def test_password(self):
login = '******'
passwd = 'test_password'
ucontr = UserController()
user = ucontr.create(login=login, password=passwd)
self.assertNotEqual(passwd, user.password)
self.assertEqual(user, ucontr.check_password(login, passwd))
self.assertIsNone(ucontr.check_password(login, passwd * 2))
passwd *= 2
ucontr.update({'id': user.id}, {'password': passwd})
user = ucontr.get(id=user.id)
self.assertNotEqual(passwd, user.password)
self.assertEqual(user, ucontr.check_password(login, passwd))
self.assertIsNone(ucontr.check_password(login, passwd * 2))
def process_ids(cls, social_id, username, email): # pragma: no cover
labels = {"method": "get", "uri": "/oauth/callback/" + cls.provider}
if social_id is None:
SERVER.labels(result="4XX", **labels).inc()
raise UnprocessableEntity('No social id, authentication failed')
ucontr = UserController()
try:
user = ucontr.get(**{'%s_identity' % cls.provider: social_id})
except NotFound:
user = None
if not user and not conf.oauth.allow_signup:
SERVER.labels(result="4XX", **labels).inc()
raise BadRequest('Account creation is not allowed through OAuth.')
if not user:
if username and not ucontr.read(login=username).count():
login = username
else:
login = '******' % (cls.provider, username or social_id)
user = ucontr.create(
**{
'%s_identity' % cls.provider: social_id,
'login': login,
'email': email
})
ucontr.update({"id": user.id}, {
"last_connection": utc_now(),
"renew_password_token": ""
})
jwt_ext = current_app.extensions['jwt']
access_token = jwt_ext.jwt_encode_callback(user).decode('utf8')
SERVER.labels(result="2XX", **labels).inc()
return {
"access_token":
"%s %s" % (conf.auth.jwt_header_prefix, access_token)
}, 200
