[auth] fix bug when "debug flag" = False in token
This commit is contained in:
parent
51722b73f8
commit
1b40b95d19
|
@ -46,7 +46,7 @@ try:
|
|||
except ImportError:
|
||||
logger.warning('Could not import PRODUCTION variable from conf module,'\
|
||||
' using HALFAPI_PROD environment variable')
|
||||
PRODUCTION = environ.get('HALFAPI_PROD') or False
|
||||
PRODUCTION = bool(environ.get('HALFAPI_PROD', False))
|
||||
|
||||
try:
|
||||
from ..conf import SECRET
|
||||
|
@ -106,7 +106,7 @@ class JWTAuthenticationBackend(AuthenticationBackend):
|
|||
algorithms=self.algorithm,
|
||||
verify=True)
|
||||
|
||||
if PRODUCTION and 'debug' in payload.keys():
|
||||
if PRODUCTION and 'debug' in payload.keys() and payload['debug']:
|
||||
raise AuthenticationError(
|
||||
'Trying to connect using *DEBUG* token in *PRODUCTION* mode')
|
||||
|
||||
|
|
|
@ -58,6 +58,27 @@ def token_builder():
|
|||
key=SECRET
|
||||
)
|
||||
|
||||
@pytest.fixture
|
||||
def token_debug_false_builder():
|
||||
yield jwt.encode({
|
||||
'name':'xxx',
|
||||
'id': str(uuid4()),
|
||||
'debug': False},
|
||||
key=SECRET
|
||||
)
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def token_debug_true_builder():
|
||||
yield jwt.encode({
|
||||
'name':'xxx',
|
||||
'id': str(uuid4()),
|
||||
'debug': True},
|
||||
key=SECRET
|
||||
)
|
||||
|
||||
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def token_dirser():
|
||||
|
@ -142,3 +163,34 @@ async def test_JWTAuthenticationBackend(token_builder):
|
|||
credentials, user = await backend.authenticate(req)
|
||||
assert type(user) == JWTUser
|
||||
assert type(credentials) == AuthCredentials
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_JWTAuthenticationBackend_DebugFalse(token_debug_false_builder):
|
||||
backend = JWTAuthenticationBackend()
|
||||
assert backend.secret_key == SECRET
|
||||
|
||||
req = Request(
|
||||
headers={
|
||||
'Authorization': token_debug_false_builder
|
||||
})
|
||||
|
||||
credentials, user = await backend.authenticate(req)
|
||||
assert type(user) == JWTUser
|
||||
assert type(credentials) == AuthCredentials
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
async def test_JWTAuthenticationBackend_DebugTrue(token_debug_true_builder):
|
||||
backend = JWTAuthenticationBackend()
|
||||
assert backend.secret_key == SECRET
|
||||
|
||||
req = Request(
|
||||
headers={
|
||||
'Authorization': token_debug_true_builder
|
||||
})
|
||||
|
||||
try:
|
||||
await backend.authenticate(req)
|
||||
except Exception as e:
|
||||
assert type(e) == AuthenticationError
|
||||
|
|
Loading…
Reference in New Issue