def check_user_from_jwt_header(request):
print('/operation/read with request:{}'.format(request))
print('/operation/read with request.headers:{}'.format(request.headers))
message = None
status = None
user = None
try:
header_jwt = request.headers['Authorization']
print('header_jwt:{}'.format(header_jwt))
except KeyError as e:
print('e:{}'.format(e))
message = 'No JWT in headers'
status = 400
return user, message, status
manager = UserManager(db)
try:
user = manager.read_with_jwt(header_jwt)
print('user:{}'.format(user))
except UserNotFoundError as e:
message = str(e)
status = 404
except jwt_util.InvalidJWTError as e:
message = str(e)
status = 400
print('user:{}, message:{}, status:{}'.format(user, message, status))
return user, message, status
def test_create_and_delete_guest_user(self):
log.info('---------- test_create_and_delete_guest_user ----------')
user = self.test_create_guest_user()
self.test_read_all()
manager = UserManager(db)
manager.delete(user)
log.info('===== updated user:{} =========='.format(user))
self.test_read_all()
def test_read_all(self):
log.info('---------- test_read_all ----------')
manager = UserManager(db)
user_read_list = manager.read_all()
log.info('===== S all users with len:{} ====='.format(len(user_read_list)))
for user_read in user_read_list:
log.info('===== read user_id:{}, user_read:{} =========='.format(user_read.user_id, user_read))
log.info('===== E all users =====')
def signin():
user_id_or_email = None
password = None
if request.method == 'GET':
logger.info('GET with request.args: {}'.format(request.args))
user_id_or_email = request.args.get('user_id_or_email', default='', type=str)
password = request.args.get('password', default='', type=str)
elif request.method == 'POST':
json_data = request.get_json()
logger.info('POST with request.get_json: {}'.format(json_data))
user_id_or_email = json_data.get('user_id_or_email')
password = json_data.get('password')
# logger.info('POST with request.form: {}'.format(request.form))
# user_id_or_email = request.form['user_id_or_email']
# password = request.form['password']
message = None
status = None
user = None
manager = UserManager(db)
try:
user = manager.read(user_id_or_email)
print('user read:{}'.format(user))
except UserNotFoundError as e:
message = str(e)
status = 404
except jwt_util.InvalidJWTError as e:
message = str(e)
status = 400
except TimeoutError as e:
message = str(e)
status = 500
print('user:{}, message:{}, status:{}'.format(user, message, status))
if status is not None:
return generate_error_output(message, status)
jwt = user.signin(password)
print('jwt:{}'.format(jwt))
if jwt is None:
message = 'Invalid user id or email or password'
status = 404
return generate_error_output(message, status)
ret_data = {}
ret_data['jwt'] = jwt
message = 'sucess'
return_data = {
'message': message,
'data': ret_data
}
status = 200
return generate_output('result.html', return_data, status)
def test_create_guest_user(self):
log.info('---------- test_create_guest_user ----------')
manager = UserManager(db)
user = User()
user.user_id = '*** change for your environment ***'
user.user_name = 'Guest'
user.password = '******'
manager.update(user)
log.info('===== updated user:{} =========='.format(user))
return user
def test_read_with_jwt(self):
log.info('---------- test_signin ----------')
manager = UserManager(db)
# signin with guest user
guest_jwt = self.test_signin()
log.info('guest_jwt:{}'.format(guest_jwt))
user = manager.read_with_jwt(guest_jwt)
log.info('===== read user:{} ====='.format(user))
assert user.user_id == '*** change for your environment ***'
# with error
invalid_signature_jwt = '{}{}'.format(guest_jwt[:-2], 'XX')
log.info('invalid_signature_jwt:{}'.format(invalid_signature_jwt))
try:
user = manager.read_with_jwt(invalid_signature_jwt)
assert 'Not OK witount InvalidJWTError' is None
except jwt_util.InvalidJWTError as e:
log.info('OK with e:{}'.format(e))
# no use
log.info('temporary delete guest user')
manager.delete(user)
try:
user = manager.read_with_jwt(guest_jwt)
assert 'Not OK witount UserNotFoundError' is None
except UserNotFoundError as e:
log.info('OK with e:{}'.format(e))
log.info('re-create guest user')
user = self.test_create_guest_user()
def test_signin(self):
log.info('---------- test_signin ----------')
manager = UserManager(db)
user = self.test_create_guest_user()
jwt = user.signin('hoge')
assert jwt is None
plane_password = '******'
jwt = user.signin(plane_password)
log.info('signin returns jwt:{}'.format(jwt))
assert jwt is not None
assert jwt_util.check_jwt(jwt)
return jwt