def test_generate_auth(app):
wsgi_env = {
'REMOTE_ADDR': os.environ.get('REMOTE_ADDR', '1.2.3.4'),
'HTTP_USER_AGENT': os.environ.get('HTTP_USER_AGENT', 'cURL')}
with app.test_request_context(environ_base=wsgi_env):
salt, actual_pass = utils.generate_auth('pepper', 'password')
assert actual_pass is not None
assert 88 == len(actual_pass)
def test_generate_auth(self):
wsgi_env = {
'REMOTE_ADDR': os.environ.get('REMOTE_ADDR', '1.2.3.4'),
'HTTP_USER_AGENT': os.environ.get('HTTP_USER_AGENT', 'cURL')}
with self.app.test_request_context(environ_base=wsgi_env):
salt, actual_pass = utils.generate_auth('pepper', 'password')
self.assertIsNotNone(actual_pass)
self.assertEquals(88, len(actual_pass))
def test_generate_auth(self):
wsgi_env = {
'REMOTE_ADDR': os.environ.get('REMOTE_ADDR', '1.2.3.4'),
'HTTP_USER_AGENT': os.environ.get('HTTP_USER_AGENT', 'cURL')
}
with self.app.test_request_context(environ_base=wsgi_env):
salt, actual_pass = utils.generate_auth('pepper', 'password')
self.assertIsNotNone(actual_pass)
self.assertEquals(88, len(actual_pass))
def test_generate_auth(app):
wsgi_env = {
'REMOTE_ADDR': os.environ.get('REMOTE_ADDR', '1.2.3.4'),
'HTTP_USER_AGENT': os.environ.get('HTTP_USER_AGENT', 'cURL')
}
with app.test_request_context(environ_base=wsgi_env):
salt, actual_pass = utils.generate_auth('pepper', 'password')
assert actual_pass is not None
assert 88 == len(actual_pass)
def __generate_credentials(email):
# @TODO: use a non-gatorlink password here
password = email
salt, password_hash = utils.generate_auth(app.config['SECRET_KEY'],
password)
# Note: we store the salt as a prefix
return {
"email": email,
"salt": salt,
"password_hash": password_hash,
}
def api_save_user():
""" Save a new user to the database
TODO: Add support for reading a password field
"""
email = request.form['email']
first = request.form['first']
last = request.form['last']
minitial = request.form['minitial']
roles = request.form.getlist('roles[]')
email_exists = False
try:
existing_user = UserEntity.query.filter_by(email=email).one()
email_exists = existing_user is not None
except:
pass
if email_exists:
return utils.jsonify_error(
{'message': 'Sorry. This email is already taken.'})
# @TODO: use a non-gatorlink password here
password = email
salt, password_hash = utils.generate_auth(app.config['SECRET_KEY'],
password)
added_date = datetime.today()
access_end_date = utils.get_expiration_date(180)
# Note: we store the salt as a prefix
user = UserEntity.create(email=email,
first=first,
last=last,
minitial=minitial,
added_at=added_date,
modified_at=added_date,
access_expires_at=access_end_date,
password_hash="{}:{}".format(salt, password_hash))
user_roles = []
try:
for role_name in roles:
role_entity = RoleEntity.query.filter_by(name=role_name).one()
user_roles.append(role_entity)
except Exception as exc:
app.logger.debug("Problem saving user: {}".format(exc))
[user.roles.append(rol) for rol in user_roles]
user = UserEntity.save(user)
app.logger.debug("saved user: {}".format(user))
LogEntity.account_created(session['uuid'], user)
return utils.jsonify_success({'user': user.serialize()})
def api_save_user():
""" Save a new user to the database
TODO: Add support for reading a password field
"""
email = request.form['email']
first = request.form['first']
last = request.form['last']
minitial = request.form['minitial']
roles = request.form.getlist('roles[]')
email_exists = False
try:
existing_user = UserEntity.query.filter_by(email=email).one()
email_exists = existing_user is not None
except:
pass
if email_exists:
return utils.jsonify_error(
{'message': 'Sorry. This email is already taken.'})
# @TODO: use a non-gatorlink password here
password = email
salt, password_hash = utils.generate_auth(app.config['SECRET_KEY'],
password)
added_date = datetime.today()
access_end_date = utils.get_expiration_date(180)
# Note: we store the salt as a prefix
user = UserEntity.create(email=email,
first=first,
last=last,
minitial=minitial,
added_at=added_date,
modified_at=added_date,
access_expires_at=access_end_date,
password_hash="{}:{}".format(salt, password_hash))
user_roles = []
try:
for role_name in roles:
role_entity = RoleEntity.query.filter_by(name=role_name).one()
user_roles.append(role_entity)
except Exception as exc:
app.logger.debug("Problem saving user: {}".format(exc))
[user.roles.append(rol) for rol in user_roles]
user = UserEntity.save(user)
app.logger.debug("saved user: {}".format(user))
LogEntity.account_created(session['uuid'], user)
return utils.jsonify_success({'user': user.serialize()})
