def index(request, view_name=None, start_view=None):
"""Page that serves the static Single Page App (Spartacus)."""
ctx = {}
ctx['fxa_state'], ctx['fxa_auth_url'] = fxa_auth_info(request)
jwt = request.GET.get('req')
if jwt:
ctx['mkt_user'] = False
# If this is a Marketplace-issued JWT, verify its signature and skip login
# for the purchaser named in it.
if jwt and _get_issuer(jwt) == settings.KEY:
try:
data = verify_sig(jwt,
settings.SECRET,
expected_aud=settings.DOMAIN)
data = data['request'].get('productData', '')
except InvalidJWT, exc:
log.debug(
'ignoring invalid Marketplace JWT error: {e}'.format(e=exc))
else:
product_data = urlparse.parse_qs(data)
emails = product_data.get('buyer_email')
if emails:
log.info("Creating session for marketplace user " +
str(emails))
set_user(request, emails[0], verified=False)
ctx['mkt_user'] = True
def index(request, view_name=None, start_view=None):
"""Page that serves the static Single Page App (Spartacus)."""
if not settings.SPA_ENABLE:
return http.HttpResponseForbidden()
ctx = {}
ctx['fxa_state'], ctx['fxa_auth_url'] = fxa_auth_info(request)
jwt = request.GET.get('req')
if jwt:
ctx['mkt_user'] = False
# If this is a Marketplace-issued JWT, verify its signature and skip login
# for the purchaser named in it.
if jwt and _get_issuer(jwt) == settings.KEY:
try:
data = verify_sig(jwt, settings.SECRET)
data = data['request'].get('productData', '')
except InvalidJWT:
pass
else:
product_data = urlparse.parse_qs(data)
emails = product_data.get('buyer_email')
if emails:
log.info("Creating session for marketplace user " +
str(emails))
set_user(request, emails[0], verified=False)
ctx['mkt_user'] = True
# This has to come after set_user as set_user modifies the session.
ctx['super_powers'] = request.session.get('super_powers', False)
return render(request, 'spa/index.html', ctx)
def index(request, view_name=None, start_view=None):
"""Page that serves the static Single Page App (Spartacus)."""
ctx = {}
ctx['fxa_state'], ctx['fxa_auth_url'] = fxa_auth_info(request)
jwt = request.GET.get('req')
if jwt:
ctx['mkt_user'] = False
# If this is a Marketplace-issued JWT, verify its signature and skip login
# for the purchaser named in it.
if jwt and _get_issuer(jwt) == settings.KEY:
try:
data = verify_sig(jwt, settings.SECRET,
expected_aud=settings.DOMAIN)
data = data['request'].get('productData', '')
except InvalidJWT, exc:
log.debug('ignoring invalid Marketplace JWT error: {e}'
.format(e=exc))
else:
product_data = urlparse.parse_qs(data)
emails = product_data.get('buyer_email')
if emails:
log.info("Creating session for marketplace user " +
str(emails))
set_user(request, emails[0], verified=False)
ctx['mkt_user'] = True
def test_set_user(self, client):
email = '*****@*****.**'
req = mock.MagicMock()
user = get_uuid(email)
eq_(set_user(req, email), user)
assert client.get_buyer.called
assert req.session.__setitem__.called
def test_set_user(self, client):
email = '*****@*****.**'
req = mock.MagicMock()
user = get_uuid(email)
eq_(set_user(req, email), user)
assert client.get_buyer.called
assert req.session.__setitem__.called
def test_update_user_pin_unlock(self, client):
email = '*****@*****.**'
req = http.HttpRequest()
req.session = {'last_pin_success': datetime.now()}
user = get_uuid(email)
eq_(set_user(req, email), user)
assert req.session['last_pin_success'] is None
def test_update_user_pin_unlock(self, client):
email = '*****@*****.**'
req = http.HttpRequest()
req.session = {
'last_pin_success': datetime.now()
}
user = get_uuid(email)
eq_(set_user(req, email), user)
assert req.session['last_pin_success'] is None
def test_set_with_wildcard(self):
with self.settings(USER_WHITELIST=['.*[email protected]']):
with self.assertRaises(PermissionDenied):
set_user(mock.MagicMock(), '*****@*****.**')
def test_set_with_wildcard(self):
with self.settings(USER_WHITELIST=['.*[email protected]']):
with self.assertRaises(PermissionDenied):
set_user(mock.MagicMock(), '*****@*****.**')
def test_is_set_to_false_if_verified(self):
request = mock.MagicMock()
request.session = {'was_reverified': 'no way'}
set_user(request, '*****@*****.**', verified=False)
eq_(request.session['was_reverified'], False)
def test_is_unchanged_if_not_specified(self):
request = mock.MagicMock()
request.session = {'was_reverified': 'no way'}
set_user(request, '*****@*****.**')
eq_(request.session['was_reverified'], 'no way')
def test_is_set_to_false_if_verified(self):
request = mock.MagicMock()
request.session = {'was_reverified': 'no way'}
set_user(request, '*****@*****.**', verified=False)
eq_(request.session['was_reverified'], False)
def test_is_unchanged_if_not_specified(self):
request = mock.MagicMock()
request.session = {'was_reverified': 'no way'}
set_user(request, '*****@*****.**')
eq_(request.session['was_reverified'], 'no way')
