def test_login(self, mocked_generate_token):
"""Test case for login
Log in to the API
"""
login_details = {"email": MOCK_EMAIL, "password": MOCK_PASSWORD}
expected_token = generate_token(MOCK_ID)
mocked_generate_token.return_value = expected_token
expected_response = {
"name": "Test User",
"email": MOCK_EMAIL,
"token": expected_token
}
headers = {
"Accept": "application/json",
"Content-Type": "application/json"
}
response = self.client.open(
"/api/login",
method="POST",
headers=headers,
data=json.dumps(login_details),
content_type="application/json",
)
self.assert_200(response,
"Response body is : " + response.data.decode("utf-8"))
assert response.json == expected_response
def auth(provider):
"""Auth redirect URL"""
if not connexion.request.args.get("code"):
return "Bad request", 400
code = connexion.request.args["code"]
frontend_url = build_url(
current_app.config.get("FRONTEND_URL", "http://localhost:3000"),
"login")
provider_config = _get_provider_config(provider)
user = _get_user_from_provider(provider, provider_config, code)
if not user:
return "Unauthorized", 401
jwt_token = generate_token(user.id)
token = _find_or_create_token("login-token", user)
token.token = jwt_token
session.add(token)
session.commit()
if provider == "keycloak":
query_params = urlencode({
"email": user.email,
"name": user.name,
"token": jwt_token
})
return redirect(f"{frontend_url}?{query_params}")
elif provider == "google":
return {"email": user.email, "name": user.name, "token": jwt_token}
else:
return make_response(
AUTH_WINDOW.format(data=json.dumps({
"email": user.email,
"name": user.name,
"token": jwt_token
})))
def login(email=None, password=None):
"""login
:param email: The e-mail address of the user
:type email: str
:param password: The password for the user
:type password: str
:rtype: LoginToken
"""
if not connexion.request.is_json:
return "Bad request, JSON is required", 400
login = connexion.request.get_json()
if not login.get("email") or not login.get("password"):
return {
"code": "EMPTY",
"message": "Username and/or password are empty"
}, 401
user = User.query.filter_by(email=login["email"]).first()
# superadmins can login even if local login is disabled
if user and not user.is_superadmin and not current_app.config.get(
"USER_LOGIN_ENABLED", True):
return {
"code":
"INVALID",
"message":
"Username/password auth is disabled. "
"Please login via one of the links below.",
}, 401
if user and user.check_password(login["password"]):
login_token = generate_token(user.id)
token = Token.query.filter(Token.name == "login-token",
Token.user_id == user.id).first()
if not token:
token = Token(name="login-token", user_id=user.id)
token.token = login_token
session.add(token)
session.commit()
return {"name": user.name, "email": user.email, "token": login_token}
else:
if not current_app.config.get("USER_LOGIN_ENABLED", True):
return {
"code":
"INVALID",
"message":
"Username/password auth is disabled. "
"Please login via one of the links below.",
}, 401
else:
return {
"code": "INVALID",
"message": "Username and/or password are invalid"
}, 401
def add_token(token=None, token_info=None, user=None):
"""Create a new token
:param body: Token object
:type body: dict | bytes
:rtype: Token
"""
if not connexion.request.is_json:
return "Bad request, JSON is required", 400
user = User.query.get(user)
if not user:
return "Not authorized", 401
token = Token.from_dict(**connexion.request.get_json())
token.user = user
token.expires = datetime.fromisoformat(token.expires.replace(
"Z", "+00:00"))
token.token = generate_token(user.id, token.expires.timestamp())
session.add(token)
session.commit()
return token.to_dict(), 201
def create_app(self):
logging.getLogger("connexion.operation").setLevel("ERROR")
extra_config = {
"TESTING": True,
"LIVESERVER_PORT": 0,
"SQLALCHEMY_DATABASE_URI": "sqlite:///:memory:",
"GOOGLE_CLIENT_ID": "*****@*****.**",
"GITHUB_CLIENT_ID": None,
"FACEBOOK_APP_ID": None,
"GITLAB_CLIENT_ID": "dfgfdgh4563453456dsfgdsfg456",
"GITLAB_BASE_URL": "https://gitlab.com",
"JWT_SECRET": "89807erkjhdfgu768dfsgdsfg345r",
"KEYCLOAK_BASE_URL": None,
"KEYCLOAK_CLIENT_ID": None,
}
app = get_app(**extra_config)
create_celery_app(app)
# Add a test user
with app.app_context():
self.test_user = User(name="Test User",
email="*****@*****.**",
is_active=True)
session.add(self.test_user)
session.commit()
self.jwt_token = generate_token(self.test_user.id)
token = Token(name="login-token",
user=self.test_user,
token=self.jwt_token)
session.add(token)
session.commit()
session.refresh(self.test_user)
if ibutsu_server.tasks.task is None:
ibutsu_server.tasks.task = mock_task
return app