def test_password_check(self):
auth.add_user("test_user", "password")
# check_credentials returns None if there is no error,
# or returns error string
self.assertIsNone(auth.check_credentials("test_user", "password"))
self.assertIsNotNone(auth.check_credentials("test_user", "wrong"))
def login(self, username, password):
if username is None or password is None:
raise cherrypy.HTTPRedirect("/")
error_msg = check_credentials(username, password)
if error_msg:
return self.get_login_form(dict(error_msg=error_msg))
else:
cherrypy.session[SESSION_KEY] = cherrypy.request.login = username
raise cherrypy.HTTPRedirect("/table/list")
def auth_button_click():
global ACCESS_GRANTED
if not ACCESS_GRANTED:
ACCESS_GRANTED = auth.check_credentials(auth_user.value, auth_pass.value, 'admin')
if ACCESS_GRANTED:
auth_button.label = 'Access Granted'
auth_button.button_type = 'success'
curdoc().clear()
curdoc().add_root(settings_layout)
else:
auth_button.label = 'Failed'
auth_button.button_type = 'danger'
time.sleep(3)
auth_button.label = 'Authenticate'
auth_button.button_type = 'warning'
def login():
user = request.args.get("user")
passwd = request.args.get("passwd")
if not user or not passwd:
return "username or password missing!", 400
if auth.check_credentials(user, passwd):
mac = ip2mac.lookup(request.remote_addr)
if (not mac):
return "not in network", 500
l.login(user, mac)
name = auth.get_name(user)
return '{"user": "******", "name": "%s"}' % (user, name), 202
else:
return "wrong username or password", 401
def test_password_too_long(self):
password = "******" * 4097
self.assertIsNotNone(auth.add_user("test_user", password))
self.assertIsNotNone(auth.check_credentials("test_user", password))
def test_nonexistent_user(self):
self.assertIsNotNone(auth.check_credentials("test_user", "password"))
