ramon
/
skillbox
1
0
Fork 0
Code Issues 1 Pull Requests 1 Packages Projects 1 Releases 1 Wiki Activity

Use token

This commit is contained in:
Christian Cueni 2020-01-30 06:47:38 +01:00
parent dbc4f6f2ee
commit a2f634a677
2 changed files with 15 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
server/users/mutations_public.py
View File

@ -34,9 +34,9 @@ class Login(relay.ClientIDMutation):
def mutate_and_get_payload(cls, root, info, **kwargs): def mutate_and_get_payload(cls, root, info, **kwargs):
username = kwargs.get('username_input') username = kwargs.get('username_input')
password = kwargs.get('password_input')
if settings.USE_LOCAL_REGISTRATION: if settings.USE_LOCAL_REGISTRATION:
password = kwargs.get('password_input')
user = authenticate(username=username, password=password) user = authenticate(username=username, password=password)
if user is None: if user is None:
return cls.return_login_error('invalid_credentials') return cls.return_login_error('invalid_credentials')
@ -44,8 +44,10 @@ class Login(relay.ClientIDMutation):
else: else:
hep_client = HepClient() hep_client = HepClient()
token = kwargs.get('token')
try: try:
token = hep_client.customer_token(username, password) hep_client.customer_me(token)
except HepClientUnauthorizedException: except HepClientUnauthorizedException:
return cls.return_login_error('invalid_credentials') return cls.return_login_error('invalid_credentials')
except HepClientException: except HepClientException:
@ -56,8 +58,9 @@ class Login(relay.ClientIDMutation):
except User.DoesNotExist: except User.DoesNotExist:
user = User.objects.create_user_from_hep(token) user = User.objects.create_user_from_hep(token)
#is this needed?
magento_token, created = MagentoToken.objects.get_or_create(user=user) magento_token, created = MagentoToken.objects.get_or_create(user=user)
magento_token.token = token['token'] magento_token.token = token
magento_token.save() magento_token.save()
try: try:

38
server/users/tests/test_login.py
View File

@ -25,7 +25,7 @@ from registration.factories import LicenseFactory
from registration.models import License from registration.models import License
from users.models import Role, MagentoToken, User, SchoolClass from users.models import Role, MagentoToken, User, SchoolClass
FAKE_TOKEN = 'abcd12345!' TOKEN = 'abcd12345!'
## Setup json data ## Setup json data
@ -102,8 +102,8 @@ class PasswordResetTests(TestCase):
} }
}) })
@patch.object(HepClient, 'customer_token', return_value={'token': FAKE_TOKEN}) @patch.object(HepClient, 'customer_me', return_value=ME_DATA)
def test_user_can_login_with_local_user_and_valid_local_license(self, token_mock): def test_user_can_login_with_local_user_and_valid_local_license(self, me_mock):
now = timezone.now() now = timezone.now()
expiry_date = now + timedelta(365) expiry_date = now + timedelta(365)
@ -111,21 +111,15 @@ class PasswordResetTests(TestCase):
result = self.make_login_mutation(self.user.email, 'test123') result = self.make_login_mutation(self.user.email, 'test123')
token = MagentoToken.objects.get(user=self.user)
self.assertEqual(token.token, FAKE_TOKEN)
self.assertTrue(result.get('data').get('login').get('success')) self.assertTrue(result.get('data').get('login').get('success'))
self.assertTrue(self.user.is_authenticated) self.assertTrue(self.user.is_authenticated)
@patch.object(HepClient, 'customer_token', return_value={'token': FAKE_TOKEN})
@patch.object(HepClient, '_customer_orders', return_value=VALID_TEACHERS_ORDERS) @patch.object(HepClient, '_customer_orders', return_value=VALID_TEACHERS_ORDERS)
@patch.object(HepClient, 'customer_me', return_value=ME_DATA) @patch.object(HepClient, 'customer_me', return_value=ME_DATA)
def test_teacher_can_login_with_local_user_and_remote_license(self, order_mock, token_mock, me_token): def test_teacher_can_login_with_local_user_and_remote_license(self, order_mock, me_token):
result = self.make_login_mutation(ME_DATA['email'], 'test123') result = self.make_login_mutation(ME_DATA['email'], 'test123')
user = User.objects.get(email=ME_DATA['email']) user = User.objects.get(email=ME_DATA['email'])
token = MagentoToken.objects.get(user=user)
self.assertEqual(token.token, FAKE_TOKEN)
user_role_key = user.user_roles.get(user=user).role.key user_role_key = user.user_roles.get(user=user).role.key
self.assertEqual(user_role_key, Role.objects.TEACHER_KEY) self.assertEqual(user_role_key, Role.objects.TEACHER_KEY)
@ -139,15 +133,12 @@ class PasswordResetTests(TestCase):
self.assertTrue(result.get('data').get('login').get('success')) self.assertTrue(result.get('data').get('login').get('success'))
self.assertTrue(self.user.is_authenticated) self.assertTrue(self.user.is_authenticated)
@patch.object(HepClient, 'customer_token', return_value={'token': FAKE_TOKEN})
@patch.object(HepClient, '_customer_orders', return_value=VALID_STUDENT_ORDERS) @patch.object(HepClient, '_customer_orders', return_value=VALID_STUDENT_ORDERS)
@patch.object(HepClient, 'customer_me', return_value=ME_DATA) @patch.object(HepClient, 'customer_me', return_value=ME_DATA)
def test_student_can_login_with_local_user_and_remote_license(self, order_mock, token_mock, me_token): def test_student_can_login_with_local_user_and_remote_license(self, order_mock, me_token):
result = self.make_login_mutation(ME_DATA['email'], 'test123') result = self.make_login_mutation(ME_DATA['email'], 'test123')
user = User.objects.get(email=ME_DATA['email']) user = User.objects.get(email=ME_DATA['email'])
token = MagentoToken.objects.get(user=user)
self.assertEqual(token.token, FAKE_TOKEN)
user_role_key = user.user_roles.get(user=user).role.key user_role_key = user.user_roles.get(user=user).role.key
self.assertEqual(user_role_key, Role.objects.STUDENT_KEY) self.assertEqual(user_role_key, Role.objects.STUDENT_KEY)
@ -165,47 +156,36 @@ class PasswordResetTests(TestCase):
self.assertFalse(result.get('data').get('login').get('success')) self.assertFalse(result.get('data').get('login').get('success'))
self.assertEqual(result.get('data').get('login').get('errors')[0].get('field'), 'invalid_credentials') self.assertEqual(result.get('data').get('login').get('errors')[0].get('field'), 'invalid_credentials')
@patch.object(HepClient, 'customer_token', return_value={'token': FAKE_TOKEN})
@patch.object(HepClient, 'is_email_verified', return_value=False) @patch.object(HepClient, 'is_email_verified', return_value=False)
@patch.object(HepClient, 'customer_me', return_value=ME_DATA) @patch.object(HepClient, 'customer_me', return_value=ME_DATA)
def test_user_with_unconfirmed_email_cannot_login(self, me_mock, post_mock, token_mock): def test_user_with_unconfirmed_email_cannot_login(self, me_mock, post_mock):
result = self.make_login_mutation(ME_DATA['email'], 'test123') result = self.make_login_mutation(ME_DATA['email'], 'test123')
user = User.objects.get(email=ME_DATA['email']) user = User.objects.get(email=ME_DATA['email'])
token = MagentoToken.objects.get(user=user)
self.assertEqual(token.token, FAKE_TOKEN)
self.assertFalse(result.get('data').get('login').get('success')) self.assertFalse(result.get('data').get('login').get('success'))
self.assertEqual(result.get('data').get('login').get('errors')[0].get('field'), 'email_not_verified') self.assertEqual(result.get('data').get('login').get('errors')[0].get('field'), 'email_not_verified')
@patch.object(HepClient, 'customer_token', return_value={'token': FAKE_TOKEN})
@patch.object(HepClient, 'myskillbox_product_for_customer', return_value=None) @patch.object(HepClient, 'myskillbox_product_for_customer', return_value=None)
@patch.object(HepClient, 'customer_me', return_value=ME_DATA) @patch.object(HepClient, 'customer_me', return_value=ME_DATA)
def test_user_cannot_login_without_license(self, me_mock, product_mock, token_mock): def test_user_cannot_login_without_license(self, me_mock, product_mock):
result = self.make_login_mutation(self.user.email, 'test123') result = self.make_login_mutation(self.user.email, 'test123')
token = MagentoToken.objects.get(user=self.user)
self.assertEqual(token.token, FAKE_TOKEN)
self.assertFalse(result.get('data').get('login').get('success')) self.assertFalse(result.get('data').get('login').get('success'))
self.assertEqual(result.get('data').get('login').get('errors')[0].get('field'), 'no_valid_license') self.assertEqual(result.get('data').get('login').get('errors')[0].get('field'), 'no_valid_license')
@patch.object(HepClient, 'customer_token', return_value={'token': FAKE_TOKEN})
@patch.object(HepClient, 'customer_me', return_value=ME_DATA) @patch.object(HepClient, 'customer_me', return_value=ME_DATA)
def test_user_cannot_login_local_license_invalid(self, me_mock, token_mock): def test_user_cannot_login_local_license_invalid(self, me_mock):
now = timezone.now() now = timezone.now()
expiry_date = now - timedelta(1) expiry_date = now - timedelta(1)
LicenseFactory(expire_date=expiry_date, licensee=self.user, for_role=self.teacher_role).save() LicenseFactory(expire_date=expiry_date, licensee=self.user, for_role=self.teacher_role).save()
result = self.make_login_mutation(self.user.email, 'test123') result = self.make_login_mutation(self.user.email, 'test123')
token = MagentoToken.objects.get(user=self.user)
self.assertEqual(token.token, FAKE_TOKEN)
self.assertFalse(result.get('data').get('login').get('success')) self.assertFalse(result.get('data').get('login').get('success'))
self.assertEqual(result.get('data').get('login').get('errors')[0].get('field'), 'no_valid_license') self.assertEqual(result.get('data').get('login').get('errors')[0].get('field'), 'no_valid_license')
@patch.object(requests, 'post', return_value=MockResponse(500)) @patch.object(requests, 'get', return_value=MockResponse(500))
def test_user_gets_notified_if_server_error(self, post_mock): def test_user_gets_notified_if_server_error(self, post_mock):
result = self.make_login_mutation(ME_DATA['email'], 'test123') result = self.make_login_mutation(ME_DATA['email'], 'test123')