def setUp(self): """Test setup; is called before every unit test""" from api.app import app self.client = TestClient(app) # Create a document in the database for the test user. UsersDb.save_new_user(user_id=TEST_USER_ID, user=TEST_USER_STORED) AnamnesisDb.set_anamnesis(TEST_USER_ID, TEST_USER_ANAMNESIS) RecordsDb.set_record(TEST_USER_ID, TEST_USER_RECORD_1) RecordsDb.set_record(TEST_USER_ID, TEST_USER_RECORD_2)
def setUp(self): """Test setup; is called before every unit test""" from api.app import app self.client = TestClient(app) # Create a document in the database for the test user. UsersDb.save_new_user(user_id=generate_uuid(), user=UserStored( username=TEST_USER_NAME, password=hash_pw(TEST_USER_PW), time_created=get_timestamp(), usage_purpose=PURPOSE_PRIVATE_ID))
def test_validate_access_token(self): user = TestAuthFunctions.generate_test_user() user_id = functions.generate_uuid() payload = { 'iss': 'https://coronalog.de/auth', 'sub': user_id, 'iat': functions.get_timestamp(), 'exp': functions.get_timestamp( functions.AUTH_CONFIG['access_token']['lifetime'] ), 'username': user.username, 'roles': ['user'] } UsersDb.save_new_user(user_id, user) token = jwt.encode(payload, functions.AUTH_CONFIG['access_token']['secret'], algorithm=functions.AUTH_CONFIG['access_token']['sign_alg']) dec_user_id, dec_user = functions.validate_access_token(token, 'user') assert dec_user.username == user.username assert dec_user.password == user.password assert dec_user.time_created == user.time_created assert dec_user.usage_purpose == user.usage_purpose assert dec_user_id == user_id
def test_authenticate_user_by_cookies(self): test_user_stored = TestAuthFunctions.generate_test_user() test_user_id = functions.generate_uuid() UsersDb.save_new_user( user_id=test_user_id, user=test_user_stored ) #generate token token = functions.generate_access_token(test_user_id, test_user_stored) header, payload, signature = token.decode().split('.') cookies = { functions.AUTH_CONFIG['access_token']['body_cookie_key']: '.'.join((header, payload)), functions.AUTH_CONFIG['access_token']['signature_cookie_key']: signature } val_user_id, val_user = functions.authenticate_user_by_cookies(cookies) assert val_user.username == test_user_stored.username assert val_user.password == test_user_stored.password assert val_user.usage_purpose == test_user_stored.usage_purpose assert val_user.time_created == test_user_stored.time_created assert val_user_id == test_user_id
def do_signup_logic(response: Response, username: str, password: str, usage_purpose: str) -> UserLoginBody: # check if valid usage_purpose was submitted all_purps: Sequence = UsagePurposesDb.get_all() valid_purpose = False for purp_ref in all_purps: if purp_ref.value == usage_purpose: valid_purpose = True break if not valid_purpose: raise errors.InvalidUsagePurposeException( f'Usage purpose id {usage_purpose} is invalid') # check if user already exists user_exists, _ = UsersDb.username_exists(username) if user_exists: raise errors.UserAlreadyExistsException( f'Bad request: {username} already exists.') # create new user new_user: UserStored = UserStored(username=username, password=auth.hash_pw(password), time_created=auth.get_timestamp(), usage_purpose=usage_purpose) user_id = auth.generate_uuid() # create access token generate_and_set_access_token(response, user_id, new_user) # save newly created user only if all steps up until now were successful UsersDb.save_new_user(user_id, new_user) return UserLoginBody( username=username, expires_in=auth.AUTH_CONFIG['access_token']['lifetime'])