def test_filter_by_ids(self): self.assertSequenceEqual( GWCloudUser.filter_by_ids([self.bill.id, self.mike.id]), [self.bill, self.mike]) self.assertSequenceEqual( GWCloudUser.filter_by_ids([self.sally.id, self.bill.id]), [self.bill, self.sally])
def verify(args): """ View to verify an account, using verification table :return: """ code_encrypted = args.get('code', None) if code_encrypted: try: # decrypt the code and its parts code = utility.get_information(code_encrypted) params = dict(parse.parse_qsl(code)) verify_type = params.get('type', None) # if the verification is for user email address if verify_type == 'user': # finds username from the retrieved information username = params.get('username', None) # Update the user try: user = GWCloudUser.get_by_username(username=username) user.status = user.VERIFIED user.is_active = True user.save() return True, 'The email address has been verified successfully' except GWCloudUser.DoesNotExist: return False, 'The requested user account to verify does not exist' except ValueError as e: return False, e if e else 'Invalid verification code' return False, 'Invalid Verification Code'
def test_filter_by_term(self): # Test case insensitivity for term in ["bill", "Bill", "BILL"]: self.assertSequenceEqual(GWCloudUser.filter_by_term(term), [self.bill]) # Test username, first and last names for term in ["bill", "billy", "nye"]: self.assertSequenceEqual(GWCloudUser.filter_by_term(term), [self.bill]) # Test multiple users self.assertSequenceEqual(GWCloudUser.filter_by_term("l"), [self.bill, self.sally, self.mike]) self.assertSequenceEqual(GWCloudUser.filter_by_term("ly"), [self.bill, self.sally]) self.assertSequenceEqual(GWCloudUser.filter_by_term("s"), [self.sally, self.mike])
def test_ligo_update_or_create(self): payload = { 'givenName': "buffy", 'sn': "summers", 'mail': '*****@*****.**' } self.assertFalse(GWCloudUser.does_user_exist("buffy123")) buffy = GWCloudUser.ligo_update_or_create("buffy123", payload) self.assertEqual(buffy.first_name, payload['givenName']) self.assertEqual(buffy.last_name, payload['sn']) self.assertEqual(buffy.email, payload['mail']) payload['sn'] = "married" payload['mail'] = '*****@*****.**' GWCloudUser.ligo_update_or_create("buffy123", payload) buffy.refresh_from_db() self.assertEqual(buffy.first_name, payload['givenName']) self.assertEqual(buffy.last_name, payload['sn']) self.assertEqual(buffy.email, payload['mail'])
def setUpTestData(cls): payload = { 'givenName': "buffy", 'sn': "summers", 'mail': '*****@*****.**' } cls.buffy = GWCloudUser.ligo_update_or_create("buffy", payload) cls.bill = GWCloudUser.objects.create(username="******", first_name="billy", last_name="nye", email="*****@*****.**") cls.sally = GWCloudUser.objects.create(username="******", first_name="sally", last_name="gold", email="*****@*****.**") cls.mike = GWCloudUser.objects.create(username="******", first_name="Mike", last_name="Pats", email="*****@*****.**")
def resolve_username_filter(self, info, **kwargs): # Get the search criteria search = kwargs.get("search") # Start with an empty user array terms = [] # Iterate over each search term for term in search.split(' '): # Remove any whitespace term = term.strip() # Make sure this term is actually valid if not len(term): continue # Search for all users by this term and add the term to the result terms.append( UserTermFilterType(term=term, users=GWCloudUser.filter_by_term(term))) return UserFilterType(terms=terms)
def resolve_username_lookup(self, info, **kwargs): # Get the list of ids to map ids = kwargs.get("ids") return GWCloudUser.filter_by_ids(ids)
def ligo_auth(request): # 'cn': 'Lewis Lakerink' # 'displayName': 'Lewis Lakerink' # 'eduPersonPrincipalName': '*****@*****.**' # 'employeeNumber': '5429' # 'givenName': 'Lewis' # 'mail': '*****@*****.**' # 'sn': 'Lakerink' # 'uid': 'lewis.lakerink' # Check if 'special' was passed through to the view - this is currently used by the ozstar accounts portal to verify # that a user is a valid ligo user if 'special' in request.GET: # The 'special' get parameter is a JWT encoded token containing a callback url and a payload payload = jwt.decode(request.GET['special'], settings.ACCOUNTS_PORTAL_LIGO_AUTH_SECRET_KEY, algorithms='HS256') # Generate the response token to send back to the accounts portal response_token = jwt.encode( { "verified": True, "project_join_request_id": payload['project_join_request_id'] }, settings.ACCOUNTS_PORTAL_LIGO_AUTH_SECRET_KEY, algorithm='HS256') # Return a response that will redirect to the callback url with the verification token return HttpResponse(f""" <!DOCTYPE html> <script> window.location = "{payload['callback_url']}{response_token.decode()}"; </script> """) else: # This will generate a unique hash that is 128 characters long (Django has 160 limit on username field) username_hash = sha3_512( (request.META['uid'] + settings.SECRET_KEY).encode()).hexdigest() # Get and update the user user = GWCloudUser.ligo_update_or_create(username_hash, request.META) # Authorize the user and get the token details token = get_token(user) refresh_token = refresh_token_lazy(user) # Get the next url next_url = request.GET.get('next', '/') response_token = jwt.encode( { "token": token, "refresh_token": str(refresh_token), "next_url": next_url }, settings.SECRET_KEY, algorithm='HS256') # Now we need to determine if the login was for gwlab, gwcloud or gwlandscape and correctly redirect to # the relevant domain # todo: Perhaps this can be improved domain_param = request.GET.get('domain', 'gwcloud') if domain_param == 'gwlab': domain = "https://gwlab.org.au" elif domain_param == 'gwcloud': domain = "https://gwcloud.org.au" elif domain_param == 'gwlandscape': domain = "https://gwlandscape.org.au" # Since the ligo authentication works only under gw-cloud.org, we need to redirect to the # calling domain with the provided token. Each of gwcloud/gwlab.org.au exposes an /auth/ # url which can handle the ligo_continue. # To make this work as expected, we append the ligo_continue url to the domain and redirect # there with the generated token. This allows the token to be correctly set in local storage # for the relevant calling application return HttpResponseRedirect( parse.urljoin( domain, reverse('ligo_continue', args=[response_token.decode()])))
def test_does_user_exist(self): self.assertTrue(GWCloudUser.does_user_exist("bill")) self.assertFalse(GWCloudUser.does_user_exist("billy")) self.assertTrue(GWCloudUser.does_user_exist("mikel73")) self.assertFalse(GWCloudUser.does_user_exist("mike"))
def test_get_by_username(self): self.assertEqual(GWCloudUser.get_by_username("bill"), self.bill) self.assertEqual(GWCloudUser.get_by_username("mikel73"), self.mike)