def setUp(self):
app = Flask(__name__)
app.secret_key = 'N4buDSXfaHx2oO8g'
self.app = app
auth = Auth(app)
@login_required
def needs_login():
return 'needs_login'
app.add_url_rule('/needs_login/', 'needs_login', needs_login)
@permission_required(resource='post', action='view')
def post_view():
return 'needs_post_view'
app.add_url_rule('/post_view/', 'post_view', post_view)
@app.route('/login_view/')
def login_view():
return 'login_view'
user = AuthUser(username='******')
user.role = 'testuser'
testuser_role = Role('testuser', [Permission('post', 'view')])
auth.load_role = lambda _: testuser_role
self.user = user
def init_users():
g.users = {}
for username in app.config["ADMINS"]:
user = AuthUser(username=username)
user.set_and_encrypt_password(app.config["ADMINS"][username])
user.role = "admin"
g.users[username] = user
def setUp(self):
app = Flask(__name__)
app.secret_key = "N4buDSXfaHx2oO8g"
self.app = app
auth = Auth(app)
@login_required
def needs_login():
return "needs_login"
app.add_url_rule("/needs_login/", "needs_login", needs_login)
@permission_required(resource="post", action="view")
def post_view():
return "needs_post_view"
app.add_url_rule("/post_view/", "post_view", post_view)
@app.route("/login_view/")
def login_view():
return "login_view"
user = AuthUser(username="******")
user.role = "testuser"
testuser_role = Role("testuser", [Permission("post", "view")])
auth.load_role = lambda _: testuser_role
self.user = user
def init_users():
"""
Initializing users by hardcoding password. Another use case is to read
usernames from an external file (like /etc/passwd).
"""
user = AuthUser(username='******')
# Setting and encrypting the hardcoded password.
user.set_and_encrypt_password('password', salt='123')
# Setting role of the user.
user.role = 'userview'
# Doing the same for the admin
admin = AuthUser(username='******')
admin.set_and_encrypt_password('admin')
admin.role = 'admin'
# Persisting users for this request.
g.users = {'user': user, 'admin': admin, }
def login():
user,company = getuser(flask.request.json['user'])
if user==None:
return '403'
if not user.active:
return '401'
#must instantiate an AuthUser that is serializable to JSON, unlike the MongoAlchemy data object
jsonuser=AuthUser(username=user.username,password=user.password,salt=user.salt)
jsonuser.role=user.role
return '302' if jsonuser.authenticate(flask.request.json['pass']) else '403'
def setUp(self):
app = Flask(__name__)
auth = Auth(app)
self.app = app
def load_role(role_name):
return self.ROLES.get(role_name)
auth.load_role = load_role
user = AuthUser(username='******')
user.role = 'testuser'
self.user = user
def setUp(self):
app = Flask(__name__)
auth = Auth(app)
self.app = app
def load_role(role_name):
return self.ROLES.get(role_name)
auth.load_role = load_role
user = AuthUser(username="******")
user.role = "testuser"
self.user = user
