[auth] fix bug when "debug flag" = False in token
This commit is contained in:
Maxime Alves LIRMM@home
parent
51722b73f8
commit
1b40b95d19
|
|
@ -46,7 +46,7 @@ try:
|
||||||
except ImportError:
|
except ImportError:
|
||||||
logger.warning('Could not import PRODUCTION variable from conf module,'\
|
logger.warning('Could not import PRODUCTION variable from conf module,'\
|
||||||
' using HALFAPI_PROD environment variable')
|
' using HALFAPI_PROD environment variable')
|
||||||
PRODUCTION = environ.get('HALFAPI_PROD') or False
|
PRODUCTION = bool(environ.get('HALFAPI_PROD', False))
|
||||||
|
|
||||||
try:
|
try:
|
||||||
from ..conf import SECRET
|
from ..conf import SECRET
|
||||||
|
|
@ -106,7 +106,7 @@ class JWTAuthenticationBackend(AuthenticationBackend):
|
||||||
algorithms=self.algorithm,
|
algorithms=self.algorithm,
|
||||||
verify=True)
|
verify=True)
|
||||||
|
|
||||||
if PRODUCTION and 'debug' in payload.keys():
|
if PRODUCTION and 'debug' in payload.keys() and payload['debug']:
|
||||||
raise AuthenticationError(
|
raise AuthenticationError(
|
||||||
'Trying to connect using *DEBUG* token in *PRODUCTION* mode')
|
'Trying to connect using *DEBUG* token in *PRODUCTION* mode')
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -58,6 +58,27 @@ def token_builder():
|
||||||
key=SECRET
|
key=SECRET
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@pytest.fixture
|
||||||
|
def token_debug_false_builder():
|
||||||
|
yield jwt.encode({
|
||||||
|
'name':'xxx',
|
||||||
|
'id': str(uuid4()),
|
||||||
|
'debug': False},
|
||||||
|
key=SECRET
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.fixture
|
||||||
|
def token_debug_true_builder():
|
||||||
|
yield jwt.encode({
|
||||||
|
'name':'xxx',
|
||||||
|
'id': str(uuid4()),
|
||||||
|
'debug': True},
|
||||||
|
key=SECRET
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture
|
@pytest.fixture
|
||||||
def token_dirser():
|
def token_dirser():
|
||||||
|
|
@ -142,3 +163,34 @@ async def test_JWTAuthenticationBackend(token_builder):
|
||||||
credentials, user = await backend.authenticate(req)
|
credentials, user = await backend.authenticate(req)
|
||||||
assert type(user) == JWTUser
|
assert type(user) == JWTUser
|
||||||
assert type(credentials) == AuthCredentials
|
assert type(credentials) == AuthCredentials
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.asyncio
|
||||||
|
async def test_JWTAuthenticationBackend_DebugFalse(token_debug_false_builder):
|
||||||
|
backend = JWTAuthenticationBackend()
|
||||||
|
assert backend.secret_key == SECRET
|
||||||
|
|
||||||
|
req = Request(
|
||||||
|
headers={
|
||||||
|
'Authorization': token_debug_false_builder
|
||||||
|
})
|
||||||
|
|
||||||
|
credentials, user = await backend.authenticate(req)
|
||||||
|
assert type(user) == JWTUser
|
||||||
|
assert type(credentials) == AuthCredentials
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.asyncio
|
||||||
|
async def test_JWTAuthenticationBackend_DebugTrue(token_debug_true_builder):
|
||||||
|
backend = JWTAuthenticationBackend()
|
||||||
|
assert backend.secret_key == SECRET
|
||||||
|
|
||||||
|
req = Request(
|
||||||
|
headers={
|
||||||
|
'Authorization': token_debug_true_builder
|
||||||
|
})
|
||||||
|
|
||||||
|
try:
|
||||||
|
await backend.authenticate(req)
|
||||||
|
except Exception as e:
|
||||||
|
assert type(e) == AuthenticationError
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue