kopia lustrzana https://dev.funkwhale.audio/funkwhale/funkwhale
73 wiersze
2.4 KiB
Python
73 wiersze
2.4 KiB
Python
import pytest
|
|
|
|
from rest_framework import exceptions
|
|
from rest_framework_jwt.settings import api_settings as jwt_settings
|
|
|
|
from funkwhale_api.common import authentication
|
|
|
|
|
|
@pytest.mark.parametrize(
|
|
"setting_value, is_superuser, has_verified_primary_email, expected",
|
|
[
|
|
("mandatory", False, False, True),
|
|
("mandatory", False, True, False),
|
|
("mandatory", True, False, False),
|
|
("mandatory", True, True, False),
|
|
("optional", False, False, False),
|
|
("optional", False, True, False),
|
|
("optional", True, False, False),
|
|
("optional", True, True, False),
|
|
],
|
|
)
|
|
def test_should_verify_email(
|
|
setting_value,
|
|
is_superuser,
|
|
has_verified_primary_email,
|
|
expected,
|
|
factories,
|
|
settings,
|
|
):
|
|
settings.ACCOUNT_EMAIL_VERIFICATION = setting_value
|
|
user = factories["users.User"](is_superuser=is_superuser)
|
|
setattr(user, "has_verified_primary_email", has_verified_primary_email)
|
|
assert authentication.should_verify_email(user) is expected
|
|
|
|
|
|
@pytest.mark.parametrize(
|
|
"setting_value, verified_email, expected",
|
|
[
|
|
("mandatory", False, True),
|
|
("optional", False, False),
|
|
("mandatory", True, False),
|
|
("optional", True, False),
|
|
],
|
|
)
|
|
def test_json_webtoken_auth_verify_email_validity(
|
|
setting_value, verified_email, expected, factories, settings, mocker, api_request
|
|
):
|
|
settings.ACCOUNT_EMAIL_VERIFICATION = setting_value
|
|
user = factories["users.User"](verified_email=verified_email)
|
|
should_verify = mocker.spy(authentication, "should_verify_email")
|
|
payload = jwt_settings.JWT_PAYLOAD_HANDLER(user)
|
|
token = jwt_settings.JWT_ENCODE_HANDLER(payload)
|
|
request = api_request.get("/", HTTP_AUTHORIZATION="JWT {}".format(token))
|
|
|
|
auth = authentication.JSONWebTokenAuthentication()
|
|
if expected is False:
|
|
assert auth.authenticate(request)[0] == user
|
|
else:
|
|
with pytest.raises(exceptions.AuthenticationFailed, match=r".*verify.*"):
|
|
auth.authenticate(request)
|
|
|
|
should_verify.assert_called_once_with(user)
|
|
|
|
|
|
def test_app_token_authentication(factories, api_request):
|
|
user = factories["users.User"]()
|
|
app = factories["users.Application"](user=user, scope="read write")
|
|
request = api_request.get("/", HTTP_AUTHORIZATION="Bearer {}".format(app.token))
|
|
|
|
auth = authentication.ApplicationTokenAuthentication()
|
|
assert auth.authenticate(request)[0] == app.user
|
|
assert request.scopes == ["read", "write"]
|