def get_user_data_from_session(self): """Retrieve user info from session.""" cookies = "; ".join(["{}={}".format(k, v) for k, v in self.testapp.cookies.items()]) request = webapp2.Request.blank('/', headers=[('Cookie', cookies)]) request.app = self.app a = auth.Auth(request=request) return a.get_user_by_session()
def test_set_auth(self): app = webapp2.WSGIApplication() req = webapp2.Request.blank('/') req.app = app a = auth.Auth(req) self.assertEqual(len(req.registry), 0) auth.set_auth(a, request=req) self.assertEqual(len(req.registry), 1) a = auth.get_auth(request=req) self.assertTrue(isinstance(a, auth.Auth))
def test_get_user_by_session(self): app = webapp2.WSGIApplication( config={'webapp2_extras.sessions': { 'secret_key': 'foo', }}) req = webapp2.Request.blank('/') rsp = webapp2.Response() req.app = app s = auth.get_store(app=app) a = auth.Auth(request=req) session_store = sessions.get_store(request=req) # This won't work. a.set_session_data({}) self.assertEqual(a.session.get('_user'), None) # This won't work. a.session['_user'] = {} self.assertEqual(a.get_session_data(), None) self.assertEqual(a.session.get('_user'), None) # Create a user. m = models.User success, user = m.create_user(auth_id='auth_id', password_raw='password') user_id = user.key.id() # Get user with session. An anonymous_user is returned. rv = a.get_user_by_session() self.assertTrue(rv is None) # Login with password. User dict is returned. rv = a.get_user_by_password('auth_id', 'password') self.assertEqual(rv['user_id'], user_id) # Save sessions. session_store.save_sessions(rsp) # Get user with session. Voila! cookies = rsp.headers.get('Set-Cookie') req = webapp2.Request.blank('/', headers=[('Cookie', cookies)]) rsp = webapp2.Response() req.app = app a = auth.Auth(request=req) # only auth_id is returned when there're no # custom user attributes defined. rv = a.get_user_by_session() self.assertEqual(rv['user_id'], user_id) # If we call get_user_by_token() now, the same user is returned. rv2 = a.get_user_by_token(rv['user_id'], rv['token']) self.assertTrue(rv is rv2) # Let's get it again and check that token is the same. token = rv['token'] a._user = None rv = a.get_user_by_session() self.assertEqual(rv['user_id'], user_id) self.assertEqual(rv['token'], token) # Now let's force token to be renewed and check that we have a new one. s.config['token_new_age'] = None a._user = None rv = a.get_user_by_session() self.assertEqual(rv['user_id'], user_id) self.assertNotEqual(rv['token'], token) # Now let's force token to be invalid. s.config['token_max_age'] = None a._user = None rv = a.get_user_by_session() self.assertEqual(rv, None)