def test_generate_auth(app): wsgi_env = { 'REMOTE_ADDR': os.environ.get('REMOTE_ADDR', '1.2.3.4'), 'HTTP_USER_AGENT': os.environ.get('HTTP_USER_AGENT', 'cURL')} with app.test_request_context(environ_base=wsgi_env): salt, actual_pass = utils.generate_auth('pepper', 'password') assert actual_pass is not None assert 88 == len(actual_pass)
def test_generate_auth(self): wsgi_env = { 'REMOTE_ADDR': os.environ.get('REMOTE_ADDR', '1.2.3.4'), 'HTTP_USER_AGENT': os.environ.get('HTTP_USER_AGENT', 'cURL')} with self.app.test_request_context(environ_base=wsgi_env): salt, actual_pass = utils.generate_auth('pepper', 'password') self.assertIsNotNone(actual_pass) self.assertEquals(88, len(actual_pass))
def test_generate_auth(self): wsgi_env = { 'REMOTE_ADDR': os.environ.get('REMOTE_ADDR', '1.2.3.4'), 'HTTP_USER_AGENT': os.environ.get('HTTP_USER_AGENT', 'cURL') } with self.app.test_request_context(environ_base=wsgi_env): salt, actual_pass = utils.generate_auth('pepper', 'password') self.assertIsNotNone(actual_pass) self.assertEquals(88, len(actual_pass))
def test_generate_auth(app): wsgi_env = { 'REMOTE_ADDR': os.environ.get('REMOTE_ADDR', '1.2.3.4'), 'HTTP_USER_AGENT': os.environ.get('HTTP_USER_AGENT', 'cURL') } with app.test_request_context(environ_base=wsgi_env): salt, actual_pass = utils.generate_auth('pepper', 'password') assert actual_pass is not None assert 88 == len(actual_pass)
def __generate_credentials(email): # @TODO: use a non-gatorlink password here password = email salt, password_hash = utils.generate_auth(app.config['SECRET_KEY'], password) # Note: we store the salt as a prefix return { "email": email, "salt": salt, "password_hash": password_hash, }
def api_save_user(): """ Save a new user to the database TODO: Add support for reading a password field """ email = request.form['email'] first = request.form['first'] last = request.form['last'] minitial = request.form['minitial'] roles = request.form.getlist('roles[]') email_exists = False try: existing_user = UserEntity.query.filter_by(email=email).one() email_exists = existing_user is not None except: pass if email_exists: return utils.jsonify_error( {'message': 'Sorry. This email is already taken.'}) # @TODO: use a non-gatorlink password here password = email salt, password_hash = utils.generate_auth(app.config['SECRET_KEY'], password) added_date = datetime.today() access_end_date = utils.get_expiration_date(180) # Note: we store the salt as a prefix user = UserEntity.create(email=email, first=first, last=last, minitial=minitial, added_at=added_date, modified_at=added_date, access_expires_at=access_end_date, password_hash="{}:{}".format(salt, password_hash)) user_roles = [] try: for role_name in roles: role_entity = RoleEntity.query.filter_by(name=role_name).one() user_roles.append(role_entity) except Exception as exc: app.logger.debug("Problem saving user: {}".format(exc)) [user.roles.append(rol) for rol in user_roles] user = UserEntity.save(user) app.logger.debug("saved user: {}".format(user)) LogEntity.account_created(session['uuid'], user) return utils.jsonify_success({'user': user.serialize()})