def test_check_auth_admin(db): """Method to test proper authentication & admin rights for a user""" user = create_user(email='*****@*****.**', password='******') user.is_admin = True status = AuthManager.check_auth_admin('*****@*****.**', 'password') assert True == status user = create_user(email='*****@*****.**', password='******') user.is_admin = False status = AuthManager.check_auth_admin('*****@*****.**', 'password') assert False == status
def test_check_auth_admin(self): """Method to test proper authentication & admin rights for a user""" with self.app.test_request_context(): user = create_user(email='*****@*****.**', password='******') user.is_admin = True status = AuthManager.check_auth_admin('*****@*****.**', 'password') self.assertEqual(True, status) user = create_user(email='*****@*****.**', password='******') user.is_admin = False status = AuthManager.check_auth_admin('*****@*****.**', 'password') self.assertEqual(False, status)
def decorated(*args, **kwargs): auth = request.authorization if not auth or not AuthManager.check_auth_admin(auth.username, auth.password): return make_response('Could not verify your access level for that URL.\n' 'You have to login with proper credentials', 401, {'WWW-Authenticate': 'Basic realm="Login Required"'}) return f(*args, **kwargs)