def test_login_and_store_credentials_in_session(self): # only testing custom logic, which happens on POST # everything else is handled by django.contrib.auth mockrequest = Mock() mockrequest.method = 'POST' def not_logged_in(rqst): rqst.user.is_authenticated.return_value = False def set_logged_in(rqst): rqst.user.is_authenticated.return_value = True rqst.POST.get.return_value = "TEST_PASSWORD" # failed login with patch('eulfedora.views.authviews.login', new=Mock(side_effect=not_logged_in)): mockrequest.session = dict() response = login_and_store_credentials_in_session(mockrequest) self.assert_(FEDORA_PASSWORD_SESSION_KEY not in mockrequest.session, 'user password for fedora should not be stored in session on failed login') # successful login with patch('eulfedora.views.authviews.login', new=Mock(side_effect=set_logged_in)): response = login_and_store_credentials_in_session(mockrequest) self.assert_(FEDORA_PASSWORD_SESSION_KEY in mockrequest.session, 'user password for fedora should be stored in session on successful login') # test password stored in the mock request pwd = mockrequest.POST.get() # encrypted password stored in session sessionpwd = mockrequest.session[FEDORA_PASSWORD_SESSION_KEY] self.assertNotEqual(pwd, sessionpwd, 'password should not be stored in the session without encryption') self.assertEqual(pwd, cryptutil.decrypt(sessionpwd), 'user password stored in session is encrypted')
def test_encrypt_decrypt(text): encrypted = cryptutil.encrypt(text) self.assertNotEqual(text, encrypted, "encrypted text should not match original") decrypted = cryptutil.decrypt(encrypted) self.assertEqual(text, force_text(decrypted), "decrypted text (%s) should match original encrypted text (%s)" % (force_text(decrypted), text))
def test_encrypt_decrypt(text): encrypted = cryptutil.encrypt(text) self.assertNotEqual(text, encrypted, "encrypted text should not match original") decrypted = cryptutil.decrypt(encrypted) self.assertEqual( text, force_text(decrypted), "decrypted text (%s) should match original encrypted text (%s)" % (force_text(decrypted), text))
def __init__(self, root=None, username=None, password=None, request=None, retries=default_retry_option): # when initialized via django, settings should be pulled from django conf if root is None: try: from django.conf import settings from eulfedora import cryptutil root = getattr(settings, 'FEDORA_ROOT', None) if root is None: raise Exception('Cannot initialize a Fedora connection without specifying ' + 'Fedora root url directly or in Django settings as FEDORA_ROOT') # if username and password are not set, attempt to pull from django conf if username is None and password is None: if request is not None and request.user.is_authenticated() and \ FEDORA_PASSWORD_SESSION_KEY in request.session: username = request.user.username password = cryptutil.decrypt(request.session[FEDORA_PASSWORD_SESSION_KEY]) if username is None and hasattr(settings, 'FEDORA_USER'): username = settings.FEDORA_USER if password is None and hasattr(settings, 'FEDORA_PASSWORD'): password = settings.FEDORA_PASSWORD if hasattr(settings, 'FEDORA_PIDSPACE'): self.default_pidspace = settings.FEDORA_PIDSPACE # if retries is specified in if hasattr(settings, 'FEDORA_CONNECTION_RETRIES'): self.retries = settings.FEDORA_CONNECTION_RETRIES except ImportError: pass # if retries is specified in init options, that should override # default value or django setting if retries is not self.default_retry_option: self.retries = retries if root is None: raise Exception('Could not determine Fedora root url from django settings or parameter') logger.debug("Connecting to fedora at %s %s", root, 'as %s' % username if username else '(no user credentials)') self.api = ApiFacade(root, username, password) self.fedora_root = self.api.base_url self.username = username self.password = password self._risearch = None
def __init__(self, root=None, username=None, password=None, request=None, retries=default_retry_option): # when initialized via django, settings should be pulled from django conf if root is None: try: from django.conf import settings from eulfedora import cryptutil root = getattr(settings, 'FEDORA_ROOT', None) if root is None: raise Exception('Cannot initialize a Fedora connection without specifying ' + 'Fedora root url directly or in Django settings as FEDORA_ROOT') # if username and password are not set, attempt to pull from django conf if username is None and password is None: if request is not None and request.user.is_authenticated() and \ FEDORA_PASSWORD_SESSION_KEY in request.session: username = request.user.username password = cryptutil.decrypt(request.session[FEDORA_PASSWORD_SESSION_KEY]) if username is None and hasattr(settings, 'FEDORA_USER'): username = settings.FEDORA_USER if password is None and hasattr(settings, 'FEDORA_PASSWORD'): password = settings.FEDORA_PASSWORD if hasattr(settings, 'FEDORA_PIDSPACE'): self.default_pidspace = settings.FEDORA_PIDSPACE # if retries is specified in if hasattr(settings, 'FEDORA_CONNECTION_RETRIES'): self.retries = settings.FEDORA_CONNECTION_RETRIES except ImportError: pass # if retries is specified in init options, that should override # default value or django setting if retries is not self.default_retry_option: self.retries = retries if root is None: raise Exception('Could not determine Fedora root url from django settings or parameter') logger.debug("Connecting to fedora at %s %s" % (root, 'as %s' % username if username else '(no user credentials)')) self.api = ApiFacade(root, username, password) self.fedora_root = self.api.base_url self.username = username self.password = password self._risearch = None
def __init__(self, root=None, username=None, password=None, request=None): global _connection # when initialized via django, settings should be pulled from django conf if root is None: # if global connection is not set yet, initialize it if _connection is None: init_pooled_connection() root = _connection # if username and password are not set, attempt to pull from django conf if username is None and password is None: try: from django.conf import settings from eulfedora import cryptutil if request is not None and request.user.is_authenticated() and \ FEDORA_PASSWORD_SESSION_KEY in request.session: username = request.user.username password = cryptutil.decrypt(request.session[FEDORA_PASSWORD_SESSION_KEY]) if username is None and hasattr(settings, 'FEDORA_USER'): username = settings.FEDORA_USER if password is None and hasattr(settings, 'FEDORA_PASSWORD'): password = settings.FEDORA_PASSWORD if hasattr(settings, 'FEDORA_PIDSPACE'): self.default_pidspace = settings.FEDORA_PIDSPACE except ImportError: pass if root is None: raise Exception('Could not determine Fedora root url from django settings or parameter') logger.debug("Connecting to fedora at %s %s" % (root, 'as %s' % username if username else '(no user credentials)')) self.opener = AuthorizingServerConnection(root, username, password) self.api = ApiFacade(self.opener) self.fedora_root = self.opener.base_url self.username = username self.password = password self._risearch = None
def test_login_and_store_credentials_in_session(self): # only testing custom logic, which happens on POST # everything else is handled by django.contrib.auth mockrequest = Mock() mockrequest.method = 'POST' def not_logged_in(rqst): rqst.user.is_authenticated.return_value = False def set_logged_in(rqst): rqst.user.is_authenticated.return_value = True rqst.POST.get.return_value = "TEST_PASSWORD" # failed login with patch('eulfedora.views.authviews.login', new=Mock(side_effect=not_logged_in)): mockrequest.session = dict() response = login_and_store_credentials_in_session(mockrequest) self.assert_( FEDORA_PASSWORD_SESSION_KEY not in mockrequest.session, 'user password for fedora should not be stored in session on failed login' ) # successful login with patch('eulfedora.views.authviews.login', new=Mock(side_effect=set_logged_in)): response = login_and_store_credentials_in_session(mockrequest) self.assert_( FEDORA_PASSWORD_SESSION_KEY in mockrequest.session, 'user password for fedora should be stored in session on successful login' ) # test password stored in the mock request pwd = mockrequest.POST.get() # encrypted password stored in session sessionpwd = mockrequest.session[FEDORA_PASSWORD_SESSION_KEY] self.assertNotEqual( pwd, sessionpwd, 'password should not be stored in the session without encryption' ) self.assertEqual(pwd, force_text(cryptutil.decrypt(sessionpwd)), 'user password stored in session is encrypted')