def test_login_discourse_success(self): # noqa See https://meta.discourse.org/t/official-single-sign-on-for-discourse/13045 sso = "bm9uY2U9Y2I2ODI1MWVlZmI1MjExZTU4YzAwZmYxMzk1ZjBjMGI%3D%0A" sig = "2828aa29899722b35a2f191d34ef9b3ce695e0e6eeec47deb46d588d70c7cb56" # noqa moderator = self.session.query(User).filter( User.username == 'moderator').one() redirect1 = discourse_redirect(moderator, sso, sig, self.settings) body = self.login('moderator', sso=sso, sig=sig).json self.assertTrue('token' in body) redirect2 = body['redirect'] self.assertEqual(redirect1, redirect2)
def post(self): request = self.request username = request.validated['username'] password = request.validated['password'] user = DBSession.query(User). \ filter(User.username == username).first() token = try_login(user, password, request) if user else None if token: response = token_to_response(user, token, request) if 'sso' in request.json and 'sig' in request.json: sso = request.json['sso'] sig = request.json['sig'] settings = request.registry.settings redirect = discourse_redirect(user, sso, sig, settings) response['redirect'] = redirect return response else: request.errors.status = 403 request.errors.add('body', 'user', 'Login failed') return None