def participateWithPlayer(request, player_id, player): """ This code is terrible. It's just ugly. But I can't see a better way to do it. My sincerest apologies. """ def onSuccessfulPlayerAuth(activePlayer, user): #very important to check if they're banned or player is full first. #otherwise we might might mark them as actually participating if Participant.objects.filter(user=user, player=activePlayer, ban_flag=True).exists(): toReturn = HttpResponseForbidden() toReturn[FORBIDDEN_REASON_HEADER] = 'banned' return toReturn if activePlayer.IsFull: toReturn = HttpResponseForbidden() toReturn[FORBIDDEN_REASON_HEADER] = 'player-full' return toReturn obj, created = Participant.objects.get_or_create(player=activePlayer, user=user) if not created: obj.time_last_interation = datetime.now() obj.kick_flag = False obj.logout_flag = False obj.save() return HttpResponse(status=201) user = request.udjuser playerPassword = PlayerPassword.objects.filter(player=player) if playerPassword.exists(): hashedPassword = "" if not request.META.has_key('CONTENT_TYPE'): return HttpResponseBadRequest("must specify content type") elif request.META['CONTENT_TYPE'] != 'text/json': return HttpResponse("must send json", status=415) elif request.raw_post_data == '': return HttpResponseBadRequest("Bad JSON") try: password_json = json.loads(request.raw_post_data) password = password_json['password'] hashedPassword = hashPlayerPassword(password) except ValueError: return HttpResponseBadRequest('Bad JSON') if hashedPassword == playerPassword[0].password_hash: return onSuccessfulPlayerAuth(player, user) toReturn = HttpResponse(status=401) toReturn['WWW-Authenticate'] = 'player-password' return toReturn else: return onSuccessfulPlayerAuth(player, user)
def testCreatePasswordPlayer(self): playerName = "Yunyoung Player" password = '******' passwordHash = hashPlayerPassword(password) payload = {'name' : playerName, 'password' : password} response = self.doJSONPut('/players/player', payload) self.assertGoodJSONResponse(response, 201) givenPlayerId = json.loads(response.content)['id'] addedPlayer = Player.objects.get(pk=givenPlayerId) self.assertEqual(addedPlayer.name, playerName) self.assertEqual(addedPlayer.owning_user.id, 7) self.assertFalse(PlayerLocation.objects.filter(player=addedPlayer).exists()) addedPassword = PlayerPassword.objects.get(player=addedPlayer) self.assertEqual(addedPassword.password_hash, passwordHash) self.verify_permissions_set(addedPlayer)
def testSetPassword(self): newPassword = '******' response = self.doJSONPost('/players/1/password', {'password': newPassword}) self.assertEqual(response.status_code, 200) playerPassword = PlayerPassword.objects.get(player__id=1) self.assertEqual(playerPassword.password_hash, hashPlayerPassword(newPassword))