def test_login_and_store_credentials_in_session(self):
# only testing custom logic, which happens on POST
# everything else is handled by django.contrib.auth
mockrequest = Mock()
mockrequest.method = 'POST'
def not_logged_in(rqst):
rqst.user.is_authenticated.return_value = False
def set_logged_in(rqst):
rqst.user.is_authenticated.return_value = True
rqst.POST.get.return_value = "TEST_PASSWORD"
# failed login
with patch('eulfedora.views.authviews.login',
new=Mock(side_effect=not_logged_in)):
mockrequest.session = dict()
response = login_and_store_credentials_in_session(mockrequest)
self.assert_(FEDORA_PASSWORD_SESSION_KEY not in mockrequest.session,
'user password for fedora should not be stored in session on failed login')
# successful login
with patch('eulfedora.views.authviews.login',
new=Mock(side_effect=set_logged_in)):
response = login_and_store_credentials_in_session(mockrequest)
self.assert_(FEDORA_PASSWORD_SESSION_KEY in mockrequest.session,
'user password for fedora should be stored in session on successful login')
# test password stored in the mock request
pwd = mockrequest.POST.get()
# encrypted password stored in session
sessionpwd = mockrequest.session[FEDORA_PASSWORD_SESSION_KEY]
self.assertNotEqual(pwd, sessionpwd,
'password should not be stored in the session without encryption')
self.assertEqual(pwd, cryptutil.decrypt(sessionpwd),
'user password stored in session is encrypted')
def test_encrypt_decrypt(text):
encrypted = cryptutil.encrypt(text)
self.assertNotEqual(text, encrypted,
"encrypted text should not match original")
decrypted = cryptutil.decrypt(encrypted)
self.assertEqual(text, force_text(decrypted),
"decrypted text (%s) should match original encrypted text (%s)" % (force_text(decrypted), text))
def test_encrypt_decrypt(text):
encrypted = cryptutil.encrypt(text)
self.assertNotEqual(text, encrypted,
"encrypted text should not match original")
decrypted = cryptutil.decrypt(encrypted)
self.assertEqual(
text, force_text(decrypted),
"decrypted text (%s) should match original encrypted text (%s)"
% (force_text(decrypted), text))
def __init__(self, root=None, username=None, password=None, request=None,
retries=default_retry_option):
# when initialized via django, settings should be pulled from django conf
if root is None:
try:
from django.conf import settings
from eulfedora import cryptutil
root = getattr(settings, 'FEDORA_ROOT', None)
if root is None:
raise Exception('Cannot initialize a Fedora connection without specifying ' +
'Fedora root url directly or in Django settings as FEDORA_ROOT')
# if username and password are not set, attempt to pull from django conf
if username is None and password is None:
if request is not None and request.user.is_authenticated() and \
FEDORA_PASSWORD_SESSION_KEY in request.session:
username = request.user.username
password = cryptutil.decrypt(request.session[FEDORA_PASSWORD_SESSION_KEY])
if username is None and hasattr(settings, 'FEDORA_USER'):
username = settings.FEDORA_USER
if password is None and hasattr(settings, 'FEDORA_PASSWORD'):
password = settings.FEDORA_PASSWORD
if hasattr(settings, 'FEDORA_PIDSPACE'):
self.default_pidspace = settings.FEDORA_PIDSPACE
# if retries is specified in
if hasattr(settings, 'FEDORA_CONNECTION_RETRIES'):
self.retries = settings.FEDORA_CONNECTION_RETRIES
except ImportError:
pass
# if retries is specified in init options, that should override
# default value or django setting
if retries is not self.default_retry_option:
self.retries = retries
if root is None:
raise Exception('Could not determine Fedora root url from django settings or parameter')
logger.debug("Connecting to fedora at %s %s", root,
'as %s' % username if username
else '(no user credentials)')
self.api = ApiFacade(root, username, password)
self.fedora_root = self.api.base_url
self.username = username
self.password = password
self._risearch = None
def __init__(self, root=None, username=None, password=None, request=None,
retries=default_retry_option):
# when initialized via django, settings should be pulled from django conf
if root is None:
try:
from django.conf import settings
from eulfedora import cryptutil
root = getattr(settings, 'FEDORA_ROOT', None)
if root is None:
raise Exception('Cannot initialize a Fedora connection without specifying ' +
'Fedora root url directly or in Django settings as FEDORA_ROOT')
# if username and password are not set, attempt to pull from django conf
if username is None and password is None:
if request is not None and request.user.is_authenticated() and \
FEDORA_PASSWORD_SESSION_KEY in request.session:
username = request.user.username
password = cryptutil.decrypt(request.session[FEDORA_PASSWORD_SESSION_KEY])
if username is None and hasattr(settings, 'FEDORA_USER'):
username = settings.FEDORA_USER
if password is None and hasattr(settings, 'FEDORA_PASSWORD'):
password = settings.FEDORA_PASSWORD
if hasattr(settings, 'FEDORA_PIDSPACE'):
self.default_pidspace = settings.FEDORA_PIDSPACE
# if retries is specified in
if hasattr(settings, 'FEDORA_CONNECTION_RETRIES'):
self.retries = settings.FEDORA_CONNECTION_RETRIES
except ImportError:
pass
# if retries is specified in init options, that should override
# default value or django setting
if retries is not self.default_retry_option:
self.retries = retries
if root is None:
raise Exception('Could not determine Fedora root url from django settings or parameter')
logger.debug("Connecting to fedora at %s %s" % (root,
'as %s' % username if username else '(no user credentials)'))
self.api = ApiFacade(root, username, password)
self.fedora_root = self.api.base_url
self.username = username
self.password = password
self._risearch = None
def __init__(self, root=None, username=None, password=None, request=None):
global _connection
# when initialized via django, settings should be pulled from django conf
if root is None:
# if global connection is not set yet, initialize it
if _connection is None:
init_pooled_connection()
root = _connection
# if username and password are not set, attempt to pull from django conf
if username is None and password is None:
try:
from django.conf import settings
from eulfedora import cryptutil
if request is not None and request.user.is_authenticated() and \
FEDORA_PASSWORD_SESSION_KEY in request.session:
username = request.user.username
password = cryptutil.decrypt(request.session[FEDORA_PASSWORD_SESSION_KEY])
if username is None and hasattr(settings, 'FEDORA_USER'):
username = settings.FEDORA_USER
if password is None and hasattr(settings, 'FEDORA_PASSWORD'):
password = settings.FEDORA_PASSWORD
if hasattr(settings, 'FEDORA_PIDSPACE'):
self.default_pidspace = settings.FEDORA_PIDSPACE
except ImportError:
pass
if root is None:
raise Exception('Could not determine Fedora root url from django settings or parameter')
logger.debug("Connecting to fedora at %s %s" % (root,
'as %s' % username if username else '(no user credentials)'))
self.opener = AuthorizingServerConnection(root, username, password)
self.api = ApiFacade(self.opener)
self.fedora_root = self.opener.base_url
self.username = username
self.password = password
self._risearch = None
def test_login_and_store_credentials_in_session(self):
# only testing custom logic, which happens on POST
# everything else is handled by django.contrib.auth
mockrequest = Mock()
mockrequest.method = 'POST'
def not_logged_in(rqst):
rqst.user.is_authenticated.return_value = False
def set_logged_in(rqst):
rqst.user.is_authenticated.return_value = True
rqst.POST.get.return_value = "TEST_PASSWORD"
# failed login
with patch('eulfedora.views.authviews.login',
new=Mock(side_effect=not_logged_in)):
mockrequest.session = dict()
response = login_and_store_credentials_in_session(mockrequest)
self.assert_(
FEDORA_PASSWORD_SESSION_KEY not in mockrequest.session,
'user password for fedora should not be stored in session on failed login'
)
# successful login
with patch('eulfedora.views.authviews.login',
new=Mock(side_effect=set_logged_in)):
response = login_and_store_credentials_in_session(mockrequest)
self.assert_(
FEDORA_PASSWORD_SESSION_KEY in mockrequest.session,
'user password for fedora should be stored in session on successful login'
)
# test password stored in the mock request
pwd = mockrequest.POST.get()
# encrypted password stored in session
sessionpwd = mockrequest.session[FEDORA_PASSWORD_SESSION_KEY]
self.assertNotEqual(
pwd, sessionpwd,
'password should not be stored in the session without encryption'
)
self.assertEqual(pwd, force_text(cryptutil.decrypt(sessionpwd)),
'user password stored in session is encrypted')
