masq
/
halfapi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[jwt] fix jwt middleware and add some tests

This commit is contained in:
Maxime Alves LIRMM 2020-07-08 12:41:24 +02:00 committed by Maxime Alves LIRMM@home
parent 7b134f2dfb
commit 15cd059705
3 changed files with 33 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
halfapi/lib/acl_middleware.py
View File

@ -3,11 +3,11 @@ from starlette.requests import Request
from starlette.exceptions import HTTPException from starlette.exceptions import HTTPException
from starlette.middleware.base import BaseHTTPMiddleware from starlette.middleware.base import BaseHTTPMiddleware
class AclMiddleware(BaseHTTPMiddleware): class AclMiddleware(BaseHTTPMiddleware):
def __init__(self, app, acl_module): def __init__(self, app, acl_module):
super().__init__(app) super().__init__(app)
self.acl_module = acl_module self.acl_module = acl_module
async def dispatch(self, request: Request, call_next): async def dispatch(self, request: Request, call_next):
""" Checks the "acls" key in the scope and applies the """ Checks the "acls" key in the scope and applies the
corresponding functions in the current module's acl lib. corresponding functions in the current module's acl lib.
@ -21,8 +21,6 @@ class AclMiddleware(BaseHTTPMiddleware):
try: try:
fct = getattr(self.acl_module, acl_fct_name) fct = getattr(self.acl_module, acl_fct_name)
if fct(request) is True: if fct(request) is True:
print(f'{fct} : {fct(request)}\n')
return await call_next(request) return await call_next(request)
except AttributeError as e: except AttributeError as e:

10
halfapi/lib/jwt_middleware.py
View File

@ -43,13 +43,18 @@ class JWTUser(BaseUser):
self.token = token self.token = token
self.payload = payload self.payload = payload
def __str__(self):
if len(self.__id) > 0:
return self.__id
else:
return 'no id'
@property @property
def is_authenticated(self) -> bool: def is_authenticated(self) -> bool:
return True return True
@property @property
def id(self) -> str: def id(self) -> str:
return self.id return self.__id
class JWTAuthenticationBackend(AuthenticationBackend): class JWTAuthenticationBackend(AuthenticationBackend):
@ -68,6 +73,9 @@ class JWTAuthenticationBackend(AuthenticationBackend):
payload = jwt.decode(token, key=self.secret_key, algorithms=self.algorithm) payload = jwt.decode(token, key=self.secret_key, algorithms=self.algorithm)
except jwt.InvalidTokenError as e: except jwt.InvalidTokenError as e:
raise AuthenticationError(str(e)) raise AuthenticationError(str(e))
except Exception as e:
print(e)
return AuthCredentials(["authenticated"]), JWTUser( return AuthCredentials(["authenticated"]), JWTUser(
id=payload['id'], token=token, payload=payload) id=payload['id'], token=token, payload=payload)

24
tests/test_jwt_middleware.py
View File

@ -1,7 +1,29 @@
import jwt import jwt
from ..halfapi.app import app import requests
import pytest
import json
import sys
from hashlib import sha256
from halfapi.app import app
from base64 import b64decode
def coucou(): def coucou():
return return
def test_connected(): def test_connected():
app.route('/', coucou) app.route('/', coucou)
def test_token():
# This test needs to have a running auth-lirmm on 127.0.0.1:3000
r = requests.post('http://127.0.0.1:3000/',
data={'email':'maizi', 'password':'a'})
assert len(r.text) > 0
res = json.loads(r.text)
assert 'token' in res.keys()
sys.stderr.write(f'Token : {res["token"]}\n')
secret = open('/etc/half_orm/secret').readline()
sys.stderr.write(f'Secret : {secret}\n')
assert jwt.decode(
res['token'],
secret, algorithms=['HS256'])