From 15cd059705845d359af1438f9616b224cb5bbb61 Mon Sep 17 00:00:00 2001 From: Maxime Alves LIRMM Date: Wed, 8 Jul 2020 12:41:24 +0200 Subject: [PATCH] [jwt] fix jwt middleware and add some tests --- halfapi/lib/acl_middleware.py | 4 +--- halfapi/lib/jwt_middleware.py | 10 +++++++++- tests/test_jwt_middleware.py | 24 +++++++++++++++++++++++- 3 files changed, 33 insertions(+), 5 deletions(-) diff --git a/halfapi/lib/acl_middleware.py b/halfapi/lib/acl_middleware.py index 6109622..2bd5b77 100644 --- a/halfapi/lib/acl_middleware.py +++ b/halfapi/lib/acl_middleware.py @@ -3,11 +3,11 @@ from starlette.requests import Request from starlette.exceptions import HTTPException from starlette.middleware.base import BaseHTTPMiddleware + class AclMiddleware(BaseHTTPMiddleware): def __init__(self, app, acl_module): super().__init__(app) self.acl_module = acl_module - async def dispatch(self, request: Request, call_next): """ Checks the "acls" key in the scope and applies the corresponding functions in the current module's acl lib. @@ -21,8 +21,6 @@ class AclMiddleware(BaseHTTPMiddleware): try: fct = getattr(self.acl_module, acl_fct_name) if fct(request) is True: - print(f'{fct} : {fct(request)}\n') - return await call_next(request) except AttributeError as e: diff --git a/halfapi/lib/jwt_middleware.py b/halfapi/lib/jwt_middleware.py index 434083f..104f9c7 100644 --- a/halfapi/lib/jwt_middleware.py +++ b/halfapi/lib/jwt_middleware.py @@ -43,13 +43,18 @@ class JWTUser(BaseUser): self.token = token self.payload = payload + def __str__(self): + if len(self.__id) > 0: + return self.__id + else: + return 'no id' @property def is_authenticated(self) -> bool: return True @property def id(self) -> str: - return self.id + return self.__id class JWTAuthenticationBackend(AuthenticationBackend): @@ -68,6 +73,9 @@ class JWTAuthenticationBackend(AuthenticationBackend): payload = jwt.decode(token, key=self.secret_key, algorithms=self.algorithm) except jwt.InvalidTokenError as e: raise AuthenticationError(str(e)) + except Exception as e: + print(e) + return AuthCredentials(["authenticated"]), JWTUser( id=payload['id'], token=token, payload=payload) diff --git a/tests/test_jwt_middleware.py b/tests/test_jwt_middleware.py index d234aeb..19485d1 100644 --- a/tests/test_jwt_middleware.py +++ b/tests/test_jwt_middleware.py @@ -1,7 +1,29 @@ import jwt -from ..halfapi.app import app +import requests +import pytest +import json +import sys +from hashlib import sha256 +from halfapi.app import app +from base64 import b64decode def coucou(): return def test_connected(): app.route('/', coucou) + +def test_token(): + # This test needs to have a running auth-lirmm on 127.0.0.1:3000 + + r = requests.post('http://127.0.0.1:3000/', + data={'email':'maizi', 'password':'a'}) + + assert len(r.text) > 0 + res = json.loads(r.text) + assert 'token' in res.keys() + sys.stderr.write(f'Token : {res["token"]}\n') + secret = open('/etc/half_orm/secret').readline() + sys.stderr.write(f'Secret : {secret}\n') + assert jwt.decode( + res['token'], + secret, algorithms=['HS256'])