def test_standalone_student_exists(self):
test = {"email": "test@localhost"}
username, password = get_student_username_and_password(**test)
Student.objects.create(student=User.objects.create_user(
username=username, email=test["email"], password=password))
user, is_lti = authenticate_student(HttpRequest(), **test)
self.assertIsInstance(user, User)
def test_user_doesnt_exist(self):
test = {"email": "test@localhost"}
user, is_lti = authenticate_student(HttpRequest(), **test)
self.assertIsInstance(user, User)
self.assertFalse(is_lti)
self.assertTrue(User.objects.filter(email=test["email"]).exists())
self.assertTrue(
Student.objects.filter(student__email=test["email"]).exists())
def test_standalone_user_exists_is_teacher(self):
test = {"email": "test@localhost"}
username, password = get_student_username_and_password(**test)
Teacher.objects.create(user=User.objects.create_user(
username=username, email=test["email"], password=password))
user, is_lti = authenticate_student(HttpRequest(), **test)
self.assertIsInstance(user, User)
self.assertFalse(is_lti)
self.assertFalse(
Student.objects.filter(student__email=test["email"]).exists())
def test_lti_student_exists(self):
test = {"email": "test@localhost"}
user_id = test["email"][:-10]
username, password = get_old_lti_student_username_and_password(user_id)
Student.objects.create(student=User.objects.create_user(
username=username, email=test["email"], password=password))
new_username, _ = get_student_username_and_password(test["email"])
user, is_lti = authenticate_student(HttpRequest(), **test)
self.assertIsInstance(user, User)
self.assertTrue(is_lti)
self.assertEqual(len(User.objects.filter(email=test["email"])), 1)
self.assertEqual(
len(Student.objects.filter(student__email=test["email"])), 1)
self.assertFalse(User.objects.filter(username=new_username).exists())
self.assertFalse(
Student.objects.filter(student__username=new_username).exists())
def authentication_hook(
self,
request,
user_id=None,
username=None,
email=None,
extra_params=None,
):
if extra_params is None:
extra_params = {}
# username and email might be empty, depending on how edX LTI module
# is configured:
# there are individual settings for that + if it's embedded into an
# iframe it never sends email and username in any case so, since we
# want to track user for both iframe and non-iframe LTI blocks,
# username is completely ignored
email = email if email else user_id + "@localhost"
user, __ = authenticate_student(request, email, user_id)
if isinstance(user, User):
login(
request,
user,
backend="peerinst.backends.CustomPermissionsBackend",
)
# LTI sessions are created implicitly, and are not terminated when
# user logs out of Studio/LMS, which may lead to granting access to
# unauthorized users in shared computer setting. Students have no way
# to terminate dalite session (other than cleaning cookies). This
# setting instructs browser to clear session when browser is
# closed --- this allows staff user to terminate the session easily,
# which decreases the chance of session hijacking in shared computer
# environment.
# TL; DR; Sets session expiry on browser close.
request.session.set_expiry(0)
request.session["LTI"] = True
