def _execute_requests(self, reqs):
admin = User.objects.get(username="******")
user = User.objects.get(id=USER_ID)
user.token = "password-token"
user.email_token = "email-token"
user.new_email = "*****@*****.**"
user.save()
user_token = get_token_for_user(user, "authentication")
admin_token = get_token_for_user(admin, "authentication")
os.environ["AUTH_TOKEN"] = user_token
os.environ["ADMIN_AUTH_TOKEN"] = admin_token
host = "http://*****:*****@"))
fd.write("\n----\n")
curl_cmd = curl_cmd.replace(
"$$INCLUDE_FILE$$", "@{}/".format(os.path.dirname(__file__)))
output_path = os.path.join("output", key + "-output.adoc")
result = subprocess.run(curl_cmd + " -f",
shell=True,
stdout=subprocess.PIPE)
print(key)
if result.returncode != 0:
result = subprocess.run(curl_cmd,
shell=True,
stdout=subprocess.PIPE)
print("ERROR on key: ", key)
print(result)
if result.stdout == b'':
continue
with open(output_path, "w") as fd:
fd.write("[source,json]\n")
fd.write("----\n")
if req.get('index', None) is not None:
json.dump(json.loads(
result.stdout.decode('utf-8'))[req['index']],
fd,
sort_keys=True,
indent=4)
else:
json.dump(json.loads(result.stdout.decode('utf-8')),
fd,
sort_keys=True,
indent=4)
fd.write("\n----\n")
def _execute_requests(self, reqs):
admin = User.objects.get(username="******")
user = User.objects.get(id=USER_ID)
user.token = "password-token"
user.email_token = "email-token"
user.new_email = "*****@*****.**"
user.save()
user_token = get_token_for_user(user, "authentication")
admin_token = get_token_for_user(admin, "authentication")
os.environ["AUTH_TOKEN"] = user_token
os.environ["ADMIN_AUTH_TOKEN"] = admin_token
host = "http://*****:*****@"))
fd.write("\n----\n")
if req['method'] == "DELETE":
continue
curl_cmd = curl_cmd.replace("$$INCLUDE_FILE$$", "@{}/".format(os.path.dirname(__file__)))
output_path = os.path.join("output", key + "-output.adoc")
if "response" in req:
response_data = req['response']
else:
result = subprocess.run(curl_cmd + " -f", shell=True, stdout=subprocess.PIPE)
if result.returncode != 0:
result = subprocess.run(curl_cmd, shell=True, stdout=subprocess.PIPE)
print("ERROR on key: ", key)
print(result)
if result.stdout == b'':
response_data = None
else:
response_data = json.loads(result.stdout.decode('utf-8'))
if req.get('index', None) is not None:
response_data = response_data[req['index']]
if not response_data:
continue
with open(output_path, "w") as fd:
fd.write("[source,json]\n")
fd.write("----\n")
json.dump(response_data, fd, sort_keys=True, indent=4)
fd.write("\n----\n")
def test_cancel_self_user_with_valid_token(client):
user = f.UserFactory.create()
url = reverse('users-cancel')
cancel_token = get_token_for_user(user, "cancel_account")
data = {"cancel_token": cancel_token}
client.login(user)
response = client.post(url, json.dumps(data), content_type="application/json")
assert response.status_code == 204
user = models.User.objects.get(pk=user.id)
assert user.full_name == "Deleted user"
def test_cancel_self_user_with_valid_token(client):
user = f.UserFactory.create()
url = reverse('users-cancel')
cancel_token = get_token_for_user(user, "cancel_account")
data = {"cancel_token": cancel_token}
client.login(user)
response = client.post(url, json.dumps(data), content_type="application/json")
assert response.status_code == 204
user = models.User.objects.get(pk=user.id)
assert user.full_name == "Deleted user"
def test_response_200_in_public_registration(client, settings):
settings.PUBLIC_REGISTER_ENABLED = True
form = {
"type": "public",
"username": "******",
"full_name": "martin seamus mcfly",
"email": "*****@*****.**",
"password": "******",
}
response = client.post(reverse("auth-register"), form)
assert response.status_code == 201
assert response.data["username"] == "mmcfly"
assert response.data["email"] == "*****@*****.**"
assert response.data["full_name"] == "martin seamus mcfly"
assert len(mail.outbox) == 1
assert mail.outbox[0].subject == "You've been Taigatized!"
user = models.User.objects.get(username="******")
cancel_token = get_token_for_user(user, "cancel_account")
cancel_url = resolve_front_url("cancel-account", cancel_token)
assert mail.outbox[0].body.index(cancel_url) > 0
def test_response_200_in_public_registration(client, settings):
settings.PUBLIC_REGISTER_ENABLED = True
form = {
"type": "public",
"username": "******",
"full_name": "martin seamus mcfly",
"email": "*****@*****.**",
"password": "******",
}
response = client.post(reverse("auth-register"), form)
assert response.status_code == 201
assert response.data["username"] == "mmcfly"
assert response.data["email"] == "*****@*****.**"
assert response.data["full_name"] == "martin seamus mcfly"
assert len(mail.outbox) == 1
assert mail.outbox[0].subject == "You've been Taigatized!"
user = models.User.objects.get(username="******")
cancel_token = get_token_for_user(user, "cancel_account")
cancel_url = resolve_front_url("cancel-account", cancel_token)
assert mail.outbox[0].body.index(cancel_url) > 0
def save(self, *args, **kwargs):
get_token_for_user(self, "cancel_account")
super().save(*args, **kwargs)
def save(self, *args, **kwargs):
get_token_for_user(self, "cancel_account")
super().save(*args, **kwargs)
def test_invalid_token_scope():
user = f.UserFactory.create(email="*****@*****.**")
token = get_token_for_user(user, "testing_scope")
user_from_token = get_user_for_token(token, "testing_invalid_scope")
def test_valid_token():
user = f.UserFactory.create(email="*****@*****.**")
token = get_token_for_user(user, "testing_scope")
user_from_token = get_user_for_token(token, "testing_scope")
assert user.id == user_from_token.id
def test_invalid_token_scope():
user = f.UserFactory.create(email="*****@*****.**")
token = get_token_for_user(user, "testing_scope")
get_user_for_token(token, "testing_invalid_scope")
def test_invalid_token_expiration():
user = f.UserFactory.create(email="*****@*****.**")
token = get_token_for_user(user, "testing_scope")
get_user_for_token(token, "testing_scope", max_age=1)
def test_valid_token():
user = f.UserFactory.create(email="*****@*****.**")
token = get_token_for_user(user, "testing_scope")
user_from_token = get_user_for_token(token, "testing_scope")
assert user.id == user_from_token.id
def test_invalid_token_expiration():
user = f.UserFactory.create(email="*****@*****.**")
token = get_token_for_user(user, "testing_scope")
get_user_for_token(token, "testing_scope", max_age=1)
def callback(req):
t = Token()
try:
user, _ = t.authenticate(req)
if user:
login(req, user)
except NotAuthenticated:
pass
data = req.GET.get('signedAttempt')
if not data:
return JsonResponse(
{
"_error_message":
"one or more parameter values were missing (signedAttempt)",
"_error_type": ""
},
status=400)
data = json.loads(data)
username = data['doubleName']
if not username:
return JsonResponse(
{
"_error_message": "Bad request, some params are missing",
"_error_type": ""
},
status=400)
res = requests.get(
settings.THREEBOT_URL + '/api/users/{0}'.format(username),
{'Content-Type': 'application/json'})
if res.status_code != 200:
return JsonResponse(
{
"_error_message": "Error getting user pub key",
"_error_type": ""
},
status=400)
user_pub_key = nacl.signing.VerifyKey(res.json()['publicKey'],
encoder=nacl.encoding.Base64Encoder)
pk = res.json()["publicKey"]
# verify data
signedData = data['signedAttempt']
if not signedData:
return JsonResponse(
{
"_error_message": "Bad request, some params are missing",
"_error_type": ""
},
status=400)
verifiedData = user_pub_key.verify(base64.b64decode(signedData)).decode()
data = json.loads(verifiedData)
if not data:
return JsonResponse(
{
"_error_message": "Bad request, some params are missing",
"_error_type": ""
},
status=400)
if data['doubleName'] != username:
return JsonResponse(
{
"_error_message": "Bad request, some params are missing",
"_error_type": ""
},
status=400)
# verify state
state = data['signedState']
if not state or state != req.session.get("state"):
return JsonResponse(
{
"_error_message": "Invalid state",
"_error_type": ""
}, status=400)
nonce = base64.b64decode(data['data']['nonce'])
ciphertext = base64.b64decode(data['data']['ciphertext'])
private_key = nacl.signing.SigningKey(settings.PRIVATE_KEY,
encoder=nacl.encoding.Base64Encoder)
box = Box(private_key.to_curve25519_private_key(),
user_pub_key.to_curve25519_public_key())
try:
decrypted = box.decrypt(ciphertext, nonce)
result = json.loads(decrypted)
email = result["email"]["email"]
sei = result['email']['sei']
res = requests.post(settings.OPEN_KYC_URL,
headers={'Content-Type': 'application/json'},
json={'signedEmailIdentifier': sei})
if res.status_code != 200:
return JsonResponse(
{
"_error_message": "Email not verified",
"_error_type": ""
},
status=400)
user_model = get_user_model()
users_with_email = user_model.objects.filter(email=email)
if users_with_email:
user_with_email = users_with_email[0]
else:
user_with_email = None
# Link user to 3bot login account
if req.user.is_authenticated():
user = user_model.objects.filter(id=req.user.id)[0]
if user_with_email and user_with_email.id != req.user.id:
return JsonResponse(
{
"_error_message":
"Email address is linked with another active account",
"_error_type": ""
},
status=400)
# user already linked with 3 bot login
if user.public_key:
# user linking another account
if user.public_key != pk:
user.email = email
user.public_key = pk
user.threebot_name = username.replace('.3bot', '')
user.save()
else:
# user linking their account for first time
user.email = email
user.public_key = pk
user.threebot_name = username.replace('.3bot', '')
user.save()
else:
users = user_model.objects.filter(
Q(email=email) | Q(public_key=pk))
if len(users) == 0:
# new user
username = username.replace('.3bot', '')
user = user_model(username=username,
email=email,
full_name=username,
public_key=pk)
user.is_active = True
user.public_key = pk
user.threebot_name = username
user.save()
else:
# email or public key exists
user = users[0]
if user.public_key != pk:
user.public_key = pk
user.threebot_name = username.replace('.3bot', '')
user.save()
elif user.email != email:
user.email = email
user.threebot_name = username.replace('.3bot', '')
user.save()
login(req, user)
except:
raise
serializer = UserAdminSerializer(user)
data = dict(serializer.data)
data["auth_token"] = get_token_for_user(user, "authentication")
data['public_key'] = pk
data['email'] = email
data['threebot_name'] = username.replace('.3bot', '')
data['roles'] = [role for role in data['roles']]
return JsonResponse(data)
