, throws and error
body = { "err_message" : '%s is already taken... sorry :(' % username }
return Response( body,
status=status.HTTP_400_BAD_REQUEST )
except ObjectDoesNotExist:
user = User.objects.create_user( username, email, password )
return rest_views.obtain_auth_token( request )
def create(self, request, *args, **kwargs):
username = request.POST.get('username', None)
email = request.POST.get('email', None)
password = request.POST.get('password', None)
try:
User.objects.get(username=username)
# User already exists, throws and error
body = {
"err_message": '%s is already taken... sorry :(' % username
}
return Response(body, status=status.HTTP_400_BAD_REQUEST)
except ObjectDoesNotExist:
user = User.objects.create_user(username, email, password)
return rest_views.obtain_auth_token(request)
def token_view(request):
'''
API endpoint that allows users to get a token
---
parameters:
- name: username
description: The username you want to get the token
- name: password
description: Password of the user
type: password
'''
response = obtain_auth_token(request)
if response.status_code != status.HTTP_200_OK:
sleep(settings.BAD_LOGIN_SLEEP_TIME)
return response
def token_view(request):
'''
API endpoint that allows users to get a token
---
parameters:
- name: username
description: The username you want to get the token
- name: password
description: Password of the user
type: password
'''
response = obtain_auth_token(request)
if response.status_code != status.HTTP_200_OK:
sleep(settings.BAD_LOGIN_SLEEP_TIME)
return response
def autenticar(request):
#myDict = dict(request.POST.iterlists())
username = request.POST['username']
password = request.POST['password']
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
#login(request, user)
token = Token.objects.get_or_create(user=user)
print("Token adquirido: ", obtain_auth_token(request).data)
serializer = UserSerializer(user)
serializer.data['token'] = obtain_auth_token(request).data
return JSONResponse(serializer.data)
#tex = "Usuario %s logueado!" % username
#return HttpResponse(tex)
# Redirect to a success page.
"""
else:
# Return a 'disabled account' error message
else:
# Return an 'invalid login' error message.
"""
texDev = "Usuario %s a loguear!" % username
return HttpResponse(texDev)
def test_can_get_auth_token(self):
payload = {
'username': self.test_username,
'password': '******',
}
user = User(**self.get_user_kwargs())
user.set_password(user.password)
user.save()
request = self.factory.post("/api/user/api-token-auth/", payload)
response = obtain_auth_token(request)
token = Token.objects.get(
user=user
) # must be after the request, the token will be created if it doesn't exist by the view
self.assertEqual(token.key, response.data.get('token'))
def testAuthToken(self):
request = self.factory.post("/api-token-auth/", {"username": self.data["email"], "password": self.data["password"]})
response = auth_views.obtain_auth_token(request)
self.assertEqual(response.data["token"], self.token.key)
def login(self, request):
return obtain_auth_token(request._request)
