def test_user_id_switch(self): """ Users sometimes login with the same email, but a different google user id. We handle those cases by blanking out the email on the old user object and creating a new one with the new user id. """ email = '*****@*****.**' user1 = users.User(email, _user_id='111111111100000000001') user2 = users.User(email, _user_id='222222222200000000002') User = get_user_model() request = HttpRequest() SessionMiddleware().process_request(request) # Make the damn sessions work request.session[BACKEND_SESSION_KEY] = 'djangae.contrib.gauth.datastore.backends.AppEngineUserAPIBackend' middleware = AuthenticationMiddleware() with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: user1): middleware.process_request(request) self.assertEqual(1, User.objects.count()) django_user1 = request.user self.assertEqual(user1.user_id(), django_user1.username) self.assertEqual(user1.email(), django_user1.email) with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: user2): middleware.process_request(request) self.assertEqual(2, User.objects.count()) django_user2 = request.user self.assertEqual(user2.user_id(), django_user2.username) self.assertEqual(user2.email(), django_user2.email) django_user1 = User.objects.get(pk=django_user1.pk) self.assertEqual(django_user1.email, None)
def test_login(self): def _get_current_user(): return users.User('*****@*****.**', _user_id='111111111100000000001') request = HttpRequest() SessionMiddleware().process_request(request) # Make the damn sessions work request.session[BACKEND_SESSION_KEY] = 'djangae.contrib.gauth.datastore.backends.AppEngineUserAPIBackend' middleware = AuthenticationMiddleware() # Check that we're not logged in already user = get_user(request) self.assertFalse(user.is_authenticated()) # Check that running the middleware when the Google users API doesn't know the current # user still leaves us as an anonymous users. with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: None): middleware.process_request(request) # Check that the middleware successfully logged us in user = get_user(request) self.assertFalse(user.is_authenticated()) # Now check that when the Google users API *does* know who we are, that we are logged in. with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', _get_current_user): middleware.process_request(request) # Check that the middleware successfully logged us in user = get_user(request) self.assertTrue(user.is_authenticated()) self.assertEqual(user.email, '*****@*****.**') self.assertEqual(user.username, '111111111100000000001')
def test_force_user_pre_creation(self): email = '*****@*****.**' user1 = users.User(email, _user_id='111111111100000000001') with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: user1): request = HttpRequest() SessionMiddleware().process_request(request) # Make the damn sessions work middleware = AuthenticationMiddleware() middleware.process_request(request) # We expect request.user to be AnonymousUser(), because there was no User object in the DB # and so with pre-creation required, authentication should have failed self.assertTrue(isinstance(request.user, AnonymousUser))
def test_account_switch(self): user1 = users.User('*****@*****.**', _user_id='111111111100000000001') user2 = users.User('*****@*****.**', _user_id='222222222200000000002') request = HttpRequest() SessionMiddleware().process_request(request) # Make the damn sessions work middleware = AuthenticationMiddleware() with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: user1): middleware.process_request(request) self.assertEqual(user1.user_id(), request.user.username) with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: user2): middleware.process_request(request) self.assertEqual(user2.user_id(), request.user.username)
def test_account_switch(self): user1 = users.User('*****@*****.**', _user_id='111111111100000000001') user2 = users.User('*****@*****.**', _user_id='222222222200000000002') request = HttpRequest() SessionMiddleware().process_request(request) # Make the damn sessions work request.session[BACKEND_SESSION_KEY] = 'djangae.contrib.gauth.datastore.backends.AppEngineUserAPIBackend' middleware = AuthenticationMiddleware() with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: user1): middleware.process_request(request) self.assertEqual(user1.user_id(), request.user.username) with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: user2): middleware.process_request(request) self.assertEqual(user2.user_id(), request.user.username)
def test_middleware_resaves_email(self): # Create user with uppercased email email = '*****@*****.**' google_user = users.User(email, _user_id='111111111100000000001') backend = AppEngineUserAPIBackend() user = backend.authenticate(google_user=google_user,) # Normalize_email should save a user with lowercase email self.assertEqual(user.email, email.lower()) # Run AuthenticationMiddleware, if email are mismatched with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: google_user): request = HttpRequest() SessionMiddleware().process_request(request) # Make the damn sessions work middleware = AuthenticationMiddleware() middleware.process_request(request) # Middleware should resave to uppercased email, keeping user the same self.assertEqual(request.user.email, email) self.assertEqual(request.user.pk, user.pk)
def test_account_switch(self): def _get_user_one(): return users.User('*****@*****.**', _user_id='111111111100000000001') def _get_user_two(): return users.User('*****@*****.**', _user_id='222222222200000000002') request = HttpRequest() SessionMiddleware().process_request(request) # Make the damn sessions work middleware = AuthenticationMiddleware() with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', _get_user_one): middleware.process_request(request) self.assertEqual(_get_user_one().user_id(), request.user.username) with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', _get_user_two): middleware.process_request(request) self.assertEqual(_get_user_two().user_id(), request.user.username)
def test_user_id_switch(self): """ Users sometimes login with the same email, but a different google user id. We handle those cases by blanking out the email on the old user object and creating a new one with the new user id. """ email = '*****@*****.**' user1 = users.User(email, _user_id='111111111100000000001') user2 = users.User(email, _user_id='222222222200000000002') User = get_user_model() request = HttpRequest() SessionMiddleware().process_request(request) # Make the damn sessions work request.session[BACKEND_SESSION_KEY] = 'djangae.contrib.gauth.datastore.backends.AppEngineUserAPIBackend' middleware = AuthenticationMiddleware() with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: user1): middleware.process_request(request) self.assertEqual(1, User.objects.count()) django_user1 = request.user self.assertEqual(user1.user_id(), django_user1.username) self.assertEqual(user1.email(), django_user1.email) with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: user2): middleware.process_request(request) self.assertEqual(2, User.objects.count()) django_user2 = request.user self.assertEqual(user2.user_id(), django_user2.username) self.assertEqual(user2.email(), django_user2.email) django_user1 = User.objects.get(pk=django_user1.pk) self.assertEqual(django_user1.email, "")
def test_account_switch(self): def _get_user_one(): return users.User('*****@*****.**', _user_id='111111111100000000001') def _get_user_two(): return users.User('*****@*****.**', _user_id='222222222200000000002') request = HttpRequest() SessionMiddleware().process_request( request) # Make the damn sessions work middleware = AuthenticationMiddleware() with sleuth.switch( 'djangae.contrib.gauth.middleware.users.get_current_user', _get_user_one): middleware.process_request(request) self.assertEqual(_get_user_one().user_id(), request.user.username) with sleuth.switch( 'djangae.contrib.gauth.middleware.users.get_current_user', _get_user_two): middleware.process_request(request) self.assertEqual(_get_user_two().user_id(), request.user.username)
def test_user_email_update(self): """ Users can alter their Google account's primary email address. Make sure that we update it on the Django model. """ email = '*****@*****.**' user = users.User(email, _user_id='111111111100000000001') User = get_user_model() request = HttpRequest() SessionMiddleware().process_request(request) # Make the damn sessions work request.session[BACKEND_SESSION_KEY] = 'djangae.contrib.gauth_datastore.backends.AppEngineUserAPIBackend' middleware = AuthenticationMiddleware() with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: user): middleware.process_request(request) self.assertEqual(1, User.objects.count()) django_user = request.user self.assertEqual(email, django_user.email) new_email = '*****@*****.**' user = users.User(new_email, _user_id=user.user_id()) with sleuth.switch('djangae.contrib.gauth.middleware.users.get_current_user', lambda: user): middleware.process_request(request) self.assertEqual(1, User.objects.count()) django_user = request.user self.assertEqual(new_email, django_user.email) self.assertEqual(new_email.lower(), django_user.email_lower)