def test_verify_identity_directive(): class app(morepath.App): pass @app.verify_identity() def verify_identity(identity): return identity.password == 'right' identity = morepath.Identity('foo', password='******') assert not generic.verify_identity(identity, lookup=app().lookup) identity = morepath.Identity('foo', password='******') assert generic.verify_identity(identity, lookup=app().lookup)
def test_verify_identity_directive(): class app(morepath.App): pass @app.verify_identity() def verify_identity(identity): return identity.password == "right" identity = morepath.Identity("foo", password="******") assert not app()._verify_identity(identity) identity = morepath.Identity("foo", password="******") assert app()._verify_identity(identity)
def test_verify_identity_directive_app_arg(): class App(morepath.App): pass @App.verify_identity() def verify_identity(app, identity): assert isinstance(app, App) return identity.password == "right" identity = morepath.Identity("foo", password="******") assert not App()._verify_identity(identity) identity = morepath.Identity("foo", password="******") assert App()._verify_identity(identity)
def test_verify_identity_directive_app_arg(): class App(morepath.App): pass @App.verify_identity() def verify_identity(app, identity): assert isinstance(app, App) return identity.password == 'right' identity = morepath.Identity('foo', password='******') assert not App()._verify_identity(identity) identity = morepath.Identity('foo', password='******') assert App()._verify_identity(identity)
def test_default_verify_identity(): class app(morepath.App): pass identity = morepath.Identity("foo") assert not app()._verify_identity(identity)
def test_custom_policy(): class CustomIdentityPolicy(IdentityPolicy): required_keys = ('userid', 'role') ip = CustomIdentityPolicy() identity = morepath.Identity(userid='aaron', role='admin') request = TestRequest() response = TestResponse() ip.remember(response, request, identity) assert response.cookies['userid'].startswith(b'aaron.') assert response.cookies['role'].startswith(b'admin.') assert response.cookie_args['userid'] == response.cookie_args['role'] == { 'max_age': 3600, 'secure': True, 'httponly': True } request.cookies = response.cookies assert ip.identify(request).userid == 'aaron' assert ip.identify(request).role == 'admin' del request.cookies['role'] assert ip.identify(request) is None ip.forget(response, request) assert response.cookies == {}
def remember(response): """Remember the identity of the user logged in.""" # We pass the extra info to the identity object. response.headers.add('Access-Control-Expose-Headers', 'Authorization') identity = morepath.Identity(user.userid) request.app.remember_identity(response, request, identity)
def test_default_verify_identity(): class app(morepath.App): pass identity = morepath.Identity('foo') assert not generic.verify_identity(identity, lookup=app().lookup)
def remember(response): """Remember the identity of the user logged in.""" # We pass the extra info to the identity object. response.headers.add("Access-Control-Expose-Headers", "Authorization") u = collection.get_by_username(username) identity = morepath.Identity(u.userid) request.app.remember_identity(response, request, identity)
def remember(response): # Checks if user is member of Admin group. is_admin = Group.get(name="Admin") in user.groups identity = morepath.Identity( email, nickname=user.nickname, isAdmin=is_admin, uid=request.class_link(User, variables={"id": user.id}), ) request.app.remember_identity(response, request, identity)
def test_policy(): ip = IdentityPolicy() identity = morepath.Identity(userid='aaron', role='admin') request = TestRequest() response = TestResponse() ip.remember(response, request, identity) assert 'userid' in response.cookies assert 'role' not in response.cookies
def test_identity(): txn = DummyTransaction() request = DummyRequest() request.identity = morepath.Identity("foo") def handler(request): return DummyResponse() publish = transaction_tween_factory(DummyApp(), handler, txn) publish(request) assert txn.username == ":foo"
def test_verify_identity_directive_identity_argument(): class app(morepath.App): pass class PlainIdentity(morepath.Identity): pass @app.verify_identity(identity=object) def verify_identity(identity): return False @app.verify_identity(identity=PlainIdentity) def verify_plain_identity(identity): return identity.password == "right" identity = PlainIdentity("foo", password="******") assert not app()._verify_identity(identity) identity = morepath.Identity("foo", password="******") assert not app()._verify_identity(identity) identity = PlainIdentity("foo", password="******") assert app()._verify_identity(identity)
def view_login_post(self, request): # pylint: disable=unused-argument """Valida usuario y contraseña y genera JWT, que se envía en una cabecera Authorization""" email = request.json.get("email", "").lower() password = request.json.get("password") quien = model.Profesor.get(email=email) if (not quien or not password or not email or not bcrypt.verify(password, quien.password)): raise HTTPUnauthorized('Nombre de usuario o contraseña no válidos') identidad = morepath.Identity(email, nombre=quien.nombre, id=quien.id, role=quien.role) @request.after def enviar_jwt_a_cliente(response): # pylint: disable=unused-variable """Esta función se ejecutará una vez la petición ha sido procesada sin errores. Añadirá la cabecera Authority con el JWT""" request.app.remember_identity(response, request, identidad) fake_response = Response() request.app.remember_identity(fake_response, request, identidad) return fake_response.headers['Authorization']
def identify(self, request): return morepath.Identity('testidentity')
def remember(response): identity = morepath.Identity(user.id, user=user) request.app.root.remember_identity(response, request, identity)
def identity(): user = Munch(id=1) return morepath.Identity(userid=user.id, user=user)
def identity(self): return morepath.Identity(self.userid)