def testBugDefaultPasswd(self):
""" Login via LDAP (this creates user profile and up to 1.7.0rc1 it put
a default password there), then try logging in via moin login using
that default password or an empty password.
"""
# do a LDAPAuth login (as a side effect, this autocreates the user profile):
u1 = handle_login(None, username='******', password='******')
assert u1 is not None
assert u1.valid
# now we kill the LDAP server:
#self.ldap_env.slapd.stop()
# now try a MoinAuth login:
# try the default password that worked in 1.7 up to rc1:
u2 = handle_login(None, username='******', password='******')
assert u2 is None
# try using no password:
u2 = handle_login(None, username='******', password='')
assert u2 is None
# try using wrong password:
u2 = handle_login(None, username='******', password='******')
assert u2 is None
def testBugDefaultPasswd(self):
""" Login via LDAP (this creates user profile and up to 1.7.0rc1 it put
a default password there), then try logging in via moin login using
that default password or an empty password.
"""
# do a LDAPAuth login (as a side effect, this autocreates the user profile):
u1 = handle_login(None, username='******', password='******')
assert u1 is not None
assert u1.valid
# now we kill the LDAP server:
#self.ldap_env.slapd.stop()
# now try a MoinAuth login:
# try the default password that worked in 1.7 up to rc1:
u2 = handle_login(None, username='******', password='******')
assert u2 is None
# try using no password:
u2 = handle_login(None, username='******', password='')
assert u2 is None
# try using wrong password:
u2 = handle_login(None, username='******', password='******')
assert u2 is None
def test_handle_login():
# no messages in the beginning
assert not flaskg._login_messages
test_user1 = handle_login(flaskg.user,
login_username='******',
login_password='******',
stage='moin')
test_login_message = [u'Invalid username or password.']
assert flaskg._login_messages == test_login_message
assert test_user1.name0 == ANON
assert not test_user1.valid
# pop the message
flaskg._login_messages.pop()
# try with a valid user
givenauth_obj = GivenAuth()
flaskg.user.auth_method = 'given'
givenauth_obj.user_name = u'Test_User'
create_user(u'Test_User', u'test_pass', u'*****@*****.**')
test_user, bool_value = givenauth_obj.request(flaskg.user)
test_user2 = handle_login(test_user,
login_username='******',
login_password='******',
stage='moin')
assert not flaskg._login_messages
assert test_user2.name == [
u'Test_User',
]
assert test_user2.valid
def testMoinLDAPFailOver(self):
""" Try if it does a failover to a secondary LDAP, if the primary fails. """
# authenticate user (with primary slapd):
u1 = handle_login(None, username='******', password='******')
assert u1 is not None
assert u1.valid
# now we kill our primary LDAP server:
self.ldap_envs[0].slapd.stop()
# try if we can still authenticate (with the second slapd):
u2 = handle_login(None, username='******', password='******')
assert u2 is not None
assert u2.valid
def testMoinLDAPFailOver(self):
""" Try if it does a failover to a secondary LDAP, if the primary fails. """
# authenticate user (with primary slapd):
u1 = handle_login(None, username='******', password='******')
assert u1 is not None
assert u1.valid
# now we kill our primary LDAP server:
self.ldap_envs[0].slapd.stop()
# try if we can still authenticate (with the second slapd):
u2 = handle_login(None, username='******', password='******')
assert u2 is not None
assert u2.valid
def setup_user(context, session):
""" Try to retrieve a valid user object from the request, be it
either through the session or through a login. """
# first try setting up from session
userobj = auth.setup_from_session(context, session)
userobj, olduser = auth.setup_setuid(context, userobj)
context._setuid_real_user = olduser
# then handle login/logout forms
form = context.request.values
if 'login' in form:
params = {
'username': form.get('name'),
'password': form.get('password'),
'attended': True,
'openid_identifier': form.get('openid_identifier'),
'stage': form.get('stage')
}
userobj = auth.handle_login(context, userobj, **params)
elif 'logout' in form:
userobj = auth.handle_logout(context, userobj)
else:
userobj = auth.handle_request(context, userobj)
# if we still have no user obj, create a dummy:
if not userobj:
userobj = user.User(context, auth_method='invalid')
return userobj
def setup_user(context, session):
""" Try to retrieve a valid user object from the request, be it
either through the session or through a login. """
# first try setting up from session
userobj = auth.setup_from_session(context, session)
userobj, olduser = auth.setup_setuid(context, userobj)
context._setuid_real_user = olduser
# then handle login/logout forms
form = context.request.values
if 'login' in form:
params = {
'username': form.get('name'),
'password': form.get('password'),
'attended': True,
'openid_identifier': form.get('openid_identifier'),
'stage': form.get('stage')
}
userobj = auth.handle_login(context, userobj, **params)
elif 'logout' in form:
userobj = auth.handle_logout(context, userobj)
else:
userobj = auth.handle_request(context, userobj)
# if we still have no user obj, create a dummy:
if not userobj:
userobj = user.User(context, auth_method='invalid')
return userobj
def setup_user():
"""
Try to retrieve a valid user object from the request, be it
either through the session or through a login.
"""
# init some stuff for auth processing:
flaskg._login_multistage = None
flaskg._login_multistage_name = None
flaskg._login_messages = []
# first try setting up from session
userobj = auth.setup_from_session()
# then handle login/logout forms
form = request.values.to_dict()
if 'login_submit' in form:
# this is a real form, submitted by POST
userobj = auth.handle_login(userobj, **form)
elif 'logout_submit' in form:
# currently just a GET link
userobj = auth.handle_logout(userobj)
else:
userobj = auth.handle_request(userobj)
# if we still have no user obj, create a dummy:
if not userobj:
userobj = user.User(name=ANON, auth_method='invalid')
# if we have a valid user we store it in the session
if userobj.valid:
session['user.itemid'] = userobj.itemid
session['user.trusted'] = userobj.trusted
session['user.auth_method'] = userobj.auth_method
session['user.auth_attribs'] = userobj.auth_attribs
session['user.session_token'] = userobj.get_session_token()
return userobj
def setup_user():
"""
Try to retrieve a valid user object from the request, be it
either through the session or through a login.
"""
# init some stuff for auth processing:
flaskg._login_multistage = None
flaskg._login_multistage_name = None
flaskg._login_messages = []
# first try setting up from session
userobj = auth.setup_from_session()
# then handle login/logout forms
form = request.values.to_dict()
if 'login_submit' in form:
# this is a real form, submitted by POST
userobj = auth.handle_login(userobj, **form)
elif 'logout_submit' in form:
# currently just a GET link
userobj = auth.handle_logout(userobj)
else:
userobj = auth.handle_request(userobj)
# if we still have no user obj, create a dummy:
if not userobj:
userobj = user.User(name=ANON, auth_method='invalid')
# if we have a valid user we store it in the session
if userobj.valid:
session['user.itemid'] = userobj.itemid
session['user.trusted'] = userobj.trusted
session['user.auth_method'] = userobj.auth_method
session['user.auth_attribs'] = userobj.auth_attribs
session['user.session_token'] = userobj.get_session_token()
return userobj
def setup_user(context, session):
""" Try to retrieve a valid user object from the request, be it
either through the session or through a login. """
# first try setting up from session
userobj = auth.setup_from_session(context, session)
userobj, olduser = auth.setup_setuid(context, userobj)
context._setuid_real_user = olduser
# then handle login/logout forms
form = context.request.values
if "login" in form:
params = {
"username": form.get("name"),
"password": form.get("password"),
"attended": True,
"openid_identifier": form.get("openid_identifier"),
"stage": form.get("stage"),
}
userobj = auth.handle_login(context, userobj, **params)
elif "logout" in form:
userobj = auth.handle_logout(context, userobj)
else:
userobj = auth.handle_request(context, userobj)
# if we still have no user obj, create a dummy:
if not userobj:
userobj = user.User(context, auth_method="invalid")
return userobj
def xmlrpc_getAuthToken(self, username, password, *args):
"""
Returns a token which can be used for authentication
in other XMLRPC calls. If the token is empty, the username
or the password were wrong.
Implementation note: token is same as cookie content would be for http session
"""
request = self.request
request.session = request.cfg.session_service.get_session(request)
u = auth.setup_from_session(request, request.session)
login_required = is_login_required(request)
if login_required:
u = auth.handle_login(request,
u,
username=username,
password=password)
else:
u = request.user
if u and u.valid:
request.user = u
request.cfg.session_service.finalize(request, request.session)
return request.session.sid
else:
return ""
def xmlrpc_getAuthToken(self, username, password, *args):
"""
Returns a token which can be used for authentication
in other XMLRPC calls. If the token is empty, the username
or the password were wrong.
Implementation note: token is same as cookie content would be for http session
"""
request = self.request
request.session = request.cfg.session_service.get_session(request)
u = auth.setup_from_session(request, request.session)
login_required = is_login_required(request)
if login_required:
u = auth.handle_login(request, u, username=username,
password=password)
else:
u = request.user
if u and u.valid:
request.user = u
request.cfg.session_service.finalize(request, request.session)
return request.session.sid
else:
return ""
def test_handle_login():
# no messages in the beginning
assert not flaskg._login_messages
test_user1 = handle_login(flaskg.user, login_username='******', login_password='******', stage='moin')
test_login_message = [u'Invalid username or password.']
assert flaskg._login_messages == test_login_message
assert test_user1.name0 == ANON
assert not test_user1.valid
# pop the message
flaskg._login_messages.pop()
# try with a valid user
givenauth_obj = GivenAuth()
flaskg.user.auth_method = 'given'
givenauth_obj.user_name = u'Test_User'
create_user(u'Test_User', u'test_pass', u'*****@*****.**')
test_user, bool_value = givenauth_obj.request(flaskg.user)
test_user2 = handle_login(test_user, login_username='******', login_password='******', stage='moin')
assert not flaskg._login_messages
assert test_user2.name == [u'Test_User', ]
assert test_user2.valid
def testMoinLDAPLogin(self):
""" Just try accessing the LDAP server and see if usera and userb are in LDAP. """
# tests that must not authenticate:
u = handle_login(self.request, None, username='', password='')
assert u is None
u = handle_login(self.request, None, username='******', password='')
assert u is None
u = handle_login(self.request,
None,
username='******',
password='******')
assert u is None
u = handle_login(self.request,
None,
username='******',
password='******')
assert u is None
# tests that must authenticate:
u1 = handle_login(self.request,
None,
username='******',
password='******')
assert u1 is not None
assert u1.valid
u2 = handle_login(self.request,
None,
username='******',
password='******')
assert u2 is not None
assert u2.valid
# check if usera and userb have different ids:
assert u1.id != u2.id
def testMoinLDAPLogin(self):
""" Just try accessing the LDAP server and see if usera and userb are in LDAP. """
# tests that must not authenticate:
u = handle_login(None, username='', password='')
assert u is None
u = handle_login(None, username='******', password='')
assert u is None
u = handle_login(None, username='******', password='******')
assert u is None
u = handle_login(None, username='******', password='******')
assert u is None
# tests that must authenticate:
u1 = handle_login(None, username='******', password='******')
assert u1 is not None
assert u1.valid
u2 = handle_login(None, username='******', password='******')
assert u2 is not None
assert u2.valid
# check if usera and userb have different ids:
assert u1.id != u2.id