def test_auth(self): DatabaseManager.reset() account = Account(name=u'Test Account 3', email='*****@*****.**').add() some_passwd = 'abcdefg' account.set_passwd(some_passwd) DatabaseManager.commit() account_ = Account.get_by(id=account.id, single=True) self.assertNotEquals(account_.passwd, some_passwd) self.assertEquals(account_.verify_passwd(some_passwd), True) self.assertEquals(account_.verify_passwd('should be wrong'), False) token = account_.auth_token account_t = Account.from_auth_token(token) self.assertEquals(account_.id, account_t.id) fake_token = jwt.encode({ 'iss': 'compose.ai', 'sub': account_.id, 'jti': str(uuid.uuid4()), 'iat': datetime.datetime.utcnow(), 'exp': datetime.datetime.utcnow() + datetime.timedelta(days=14) }, 'im fake secret') with self.assertRaises(RuntimeError): Account.from_auth_token(fake_token) outdated_token = jwt.encode({ 'iss': 'compose.ai', 'sub': account_.id, 'jti': str(uuid.uuid4()), 'iat': datetime.datetime.utcnow() - datetime.timedelta(days=30), 'exp': datetime.datetime.utcnow() - datetime.timedelta(days=15) }, config.JWT_SECRET) with self.assertRaises(RuntimeError): Account.from_auth_token(outdated_token)
def decorated(*args, **kwargs): if Key.X_COMPOSEAI_AUTH not in request.headers: raise AppError(HTTPStatus.STATUS_CLIENT_ERROR, CustomError.ERR_UNAUTHENTICATED, 'Not loggined') auth_header = request.headers[Key.X_COMPOSEAI_AUTH] parts = auth_header.split() if parts[0] != 'Bearer': raise AppError(HTTPStatus.STATUS_CLIENT_ERROR, CustomError.ERR_UNAUTHENTICATED, 'Invalid auth token') try: token = parts[1] g.account = Account.from_auth_token(token) except RuntimeError: raise AppError(HTTPStatus.STATUS_CLIENT_ERROR, CustomError.ERR_UNAUTHENTICATED, 'The token %s is invalid' % token) return func(*args, **kwargs)