def create_tables():
db.create_all()
LOGGER.debug('Setting roles...')
Permission.insert_permissions()
Role.insert_roles()
LOGGER.debug('Setting users...')
User.insert_users(_config)
def google_auth():
"""
Redirect uri after google authorization code oauth. Authenticates user using google information, login_type
set to google.
---
responses:
200:
description: Redirect to home page.
401:
description: Authentication issue.
"""
_token = oauth.google.authorize_access_token()
google_user = oauth.google.parse_id_token(_token)
LOGGER.debug(f" Google User {google_user}")
username = google_user['name'].replace(' ', '').lower()
LOGGER.debug(f" Google User Name {username}")
user = User.query.filter_by(email=google_user['email']).first()
_password = "******"
if not user:
user = User(email=google_user['email'],
username=username,
password=_password,
login_type=LoginType.GOOGLE)
db.session.add(user)
db.session.commit()
if user is not None and user.verify_password(_password):
# login_user(user, remember=False)
next = request.args.get('next')
if next is None or not next.startswith('/'):
next = url_for('main.index')
return redirect(next)
flash('Invalid username or password.')
return redirect(url_for('main.index'))
def token():
configure_oauth()
state = request.args['state']
LOGGER.debug(f"State [{state}], _google_authlib_state_[{session.get('_google_authlib_state_')}]")
LOGGER.debug(session)
session['_google_authlib_state_'] = state
_token = oauth.google.authorize_access_token()
google_user = oauth.google.parse_id_token(_token)
LOGGER.debug(f" Google User {google_user}")
username = google_user['name'].replace(' ', '').lower()
LOGGER.debug(f" Google User Name {username}")
user = User.query.filter_by(email=google_user['email']).first()
_password = "******"
if not user:
user = User.query.filter_by(username=username).first()
if user:
LOGGER.debug(f" Username {username} already exists. Using email as username.")
username = google_user['email']
user = User(email=google_user['email'],
username=username,
password=_password,
login_type=LoginType.GOOGLE)
db.session.add(user)
db.session.commit()
access_token = issue_token_for_user(user)
LOGGER.debug(f'Access token {access_token}')
return jsonify({**user.to_json(), 'access_token': access_token}), 200
def update_user_request_not_found(query_mock, user_admin_valid,
role_admin_valid, user_valid):
from lorem_ipsum_auth.models import User, Role, Permission
role = Role(id=role_admin_valid['id'],
name=role_admin_valid['name'],
default=role_admin_valid['default'],
permissions=[
Permission.from_str(perm)
for perm in role_admin_valid['permissions']
])
Role.query.filter_by.return_value.first.return_value = role
admin_user = User.from_dict(user_admin_valid)
admin_user.role = role
User.query.filter_by.return_value.filter_by.return_value.first.return_value = admin_user
def _filter_by(*args, **kwargs):
if kwargs.get('username') == user_admin_valid['username']:
_mock = mock.MagicMock()
_mock.first.return_value = admin_user
return _mock
else:
_mock = mock.MagicMock()
_mock.first.return_value = None
return _mock
User.query.filter_by.side_effect = _filter_by
yield user_admin_valid
def role_add_existing_request(query_mock, user_admin_valid, role_editor_valid):
from lorem_ipsum_auth.models import User, Role, Permission
Role.query.filter_by.return_value.first.return_value = Role(
id=role_editor_valid['id'],
name=role_editor_valid['name'],
permissions=[
Permission.from_str(perm)
for perm in role_editor_valid['permissions']
])
User.query.filter_by.return_value.filter_by.return_value.first.return_value = User.from_dict(
user_admin_valid)
User.query.filter_by.return_value.first.return_value = User.from_dict(
user_admin_valid)
Permission.query.filter_by.return_value.first.return_value = Permission.from_str(
'books:add')
yield user_admin_valid
def register():
"""
Signin by POST credentials or UsernamePassword GET.
---
definitions:
- schema:
id: RegisterRequest
properties:
username:
type: string
description: username
password:
type: string
description: password
email:
type: string
description: email
parameters:
- in: body
name: registerRequest
required: true
description: username and password
schema:
$ref: "#/definitions/RegisterRequest"
responses:
200:
description: User profile including access token.
schema:
$ref: '#/definitions/LoginResponse'
401:
description: Invalid username or password.
"""
_request = from_json(request.data.decode('utf-8'))
if User.query.filter_by(username=_request['username']).first():
return jsonify('User already registered'), 400
user = User(email=_request['email'],
username=_request['username'],
password=_request['password'])
user.role = Role.query.filter_by(default=True).first()
db.session.add(user)
db.session.commit()
access_token = issue_token_for_user(user)
return jsonify({**user.to_json(), 'access_token': access_token}), 200
def role_add_valid_request(query_mock, user_admin_valid, role_editor_valid):
from lorem_ipsum_auth.models import User, Role
orig_query = Role.query.filter_by.return_value
def _filter_by(*args, **kwargs):
if kwargs.get('name') == role_editor_valid['name']:
_mock = mock.MagicMock()
_mock.first.return_value = None
return _mock
return orig_query
Role.query.filter_by.side_effect = _filter_by
User.query.filter_by.return_value.filter_by.return_value.first.return_value = User.from_dict(
user_admin_valid)
User.query.filter_by.return_value.first.return_value = User.from_dict(
user_admin_valid)
yield user_admin_valid
def issue_token(user: dict, role: dict) -> str:
from lorem_ipsum_auth.models import User, Permission, Role
from lorem_ipsum_auth.auth import issue_token_for_user
role = Role(id=user['id'],
name=role['name'],
permissions=[
Permission.from_str(perm) for perm in role['permissions']
])
Role.query.filter_by.return_value.first.return_value = role
_user = User.from_dict(user)
_user.role = role
User.query.filter_by.return_value.filter_by.return_value.first.return_value = _user
User.query.filter_by.return_value.first.return_value = _user
return issue_token_for_user(_user)
def login_valid_request(query_mock, user_admin_valid, role_admin_valid):
from lorem_ipsum_auth.models import User, Role, Permission
role = Role(id=role_admin_valid['id'],
name=role_admin_valid['name'],
default=role_admin_valid['default'],
permissions=[
Permission.from_str(perm)
for perm in role_admin_valid['permissions']
])
Role.query.filter_by.return_value.first.return_value = role
admin_user = User.from_dict(user_admin_valid)
admin_user.role = role
User.query.filter_by.return_value.filter_by.return_value.first.return_value = admin_user
User.query.filter_by.return_value.first.return_value = admin_user
yield admin_user