def _get_authenticated_user_id(self, request: Request, tokenmanager: ITokenManger) -> str: userid, token = _get_x_user_headers(request) settings = request.registry.settings if not asbool(settings.get('adhocracy.validate_user_token', True)): return userid authenticated_userid = tokenmanager.get_user_id(token, timeout=self.timeout) if authenticated_userid != userid: raise KeyError return authenticated_userid
def get_tokenmanager(request: Request, **kwargs) -> ITokenManger: """Adapter request.root to ITokenmanager and return it. :returns: :class:'adhocracy_core.interfaces.ITokenManager or None. """ # allow to run pyramid scripts without authentication if getattr(request, 'root', None) is None: return None try: return ITokenManger(request.root) except (ComponentLookupError, TypeError): return None
def test_tokenmanager_adapter_registered(self): from adhocracy_core.interfaces import ITokenManger self._register_tokenmanager_adapter() inst = self.call_fut(self.request) assert ITokenManger.providedBy(inst)
def test_create(self): from adhocracy_core.interfaces import ITokenManger from zope.interface.verify import verifyObject inst = self.make_one(self.context) assert verifyObject(ITokenManger, inst) assert ITokenManger.providedBy(inst)