def testAuth(self): client = Client() response = client.post('/udj/auth/', {'username': '******', 'password' : 'onetest'}) self.assertEqual(response.status_code, 200) self.assertTrue(response.has_header(getTicketHeader())) self.assertTrue(response.has_header(getUserIdHeader())) testUser = User.objects.filter(username='******') self.assertEqual( int(response.__getitem__(getUserIdHeader())), testUser[0].id) ticket = Ticket.objects.filter(user=testUser) self.assertEqual(response.__getitem__(getTicketHeader()), ticket[0].ticket_hash)
def authenticate(request): if not validAuthRequest(request): return HttpResponseBadRequest() userToAuth = get_object_or_404(User, username=request.POST['username']) if userToAuth.check_password(request.POST['password']): ticket = getTicketForUser(userToAuth, request.META['REMOTE_ADDR']) response = HttpResponse() response[getTicketHeader()] = ticket.ticket_hash response[getUserIdHeader()] = userToAuth.id return response else: return HttpResponseForbidden()
def testDoubleTicket(self): client = Client() response = client.post( '/udj/auth', {'username': '******', 'password' : 'twotest'}) self.assertEqual(response.status_code, 200) self.assertTrue(response.has_header(getTicketHeader())) self.assertTrue(response.has_header(getUserIdHeader())) testUser = User.objects.filter(username='******') self.assertEqual( int(response.__getitem__(getUserIdHeader())), testUser[0].id) ticket = Ticket.objects.get(user=testUser) firstTicket = response[getTicketHeader()] firstTime = ticket.time_issued self.assertEqual(firstTicket, ticket.ticket_hash) response = client.post( '/udj/auth', {'username': '******', 'password' : 'twotest'}) ticket = Ticket.objects.get(user=testUser) secondTicket = response[getTicketHeader()] secondTime = ticket.time_issued self.assertNotEqual(firstTicket, secondTicket) self.assertEqual(secondTicket, ticket.ticket_hash) self.assertTrue(secondTime > firstTime)
def authenticate(request): logging.debug("in authenticate, checking for valid auth request") if not validAuthRequest(request): return HttpResponseBadRequest() userToAuth = get_object_or_404(User, username=request.POST['username']) logging.debug("In auth, past getting user") if userToAuth.check_password(request.POST['password']): logging.debug("password checked") ticket = getTicketForUser(userToAuth, request.META['REMOTE_ADDR']) response = HttpResponse() response[getTicketHeader()] = ticket.ticket_hash response[getUserIdHeader()] = userToAuth.id return response else: return HttpResponseForbidden()
def setUp(self): response = self.client.post( '/udj/auth', {'username': self.username, 'password' : self.userpass}) self.assertEqual(response.status_code, 200) self.ticket_hash = response.__getitem__(getTicketHeader()) self.user_id = response.__getitem__(getUserIdHeader())
def setUp(self): response = self.client.post( '/udj/auth/', {'username': self.username, 'password' : self.userpass}) self.ticket_hash = response.__getitem__(getTicketHeader()) self.user_id = response.__getitem__(getUserIdHeader())