def test_authenticate_root(self): with mock.patch('lizard_auth_client.client._do_post', return_value={ 'success': True, 'user': {'username': '******', 'first_name': 'Willie', 'last_name': 'Wortel', 'email': '*****@*****.**', 'is_active': True, 'is_staff': False, 'is_superuser': False}}): result = client.sso_authenticate_django_v1('root', 'a') self.assertEqual(result['username'], 'root')
def authenticate(self, username=None, password=None): try: if username and password: user_data = None cache_key = 'SSOBackend.authenticate.{0}'.format(username) # Try getting the user_data from cache first. cached_credentials = cache.get(cache_key) if cached_credentials is not None: logger.debug( 'Found user "%s" in the credential cache.', username) # Found in cache, check the (hashed) password. (cached_user_data, cached_hashed_password) = cached_credentials if check_password(password, cached_hashed_password): logger.debug('Cached hashed password is OK.') user_data = cached_user_data else: logger.debug( 'Failed cached password check for user "%s".', username) else: logger.debug( 'Could not find user "%s" in the credential cache.', username) # Not found in cache, call the SSO server. if settings.SSO_USE_V2_LOGIN: if settings.SSO_ALLOW_ONLY_KNOWN_USERS: # First check if the user is known. if not User.objects.filter( username=username, is_active=True).exists(): logger.debug( "Username %s isn't known/active locally", username) return None user_data = client.sso_authenticate_django_v2( username, password) else: user_data = client.sso_authenticate_django_v1( username, password) # Store user_data in cache. hashed_password = make_password(password) if not is_password_usable(hashed_password): return None else: cache.set( cache_key, (user_data, hashed_password), settings.SSO_CREDENTIAL_CACHE_TIMEOUT_SECONDS) # Use either the cached user profile data, or fresh data from # the SSO server to construct a Django User instance. If # fresh data is used, also synchronize roles. if user_data: user = client.construct_user(user_data) if not cached_credentials: if not settings.SSO_USE_V2_LOGIN: client.sso_sync_user_organisation_roles(user) return user except client.AuthenticationFailed as e: logger.info(e) return None except: logger.exception('Error while authenticating user "%s".', username) return None
def wrong_pw(): return client.sso_authenticate_django_v1( 'root', 'wrong_password')