def index(request, view_name=None, start_view=None): """Page that serves the static Single Page App (Spartacus).""" ctx = {} ctx['fxa_state'], ctx['fxa_auth_url'] = fxa_auth_info(request) jwt = request.GET.get('req') if jwt: ctx['mkt_user'] = False # If this is a Marketplace-issued JWT, verify its signature and skip login # for the purchaser named in it. if jwt and _get_issuer(jwt) == settings.KEY: try: data = verify_sig(jwt, settings.SECRET, expected_aud=settings.DOMAIN) data = data['request'].get('productData', '') except InvalidJWT, exc: log.debug( 'ignoring invalid Marketplace JWT error: {e}'.format(e=exc)) else: product_data = urlparse.parse_qs(data) emails = product_data.get('buyer_email') if emails: log.info("Creating session for marketplace user " + str(emails)) set_user(request, emails[0], verified=False) ctx['mkt_user'] = True
def index(request, view_name=None, start_view=None): """Page that serves the static Single Page App (Spartacus).""" if not settings.SPA_ENABLE: return http.HttpResponseForbidden() ctx = {} ctx['fxa_state'], ctx['fxa_auth_url'] = fxa_auth_info(request) jwt = request.GET.get('req') if jwt: ctx['mkt_user'] = False # If this is a Marketplace-issued JWT, verify its signature and skip login # for the purchaser named in it. if jwt and _get_issuer(jwt) == settings.KEY: try: data = verify_sig(jwt, settings.SECRET) data = data['request'].get('productData', '') except InvalidJWT: pass else: product_data = urlparse.parse_qs(data) emails = product_data.get('buyer_email') if emails: log.info("Creating session for marketplace user " + str(emails)) set_user(request, emails[0], verified=False) ctx['mkt_user'] = True # This has to come after set_user as set_user modifies the session. ctx['super_powers'] = request.session.get('super_powers', False) return render(request, 'spa/index.html', ctx)
def index(request, view_name=None, start_view=None): """Page that serves the static Single Page App (Spartacus).""" ctx = {} ctx['fxa_state'], ctx['fxa_auth_url'] = fxa_auth_info(request) jwt = request.GET.get('req') if jwt: ctx['mkt_user'] = False # If this is a Marketplace-issued JWT, verify its signature and skip login # for the purchaser named in it. if jwt and _get_issuer(jwt) == settings.KEY: try: data = verify_sig(jwt, settings.SECRET, expected_aud=settings.DOMAIN) data = data['request'].get('productData', '') except InvalidJWT, exc: log.debug('ignoring invalid Marketplace JWT error: {e}' .format(e=exc)) else: product_data = urlparse.parse_qs(data) emails = product_data.get('buyer_email') if emails: log.info("Creating session for marketplace user " + str(emails)) set_user(request, emails[0], verified=False) ctx['mkt_user'] = True
def test_set_user(self, client): email = '*****@*****.**' req = mock.MagicMock() user = get_uuid(email) eq_(set_user(req, email), user) assert client.get_buyer.called assert req.session.__setitem__.called
def test_update_user_pin_unlock(self, client): email = '*****@*****.**' req = http.HttpRequest() req.session = {'last_pin_success': datetime.now()} user = get_uuid(email) eq_(set_user(req, email), user) assert req.session['last_pin_success'] is None
def test_update_user_pin_unlock(self, client): email = '*****@*****.**' req = http.HttpRequest() req.session = { 'last_pin_success': datetime.now() } user = get_uuid(email) eq_(set_user(req, email), user) assert req.session['last_pin_success'] is None
def test_set_with_wildcard(self): with self.settings(USER_WHITELIST=['.*[email protected]']): with self.assertRaises(PermissionDenied): set_user(mock.MagicMock(), '*****@*****.**')
def test_is_set_to_false_if_verified(self): request = mock.MagicMock() request.session = {'was_reverified': 'no way'} set_user(request, '*****@*****.**', verified=False) eq_(request.session['was_reverified'], False)
def test_is_unchanged_if_not_specified(self): request = mock.MagicMock() request.session = {'was_reverified': 'no way'} set_user(request, '*****@*****.**') eq_(request.session['was_reverified'], 'no way')