def test_authenticate_should_return_account_when_ldap_says_yes(self):
ldap_user = Mock()
ldap_user.is_admin.return_value = None # mock to avoid database access
with patch("nav.web.ldapauth.available", new=True):
with patch("nav.web.ldapauth.authenticate",
return_value=ldap_user):
assert auth.authenticate('knight', 'shrubbery') == LDAP_ACCOUNT
def do_login(request):
# FIXME Log stuff?
errors = []
form = LoginForm(request.POST)
origin = request.POST.get('origin', '').strip()
if form.is_valid():
username = form.cleaned_data['username']
password = form.cleaned_data['password']
try:
account = auth.authenticate(username, password)
except ldapauth.Error, e:
errors.append('Error while talking to LDAP:\n%s' % e)
else:
if account:
try:
request.session[ACCOUNT_ID_VAR] = account.id
request.account = account
except ldapauth.Error, e:
errors.append('Error while talking to LDAP:\n%s' % e)
else:
_logger.info("%s successfully logged in", account.login)
if not origin:
origin = reverse('webfront-index')
return HttpResponseRedirect(origin)
else:
def do_login(request):
"""Do a login based on post parameters"""
errors = []
form = LoginForm(request.POST)
origin = request.POST.get('origin', '').strip()
if form.is_valid():
username = form.cleaned_data['username']
password = form.cleaned_data['password']
try:
account = auth.authenticate(username, password)
except ldapauth.Error as error:
errors.append('Error while talking to LDAP:\n%s' % error)
else:
if account:
LogEntry.add_log_entry(
account, 'log-in', '{actor} logged in', before=account
)
try:
request.session[ACCOUNT_ID_VAR] = account.id
request.account = account
except ldapauth.Error as error:
errors.append('Error while talking to LDAP:\n%s' % error)
else:
_logger.info("%s successfully logged in", account.login)
if not origin:
origin = reverse('webfront-index')
return HttpResponseRedirect(origin)
else:
_logger.info("failed login: %r", username)
errors.append(
'Username or password is incorrect, or the ' 'account is locked.'
)
# Something went wrong. Display login page with errors.
return render(
request,
'webfront/login.html',
{
'form': form,
'errors': errors,
'origin': origin,
},
)
def test_authenticate_should_fallback_when_ldap_is_disabled(self):
nav.web.ldapauth.available = False
self.assertEquals(auth.authenticate('knight', 'shrubbery'),
self.mock_account)
def test_authenticate_should_return_false_when_ldap_says_no(self):
with patch("nav.web.ldapauth.authenticate", return_value=False):
self.assertFalse(auth.authenticate('knight', 'shrubbery'))
def test_authenticate_should_return_account_when_ldap_says_yes(self):
with patch("nav.web.ldapauth.authenticate", return_value=True):
self.assertEquals(auth.authenticate('knight', 'shrubbery'),
self.mock_account)
def test_authenticate_should_return_account_when_password_is_ok(self):
with patch("nav.web.auth.Account.check_password", return_value=True):
assert auth.authenticate('knight', 'shrubbery') == PLAIN_ACCOUNT
def test_authenticate_should_fallback_when_ldap_is_disabled(self):
with patch("nav.web.ldapauth.available", new=False):
assert auth.authenticate('knight', 'shrubbery') == LDAP_ACCOUNT
def test_authenticate_should_return_account_when_password_is_ok(self):
with patch("nav.web.auth.Account.check_password", return_value=True):
self.assertEquals(auth.authenticate('knight', 'shrubbery'),
self.mock_account)
def test_authenticate_should_return_false_when_ldap_says_no(self):
with patch("nav.web.auth.Account.check_password", return_value=False):
self.assertFalse(auth.authenticate('knight', 'rabbit'))
def test_authenticate_should_fallback_when_ldap_is_disabled(self):
nav.web.ldapauth.available = False
self.assertEquals(auth.authenticate('knight', 'shrubbery'),
self.mock_account)
def test_authenticate_should_return_false_when_ldap_says_no(self):
with patch("nav.web.ldapauth.authenticate", return_value=False):
self.assertFalse(auth.authenticate('knight', 'shrubbery'))
def test_authenticate_should_return_account_when_ldap_says_yes(self):
with patch("nav.web.ldapauth.authenticate", return_value=True):
self.assertEquals(auth.authenticate('knight', 'shrubbery'),
self.mock_account)
def test_authenticate_should_return_account_when_password_is_ok(self):
with patch("nav.web.auth.Account.check_password", return_value=True):
self.assertEquals(auth.authenticate('knight', 'shrubbery'),
self.mock_account)
def test_authenticate_should_return_false_when_ldap_says_no(self):
with patch("nav.web.ldapauth.available", new=True):
with patch("nav.web.ldapauth.authenticate", return_value=False):
assert not auth.authenticate('knight', 'shrubbery')
def test_authenticate_should_return_false_when_ldap_says_no(self):
with patch("nav.web.auth.Account.check_password", return_value=False):
self.assertFalse(auth.authenticate('knight', 'rabbit'))
def test_authenticate_should_return_account_when_ldap_says_yes(self):
with patch("nav.web.ldapauth.available", new=True):
with patch("nav.web.ldapauth.authenticate", return_value=True):
assert auth.authenticate('knight', 'shrubbery') == LDAP_ACCOUNT
