def get_authentication() -> Authentication: auth = getattr(g, '_auth', None) if auth is None: auth = g._auth = Authentication( data_folder=current_app.config['USERS_DATA_FOLDER'], password_salt=current_app.config['PASSWORD_SALT'], failed_login_delay_base=current_app.config['FAILED_LOGIN_DELAY_BASE'], ) return cast(Authentication, auth)
from flask import Flask, Response, send_from_directory import config from flask_calendar.authentication import Authentication from flask_calendar.actions import (index_action, login_action, do_login_action, main_calendar_action, new_task_action, edit_task_action, update_task_action, save_task_action, delete_task_action, update_task_day_action, hide_repetition_task_instance_action) from flask_calendar.app_utils import task_details_for_markup app = Flask(__name__) authentication = Authentication( data_folder=config.USERS_DATA_FOLDER, password_salt=config.PASSWORD_SALT, failed_login_delay_base=config.FAILED_LOGIN_DELAY_BASE ) if config.LOCALE is not None: try: locale.setlocale(locale.LC_ALL, config.LOCALE) except locale.Error as e: app.logger.warning("{} ({})".format(str(e), config.LOCALE)) # To avoid main_calendar_action below shallowing favicon requests and generating error logs @app.route('/favicon.ico') def favicon() -> Response: return cast(Response, send_from_directory( os.path.join(cast(str, app.root_path), 'static'), 'favicon.ico', mimetype='image/vnd.microsoft.icon') )
def authentication() -> Authentication: return Authentication(data_folder="test/fixtures", password_salt="a test salt", failed_login_delay_base=0)
def test_password_is_not_stored_plain(authentication: Authentication) -> None: user = authentication.user_data(username=EXISTING_USERNAME) assert user["password"] != CORRECT_PASSWORD assert user["password"] == authentication._hash_password(CORRECT_PASSWORD)
def test_retrieve_user_data(authentication: Authentication) -> None: user = authentication.user_data(username=EXISTING_USERNAME) assert user is not None for key in ["username", "password", "default_calendar"]: assert key in user assert user[key] is not None
def test_is_valid_authentication(authentication: Authentication, username: str, password: str, expected: bool) -> None: assert authentication.is_valid(username=username, password=password) is expected