def add_user(self, username='******', password='******',
with_token=False):
"""Add a new user directly into the database."""
token = None
user = User(login=username, password=crypto(username, password))
if with_token:
token = str(uuid.uuid4())
user.last_token = token
user.save()
return token
def setUp(self, **kwargs):
server.app.config['MONGO_DB'] = 'tagallery-test'
server.app.config['TESTING'] = True
server.app.config['DEBUG'] = True
if kwargs:
server.app.config.update(**kwargs)
server.init_db('tagallery-test')
User.drop_collection()
Image.drop_collection()
self.app = server.app.test_client()
return
def get(self):
"""Return the access token. User and password must be present in the
headers via Basic Auth."""
self._log.debug('Authorization = {auth}'.format(
auth=request.authorization))
if not request.authorization:
raise TagalleryMissingLoginInformationException()
auth = request.authorization
if not auth.username or not auth.password:
raise TagalleryMissingLoginInformationException()
cyphered = crypto(auth.username, auth.password)
user = User.objects(login=auth.username, password=cyphered).first()
if not user:
self._log.debug('Cant find the user')
raise TagalleryNoSuchUserException()
self._log.debug('User = {user}'.format(user=user))
token = str(uuid.uuid4())
user.token = token
user.save()
return jsonify(status='OK',
token=token)
def get(self):
"""Return the access token. User and password must be present in the
headers via Basic Auth."""
self._log.debug("Authorization = {auth}".format(auth=request.authorization))
if not request.authorization:
raise TagalleryMissingLoginInformationException()
auth = request.authorization
if not auth.username or not auth.password:
raise TagalleryMissingLoginInformationException()
cyphered = crypto(auth.username, auth.password)
user = User.objects(login=auth.username, password=cyphered).first()
if not user:
self._log.debug("Cant find the user")
raise TagalleryNoSuchUserException()
self._log.debug("User = {user}".format(user=user))
token = str(uuid.uuid4())
user.token = token
user.save()
return jsonify(status="OK", token=token)
def check_auth(*args, **kwargs):
if not request.authorization:
raise TagalleryMissingLoginInformationException()
# request informatino requires that the user in the basic auth is,
# actually, the token
token = request.authorization.username
user = User.objects(last_token=token).first()
if not user:
raise TagalleryInvalidTokenException()
result = func(*args, **kwargs)
user.last_token = str(uuid.uuid4())
result.headers.add('X-NextToken', user.last_token)
return result
def post(self):
entry = request.get_json(force=True)
if not entry:
return create_error_response(400, "Bad Request", "")
template = entry.get("template", {})
if not template:
return create_error_response(400, "Bad Request", "")
data = template.get("data", [])
if not data:
return create_error_response(400, "Bad Request", "")
user = User()
for fields in data:
name = fields.get("name")
value = fields.get("value")
if not all((name, value)):
return create_error_response(400, "Bad Request", "")
if name == "name":
userexists_check = self.db.session.query(
self.db.session.query(User).filter_by(
name=value).exists()).scalar()
if userexists_check:
return create_error_response(
409, "Bad Request",
f"User with name {value} already exists")
setattr(user, name, value)
try:
self.db.session.add(user)
self.db.session.commit()
except Exception as e:
logger.warning("Error while creating user. Error %s (%s)", e,
e.__class__)
self.db.session.rollback()
return create_error_response(400, "Bad Request", "")
headers = {"Location": api.url_for(UserItem, user=user.id)}
return Response(headers=headers, status=201)
def register():
if not request.json:
return jsonify({'message': 'no json data received'})
username = request.json.get('username')
password = request.json.get('password')
error = None
if not username:
error = 'Username is required.'
elif not password:
error = 'Password is required.'
try:
new_user = User(username, password)
db.session.add(new_user)
db.session.commit()
except IntegrityError:
error = 'Username is not unique'
if not error:
return jsonify({'message': 'success'})
else:
return jsonify({'message': error})
def tearDown(self):
User.drop_collection()
Image.drop_collection()
return
def generate_user():
return User(name=str(uuid.uuid1().hex),
email=str(uuid.uuid1().hex),
password=str(uuid.uuid1().hex))
