def authenticate(email, password='', _oauthed=False): """ returns session if successful else returns None """ if not validate_email(email): raise InvalidEmailError(email) email = email.lower() user = User.get(User.email == email) if not user: raise EmailiDoesNotExistError(email) if _oauthed: return sessionslib.create(user.id, user.groups, extras={ 'email': email, 'name': user.name }) if user.password == encrypt(password, settings.SALT): return sessionslib.create(user.id, user.groups, extras={ 'email': email, 'name': user.name }) raise AuthError(email)
def test_sessions(): uid, groups, k, v = 98765, ['admin', 'member'], 'foo', 'bar' sid = sessionslib.create(uid, groups) assert len(sid) > 43 sid_new = sessionslib.create(uid, groups) assert sid == sid_new sessionslib.add_to_session(sid, {k: v}) d = sessionslib.get(sid) assert d[k] == v sessionslib.remove_from_session(sid, k) d = sessionslib.get(sid) assert k not in d sessionslib.destroy(sid) assert sessionslib.get(sid) == {}
def test_sessions(): uid, groups, k, v = 98765, ['admin', 'member'], 'foo', 'bar' sid = sessionslib.create(uid, groups) assert len(sid) > 43 sid_new = sessionslib.create(uid, groups) assert sid == sid_new sessionslib.update(sid, {k: v}) d = sessionslib.get(sid) assert d[k] == v sessionslib.remove_from_session(sid, k) d = sessionslib.get(sid) assert k not in d sessionslib.destroy(sid) assert sessionslib.get(sid) == {}
def test_sessions(): uid, groups, k, v = 987651, ['admin', 'member'], 'foo', 'bar' sid = sessionslib.create(uid, groups, extras=dict(email='*****@*****.**')) assert len(sid) == 43 sid_new = sessionslib.create(uid, groups) assert sid == sid_new sessionslib.update(sid, {k: v}) d = sessionslib.get(sid) assert d[k] == v assert d['email'] == '*****@*****.**' sessionslib.remove_from_session(sid, k) d = sessionslib.get(sid) assert k not in d sessionslib.destroy(sid) assert sessionslib.get(sid) == {}
def set_user_context(uid=None, email=None): if email: user = User.get(User.email == email.lower()) else: user = User.get(User.id == uid) sid = sessionslib.create(user.id, user.groups) context.set_context(uid=user.id, sid=sid, groups=user.groups)
def test_session_lookups(): uids = range(10000, 10010) groups = ['grp1', 'grp2'] for uid in uids: sid = sessionslib.create(uid, groups) assert sessionslib.sid2uidgroups(sid) == (uid, groups) sessionslib.destroy(sid) assert sessionslib.get(sid) == {}
def test_session_lookups(): uids = xrange(10000, 10010) groups = ['grp1', 'grp2'] for uid in uids: sid = sessionslib.create(uid, groups) assert sessionslib.sid2uidgroups(sid) == (uid, groups) sessionslib.destroy(sid) assert sessionslib.get(sid) == {}
def test_add_user_no_session(self): resp = self.client.post('/api/users/', data=json.dumps(self.test_user_data)) assert resp.status_code == 200 uid = json.loads(resp.data)['result'] resp = self.client.post('/api/add', data=json.dumps({'a': 1, 'b': 2})) self.assertEquals(resp.status_code, 403) sid = sessionslib.create(uid, self.test_user_data['groups']) self.client.set_cookie('localhost.localdomain', 'session_id', sid) resp = self.client.post('/api/add', data=json.dumps({'a': 1, 'b': 2})) assert resp.status_code == 200 assert json.loads(resp.data)['result'] == 3
def test_update_attribute(): sid = sessions.create() assert sessions.update_attribute(sid, 'prefs', {'last_seen': '10/05/2016'}) value = sessions.get_attribute(sid, 'prefs') assert value['last_seen'] == '10/05/2016' assert sessions.update_attribute(sid, 'prefs', {'last_seen': '11/05/2016'}) value = sessions.get_attribute(sid, 'prefs') assert value['last_seen'] == '11/05/2016'
def authenticate(email, password): """ returns session if successful else returns None """ if not validate_email(email): raise InvalidEmailError(email) user = User.get(User.email == email.lower()) if not user: raise EmailiDoesNotExistError(email) if user.password == encrypt(password, settings.SALT): return sessionslib.create(user.id, user.groups) raise AuthError(email)
def complete_signup(token, groups=None): """ Do not expose this function directly """ key = gen_signup_key(token) data = rconn.hgetall(key) if not data: raise InvalidTokenError() data['groups'] = groups uid = create(**data) user = info(uid=uid) return sessionslib.create(uid, user['groups'])
def test_delete_session(): sid = sessions.create() data = sessions.get(sid) data['prefs'] = {'last_seen': '10/05/2016'} assert sessions.update(sid, data) data = sessions.get(sid) assert data['prefs']['last_seen'] == '10/05/2016' assert sessions.destroy(sid) data = sessions.get(sid) assert data == {}
def authenticate(email, password): """ returns session if successful else returns None """ if not validate_email(email): raise InvalidEmailError(email) conn = sa.connect() q = select([users.c.id, users.c.password, users.c.groups]).where(users.c.email == email.lower()) row = conn.execute(q).fetchone() if not row: raise EmailiDoesNotExistError(email) uid, encpassword, groups = conn.execute(q).fetchone() if encpassword == encrypt(password, settings.SALT): return sessionslib.create(uid, groups)
def test_get_attribute(): sid = sessions.create() data = sessions.get(sid) data['prefs'] = {'last_seen': '10/05/2016'} assert sessions.update(sid, data) data = sessions.get(sid) assert data['prefs']['last_seen'] == '10/05/2016' value = sessions.get_attribute(sid, 'prefs') assert value['last_seen'] == '10/05/2016' value = sessions.get_attribute(sid, 'ar') assert value is None
def test_create_session(): sid = sessions.create() assert isinstance(sid, str) and len(sid) == 43
def test_get_session(): sid = sessions.create() data = sessions.get(sid) assert data == {'groups': [], 'uid': ''}