def test_login_discourse_success(self):
# noqa See https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045
sso = "bm9uY2U9Y2I2ODI1MWVlZmI1MjExZTU4YzAwZmYxMzk1ZjBjMGI%3D%0A"
sig = "2828aa29899722b35a2f191d34ef9b3ce695e0e6eeec47deb46d588d70c7cb56" # noqa
moderator = self.session.query(User).filter(
User.username == 'moderator').one()
redirect1 = discourse_redirect(moderator, sso, sig, self.settings)
body = self.login('moderator', sso=sso, sig=sig).json
self.assertTrue('token' in body)
redirect2 = body['redirect']
self.assertEqual(redirect1, redirect2)
def post(self):
request = self.request
username = request.validated['username']
password = request.validated['password']
user = DBSession.query(User). \
filter(User.username == username).first()
token = try_login(user, password, request) if user else None
if token:
response = token_to_response(user, token, request)
if 'sso' in request.json and 'sig' in request.json:
sso = request.json['sso']
sig = request.json['sig']
settings = request.registry.settings
redirect = discourse_redirect(user, sso, sig, settings)
response['redirect'] = redirect
return response
else:
request.errors.status = 403
request.errors.add('body', 'user', 'Login failed')
return None
