def test_get_current_user(self):
# Set up a test user.
email = '*****@*****.**'
user = User(email=email)
user.save()
# Create some security tokens.
expired_token = auth._create_security_token(user)
self.now += 0.75 * auth._TOKEN_TIMEOUT_S
stale_token = auth._create_security_token(user)
self.now += 0.75 * auth._TOKEN_TIMEOUT_S
good_token = auth._create_security_token(user)
# Create a test HttpRequest, and test using it against our
# various tokens.
request = http.HttpRequest()
request.COOKIES[auth._CHIRP_SECURITY_TOKEN_COOKIE] = expired_token
self.assertEqual(None, auth.get_current_user(request))
request.COOKIES[auth._CHIRP_SECURITY_TOKEN_COOKIE] = stale_token
user = auth.get_current_user(request)
self.assertEqual(email, user.email)
self.assertTrue(user._credentials.security_token_is_stale)
request.COOKIES[auth._CHIRP_SECURITY_TOKEN_COOKIE] = good_token
user = auth.get_current_user(request)
self.assertEqual(email, user.email)
self.assertFalse(user._credentials.security_token_is_stale)
# Test that a password reset token can be used to authenticate
# when POSTed in a variable named CHIRP_Auth.
request = http.HttpRequest()
request.method = "POST"
self.assertEqual(None, auth.get_current_user(request))
request.POST["CHIRP_Auth"] = base64.urlsafe_b64encode(expired_token)
self.assertEqual(None, auth.get_current_user(request))
request.POST["CHIRP_Auth"] = "bogus!!!"
self.assertEqual(None, auth.get_current_user(request))
request.POST["CHIRP_Auth"] = base64.urlsafe_b64encode(good_token)
user = auth.get_current_user(request)
self.assertEqual(email, user.email)
# Check that we will reject an inactive user.
user.is_active = False
user.save()
self.assertRaises(auth.UserNotAllowedError,
auth.get_current_user, request)
user.is_active = True
user.save()
def test_get_current_user(self):
# Set up a test user.
email = '*****@*****.**'
user = User(email=email)
user.save()
# Create some security tokens.
expired_token = auth._create_security_token(user)
self.now += 0.75 * auth._TOKEN_TIMEOUT_S
stale_token = auth._create_security_token(user)
self.now += 0.75 * auth._TOKEN_TIMEOUT_S
good_token = auth._create_security_token(user)
# Create a test HttpRequest, and test using it against our
# various tokens.
request = http.HttpRequest()
request.COOKIES[auth._CHIRP_SECURITY_TOKEN_COOKIE] = expired_token
self.assertEqual(None, auth.get_current_user(request))
request.COOKIES[auth._CHIRP_SECURITY_TOKEN_COOKIE] = stale_token
user = auth.get_current_user(request)
self.assertEqual(email, user.email)
self.assertTrue(user._credentials.security_token_is_stale)
request.COOKIES[auth._CHIRP_SECURITY_TOKEN_COOKIE] = good_token
user = auth.get_current_user(request)
self.assertEqual(email, user.email)
self.assertFalse(user._credentials.security_token_is_stale)
# Test that a password reset token can be used to authenticate
# when POSTed in a variable named CHIRP_Auth.
request = http.HttpRequest()
request.method = "POST"
self.assertEqual(None, auth.get_current_user(request))
request.POST["CHIRP_Auth"] = base64.urlsafe_b64encode(expired_token)
self.assertEqual(None, auth.get_current_user(request))
request.POST["CHIRP_Auth"] = "bogus!!!"
self.assertEqual(None, auth.get_current_user(request))
request.POST["CHIRP_Auth"] = base64.urlsafe_b64encode(good_token)
user = auth.get_current_user(request)
self.assertEqual(email, user.email)
# Check that we will reject an inactive user.
user.is_active = False
user.save()
self.assertRaises(auth.UserNotAllowedError, auth.get_current_user,
request)
user.is_active = True
user.save()
def chirp_Client_login(self, **credentials):
"""If the given credentials are valid, return a User object."""
user = None
email = credentials.get('email')
if email:
user = User.get_by_email(email)
if user is None:
user = User(email=email)
for key, value in credentials.items():
setattr(user, key, value)
user.save()
token = ''
if user:
token = auth._create_security_token(user)
self.cookies[auth._CHIRP_SECURITY_TOKEN_COOKIE] = token
if token:
return True
def chirp_Client_login(self, **credentials):
"""If the given credentials are valid, return a User object."""
user = None
email = credentials.get('email')
if email:
user = User.get_by_email(email)
if user is None:
user = User(email=email)
for key, value in credentials.items():
setattr(user, key, value)
user.save()
token = ''
if user:
token = auth._create_security_token(user)
self.cookies[auth._CHIRP_SECURITY_TOKEN_COOKIE] = token
if token:
return True
def test_security_token_create_and_parse(self):
# Set up a test user.
email = '*****@*****.**'
user = User(email=email)
token = auth._create_security_token(user)
# A new token should work fine and not be stale.
cred = auth._parse_security_token(token)
self.assertEqual(email, cred.email)
self.assertFalse(cred.security_token_is_stale)
# Don't accept time-traveling tokens.
self.now -= 60
self.assertEqual(None, auth._parse_security_token(token))
# This token is still valid, but is stale.
self.now += 0.75 * auth._TOKEN_TIMEOUT_S
cred = auth._parse_security_token(token)
self.assertEqual(email, cred.email)
self.assertTrue(cred.security_token_is_stale)
# Now the token has expired.
self.now += 0.75 * auth._TOKEN_TIMEOUT_S
self.assertEqual(None, auth._parse_security_token(token))
# Reject random garbage.
for garbage in (None, '', 'garbage'):
self.assertEqual(None, auth._parse_security_token(garbage))
def test_security_token_create_and_parse(self):
# Set up a test user.
email = '*****@*****.**'
user = User(email=email)
token = auth._create_security_token(user)
# A new token should work fine and not be stale.
cred = auth._parse_security_token(token)
self.assertEqual(email, cred.email)
self.assertFalse(cred.security_token_is_stale)
# Don't accept time-traveling tokens.
self.now -= 60
self.assertEqual(None, auth._parse_security_token(token))
# This token is still valid, but is stale.
self.now += 0.75 * auth._TOKEN_TIMEOUT_S
cred = auth._parse_security_token(token)
self.assertEqual(email, cred.email)
self.assertTrue(cred.security_token_is_stale)
# Now the token has expired.
self.now += 0.75 * auth._TOKEN_TIMEOUT_S
self.assertEqual(None, auth._parse_security_token(token))
# Reject random garbage.
for garbage in (None, '', 'garbage'):
self.assertEqual(None, auth._parse_security_token(garbage))