예제 #1
0
 def test_encrypt_decrypt(text):
     encrypted = cryptutil.encrypt(text)
     self.assertNotEqual(text, encrypted,
         "encrypted text (%s) should not match original (%s)" % (encrypted, text))
     decrypted = cryptutil.decrypt(encrypted)
     self.assertEqual(text, decrypted,
         "decrypted text (%s) should match original encrypted text (%s)" % (decrypted, text))
예제 #2
0
    def __init__(self, username=None, password=None, request=None):
        if request is not None and request.user.is_authenticated() and \
           FEDORA_PASSWORD_SESSION_KEY in request.session:
                username = request.user.username
                password = cryptutil.decrypt(request.session[FEDORA_PASSWORD_SESSION_KEY])            
        else:
            if username is None and hasattr(settings, 'FEDORA_USER'):
                username = settings.FEDORA_USER
                # look for FEDORA_PASSWORD first
                if password is None and hasattr(settings, 'FEDORA_PASSWORD'):
                    password = settings.FEDORA_PASSWORD
                # then look for FEDORA_PASS, but warn if it is present
                elif password is None and hasattr(settings, 'FEDORA_PASS'):
                    password = settings.FEDORA_PASS
                    # this method should no longer be needed - default pid logic moved to DigitalObject
                    warnings.warn("""For security reasons, you should use FEDORA_PASSWORD instead of FEDORA_PASS for Fedora credentials in your django settings.  The FEDORA_PASS setting is deprecated.""",
                      DeprecationWarning)

        super(Repository, self).__init__(_connection, username, password)

        if hasattr(settings, 'FEDORA_PIDSPACE'):
            self.default_pidspace = settings.FEDORA_PIDSPACE
예제 #3
0
    def test_login_and_store_credentials_in_session(self):
        # only testing custom logic, which happens on POST
        # everything else is handled by django.contrib.auth
        from mock import Mock, patch
        mockrequest = Mock()
        mockrequest.method = 'POST'

        def not_logged_in(rqst):
            rqst.user.is_authenticated.return_value = False
            
        def set_logged_in(rqst):
            rqst.user.is_authenticated.return_value = True
            rqst.POST.get.return_value = "TEST_PASSWORD"
        
        # failed login
        with patch('eulcore.django.fedora.views.authviews.login',
                   new=Mock(side_effect=not_logged_in)):
            mockrequest.session = dict()
            response = login_and_store_credentials_in_session(mockrequest)
            self.assert_(FEDORA_PASSWORD_SESSION_KEY not in mockrequest.session,
                         'user password for fedora should not be stored in session on failed login')

        # successful login
        with patch('eulcore.django.fedora.views.authviews.login',
                   new=Mock(side_effect=set_logged_in)):
            response = login_and_store_credentials_in_session(mockrequest)
            self.assert_(FEDORA_PASSWORD_SESSION_KEY in mockrequest.session,
                         'user password for fedora should be stored in session on successful login')
            # test password stored in the mock request
            pwd = mockrequest.POST.get()
            # encrypted password stored in session
            sessionpwd = mockrequest.session[FEDORA_PASSWORD_SESSION_KEY]  
            self.assertNotEqual(pwd, sessionpwd,
                                'password should not be stored in the session without encryption')
            self.assertEqual(pwd, cryptutil.decrypt(sessionpwd),
                             'user password stored in session is encrypted')