class Controller(object):
def __init__(self):
self.authentication = Authentication(database)
self.request = request
self.render = render_template
self.abort = abort
self.request = request
self.redirect = redirect
self.url_for = url_for
@staticmethod
def authentication_required(view_function):
def decorator(self, *args, **kwargs):
if not self.user_is_authenticated():
return self.prompt_for_password()
return view_function(self, *args, **kwargs)
return decorator
def user_is_authenticated(self):
request_header = request.headers.get('Authorization')
if not self.authentication.is_valid_authentication_format(request_header):
return False
encoded_credentials = self.authentication.extract_encoded_credentials(request_header)
decoded_credentials = self.authentication.decode_credentials(encoded_credentials)
credentials = self.authentication.split_credentials(decoded_credentials)
return self.authentication.verify_credentials(credentials['username'], credentials['password'])
def prompt_for_password(self):
response = make_response(self.render('admin/unauthenticated.html'), 401)
response_header = self.authentication.authenticate_response_header()
response.headers['WWW-Authenticate'] = response_header
return response
def test_authentication_controller_can_verify_credentials_of_user(self, mock_look_up_user):
authentication_controller = Authentication()
mock_user = MagicMock()
mock_user.checkCredentials.return_value = True
mock_look_up_user.return_value = mock_user
self.assertEqual(authentication_controller.verify_credentials('*****@*****.**', 'password123'), True)
