def setUp(self): app = Flask(__name__) app.secret_key = 'N4buDSXfaHx2oO8g' self.app = app auth = Auth(app) @login_required def needs_login(): return 'needs_login' app.add_url_rule('/needs_login/', 'needs_login', needs_login) @permission_required(resource='post', action='view') def post_view(): return 'needs_post_view' app.add_url_rule('/post_view/', 'post_view', post_view) @app.route('/login_view/') def login_view(): return 'login_view' user = AuthUser(username='******') user.role = 'testuser' testuser_role = Role('testuser', [Permission('post', 'view')]) auth.load_role = lambda _: testuser_role self.user = user
def init_users(): g.users = {} for username in app.config["ADMINS"]: user = AuthUser(username=username) user.set_and_encrypt_password(app.config["ADMINS"][username]) user.role = "admin" g.users[username] = user
def setUp(self): app = Flask(__name__) app.secret_key = "N4buDSXfaHx2oO8g" self.app = app auth = Auth(app) @login_required def needs_login(): return "needs_login" app.add_url_rule("/needs_login/", "needs_login", needs_login) @permission_required(resource="post", action="view") def post_view(): return "needs_post_view" app.add_url_rule("/post_view/", "post_view", post_view) @app.route("/login_view/") def login_view(): return "login_view" user = AuthUser(username="******") user.role = "testuser" testuser_role = Role("testuser", [Permission("post", "view")]) auth.load_role = lambda _: testuser_role self.user = user
def init_users(): """ Initializing users by hardcoding password. Another use case is to read usernames from an external file (like /etc/passwd). """ user = AuthUser(username='******') # Setting and encrypting the hardcoded password. user.set_and_encrypt_password('password', salt='123') # Setting role of the user. user.role = 'userview' # Doing the same for the admin admin = AuthUser(username='******') admin.set_and_encrypt_password('admin') admin.role = 'admin' # Persisting users for this request. g.users = {'user': user, 'admin': admin, }
def login(): user,company = getuser(flask.request.json['user']) if user==None: return '403' if not user.active: return '401' #must instantiate an AuthUser that is serializable to JSON, unlike the MongoAlchemy data object jsonuser=AuthUser(username=user.username,password=user.password,salt=user.salt) jsonuser.role=user.role return '302' if jsonuser.authenticate(flask.request.json['pass']) else '403'
def setUp(self): app = Flask(__name__) auth = Auth(app) self.app = app def load_role(role_name): return self.ROLES.get(role_name) auth.load_role = load_role user = AuthUser(username='******') user.role = 'testuser' self.user = user
def setUp(self): app = Flask(__name__) auth = Auth(app) self.app = app def load_role(role_name): return self.ROLES.get(role_name) auth.load_role = load_role user = AuthUser(username="******") user.role = "testuser" self.user = user