def get_token():
email = request.json['email'].lower()
if site_settings.needs_setup:
return _generate_token(User(email=email))
user = User.search(User.email == email).first()
if user:
if user.check_password(request.json['password']):
return _generate_token(user)
abort(make_response('UnknownLogin', 401))
def login(self):
user = User.create(test_user)
user.save()
res = self.post('/v1/auth/token', json=test_user)
self.auth_token = res.data.decode('ascii')
return res
def refresh_token():
if g.claims:
user = User.get(g.claims['id'])
if user:
return _generate_token(user)
abort(make_response('Invalid token, cannot refresh', 401))
def decode_token(token):
try:
g.claims = jwt.decode(token,
app.config['JWT_PUBLIC_KEY'],
algorithms='RS256')
g.user = User.get(g.claims['id'])
return g.claims
except jwt.exceptions.InvalidTokenError as e:
abort(make_response('InvalidToken', 401))
def test_expire(self):
with patch.object(db.session, 'commit', return_value=True):
user = User.create({'email': '*****@*****.**'})
with patch.object(Query, 'first', return_value=None):
token = PasswordToken.generate(user)
token.expire()
assert (token.expires <= datetime.datetime.utcnow())
def test_generate(self):
with patch.object(db.session, 'commit', return_value=True):
user = User.create({'email': '*****@*****.**'})
with patch.object(Query, 'first', return_value=None):
token = PasswordToken.generate(user)
assert (isinstance(token, PasswordToken))
assert (token.user_id == user.id)
assert (token.expires > datetime.datetime.utcnow())
def create_password_token():
email = request.json['email'].lower()
user = User.search(User.email == email).first()
if user:
token = PasswordToken.generate(user)
token.send()
return 'Ok'
def test_generate_existing(self):
with patch.object(db.session, 'commit', return_value=True):
with patch.object(Query, 'first', return_value=None):
user = User.create({'email': '*****@*****.**'})
token = PasswordToken.generate(user)
token_dict = token.dump()
token_dict['id'] = token.id
with patch.object(Query, 'first', return_value=token_dict):
token2 = PasswordToken.generate(user)
assert (token.id == token2.id)
def test_roles(self):
org = Org.create({"name": "Acme"}).save()
org2 = Org.create({"name": "Emca"}).save()
user = User.create(test_user).save()
user.grant_role('Contributor', for_org=org)
self.assertRaises(Exception, user.has_role, 'Contributor')
self.assertRaises(RoleError, user.has_role, 'BadRoleName', for_org=org)
assert (user.has_role('Contributor', for_org=org2) == False)
assert (user.has_role('Administrator', for_org=org) == False)
assert (user.has_role('Contributor', for_org=org) == True)
def test_password(self):
user = User.create(test_user)
assert (user.password != test_user['password'])
assert (not user.check_password('wrong_password'))
assert (user.check_password(test_user['password']))
def test_post_badlogin(self):
user = User.create(test_user)
user.save()
res = self.client.post('/v1/auth/token', json = bad_credentials )
assert(res.status_code == 401 )
def needs_setup(self):
user_count = User.search().count()
if user_count > 0:
return None
return 1