def create_tables(): db.create_all() LOGGER.debug('Setting roles...') Permission.insert_permissions() Role.insert_roles() LOGGER.debug('Setting users...') User.insert_users(_config)
def google_auth(): """ Redirect uri after google authorization code oauth. Authenticates user using google information, login_type set to google. --- responses: 200: description: Redirect to home page. 401: description: Authentication issue. """ _token = oauth.google.authorize_access_token() google_user = oauth.google.parse_id_token(_token) LOGGER.debug(f" Google User {google_user}") username = google_user['name'].replace(' ', '').lower() LOGGER.debug(f" Google User Name {username}") user = User.query.filter_by(email=google_user['email']).first() _password = "******" if not user: user = User(email=google_user['email'], username=username, password=_password, login_type=LoginType.GOOGLE) db.session.add(user) db.session.commit() if user is not None and user.verify_password(_password): # login_user(user, remember=False) next = request.args.get('next') if next is None or not next.startswith('/'): next = url_for('main.index') return redirect(next) flash('Invalid username or password.') return redirect(url_for('main.index'))
def token(): configure_oauth() state = request.args['state'] LOGGER.debug(f"State [{state}], _google_authlib_state_[{session.get('_google_authlib_state_')}]") LOGGER.debug(session) session['_google_authlib_state_'] = state _token = oauth.google.authorize_access_token() google_user = oauth.google.parse_id_token(_token) LOGGER.debug(f" Google User {google_user}") username = google_user['name'].replace(' ', '').lower() LOGGER.debug(f" Google User Name {username}") user = User.query.filter_by(email=google_user['email']).first() _password = "******" if not user: user = User.query.filter_by(username=username).first() if user: LOGGER.debug(f" Username {username} already exists. Using email as username.") username = google_user['email'] user = User(email=google_user['email'], username=username, password=_password, login_type=LoginType.GOOGLE) db.session.add(user) db.session.commit() access_token = issue_token_for_user(user) LOGGER.debug(f'Access token {access_token}') return jsonify({**user.to_json(), 'access_token': access_token}), 200
def update_user_request_not_found(query_mock, user_admin_valid, role_admin_valid, user_valid): from lorem_ipsum_auth.models import User, Role, Permission role = Role(id=role_admin_valid['id'], name=role_admin_valid['name'], default=role_admin_valid['default'], permissions=[ Permission.from_str(perm) for perm in role_admin_valid['permissions'] ]) Role.query.filter_by.return_value.first.return_value = role admin_user = User.from_dict(user_admin_valid) admin_user.role = role User.query.filter_by.return_value.filter_by.return_value.first.return_value = admin_user def _filter_by(*args, **kwargs): if kwargs.get('username') == user_admin_valid['username']: _mock = mock.MagicMock() _mock.first.return_value = admin_user return _mock else: _mock = mock.MagicMock() _mock.first.return_value = None return _mock User.query.filter_by.side_effect = _filter_by yield user_admin_valid
def role_add_existing_request(query_mock, user_admin_valid, role_editor_valid): from lorem_ipsum_auth.models import User, Role, Permission Role.query.filter_by.return_value.first.return_value = Role( id=role_editor_valid['id'], name=role_editor_valid['name'], permissions=[ Permission.from_str(perm) for perm in role_editor_valid['permissions'] ]) User.query.filter_by.return_value.filter_by.return_value.first.return_value = User.from_dict( user_admin_valid) User.query.filter_by.return_value.first.return_value = User.from_dict( user_admin_valid) Permission.query.filter_by.return_value.first.return_value = Permission.from_str( 'books:add') yield user_admin_valid
def register(): """ Signin by POST credentials or UsernamePassword GET. --- definitions: - schema: id: RegisterRequest properties: username: type: string description: username password: type: string description: password email: type: string description: email parameters: - in: body name: registerRequest required: true description: username and password schema: $ref: "#/definitions/RegisterRequest" responses: 200: description: User profile including access token. schema: $ref: '#/definitions/LoginResponse' 401: description: Invalid username or password. """ _request = from_json(request.data.decode('utf-8')) if User.query.filter_by(username=_request['username']).first(): return jsonify('User already registered'), 400 user = User(email=_request['email'], username=_request['username'], password=_request['password']) user.role = Role.query.filter_by(default=True).first() db.session.add(user) db.session.commit() access_token = issue_token_for_user(user) return jsonify({**user.to_json(), 'access_token': access_token}), 200
def role_add_valid_request(query_mock, user_admin_valid, role_editor_valid): from lorem_ipsum_auth.models import User, Role orig_query = Role.query.filter_by.return_value def _filter_by(*args, **kwargs): if kwargs.get('name') == role_editor_valid['name']: _mock = mock.MagicMock() _mock.first.return_value = None return _mock return orig_query Role.query.filter_by.side_effect = _filter_by User.query.filter_by.return_value.filter_by.return_value.first.return_value = User.from_dict( user_admin_valid) User.query.filter_by.return_value.first.return_value = User.from_dict( user_admin_valid) yield user_admin_valid
def issue_token(user: dict, role: dict) -> str: from lorem_ipsum_auth.models import User, Permission, Role from lorem_ipsum_auth.auth import issue_token_for_user role = Role(id=user['id'], name=role['name'], permissions=[ Permission.from_str(perm) for perm in role['permissions'] ]) Role.query.filter_by.return_value.first.return_value = role _user = User.from_dict(user) _user.role = role User.query.filter_by.return_value.filter_by.return_value.first.return_value = _user User.query.filter_by.return_value.first.return_value = _user return issue_token_for_user(_user)
def login_valid_request(query_mock, user_admin_valid, role_admin_valid): from lorem_ipsum_auth.models import User, Role, Permission role = Role(id=role_admin_valid['id'], name=role_admin_valid['name'], default=role_admin_valid['default'], permissions=[ Permission.from_str(perm) for perm in role_admin_valid['permissions'] ]) Role.query.filter_by.return_value.first.return_value = role admin_user = User.from_dict(user_admin_valid) admin_user.role = role User.query.filter_by.return_value.filter_by.return_value.first.return_value = admin_user User.query.filter_by.return_value.first.return_value = admin_user yield admin_user