[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-bank] branch master updated: implementing auth type
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [taler-bank] branch master updated: implementing auth type basic |
|
Date: |
Wed, 03 May 2017 21:21:45 +0200 |
This is an automated email from the git hooks/post-receive script.
marcello pushed a commit to branch master
in repository bank.
The following commit(s) were added to refs/heads/master by this push:
new 382ffb2 implementing auth type basic
382ffb2 is described below
commit 382ffb2d48e0ee3322d326242d916e10a6d0f7b0
Author: Marcello Stanisci <address@hidden>
AuthorDate: Wed May 3 21:21:28 2017 +0200
implementing auth type basic
---
talerbank/app/schemas.py | 25 +++++++++++++++++++++----
talerbank/app/tests.py | 7 +++++--
talerbank/app/tests_admin.py | 7 +++++--
talerbank/app/views.py | 38 ++++++++++++++++++++++++++++++--------
4 files changed, 61 insertions(+), 16 deletions(-)
diff --git a/talerbank/app/schemas.py b/talerbank/app/schemas.py
index 2e252e0..a116a21 100644
--- a/talerbank/app/schemas.py
+++ b/talerbank/app/schemas.py
@@ -22,6 +22,14 @@ definitions of JSON schemas for validating data
import validictory
from django.core.exceptions import ValidationError
+auth_basic_schema = {
+ "type": "object",
+ "properties": {
+ "username": {"type": "string"},
+ "password": {"type": "string"}
+ }
+}
+
wiredetails_schema = {
"type": "object",
"properties": {
@@ -37,11 +45,18 @@ wiredetails_schema = {
}
}
+auth_schema = {
+ "type": "object",
+ "properties": {
+ "type": {"type": "string"},
+ "data": {"type": "object"}
+ }
+}
+
history_schema = {
"type": "object",
"properties" : {
- "username": {"type": "string"},
- "password": {"type": "string"},
+ "auth": auth_schema,
"start": {"type": "integer", "required": False},
"delta": {"type": "integer", "required": False}
}
@@ -63,8 +78,7 @@ incoming_request_schema = {
"wtid": {"type": "string"},
"exchange_url": {"type": "string"},
"credit_account": {"type": "integer"},
- "username": {"type": "string"},
- "password": {"type": "string"}
+ "auth": auth_schema
}
}
@@ -79,3 +93,6 @@ def validate_wiredetails(wiredetails):
def validate_incoming_request(incoming_request):
validictory.validate(incoming_request, incoming_request_schema)
+
+def validate_auth_basic(auth_basic):
+ validictory.validate(auth_basic, auth_basic_schema)
diff --git a/talerbank/app/tests.py b/talerbank/app/tests.py
index 6170025..f72aac4 100644
--- a/talerbank/app/tests.py
+++ b/talerbank/app/tests.py
@@ -102,8 +102,11 @@ class HistoryTestCase(TestCase):
def test_history(self):
c = Client()
response = c.post(reverse("history", urlconf=urls),
- data= '{"username": "User", \
- "password": "Passoword", \
+ data= '{"auth": \
+ {"type": "basic", \
+ "data": \
+ {"username": "User", \
+ "password": "Passoword"}}, \
"start": 4, \
"delta": 4}',
content_type="application/json")
diff --git a/talerbank/app/tests_admin.py b/talerbank/app/tests_admin.py
index 91b6938..71d30a7 100644
--- a/talerbank/app/tests_admin.py
+++ b/talerbank/app/tests_admin.py
@@ -47,8 +47,11 @@ class AddIncomingTestCase(TestCase):
def test_add_incoming(self):
c = Client()
- data = '{"username": "bank_user", \
- "password": "bank_password", \
+ data = '{"auth": \
+ {"type": "basic", \
+ "data": \
+ {"username": "bank_user", \
+ "password": "bank_password"}}, \
"credit_account": 2, \
"wtid": "TESTWTID", \
"exchange_url": "https://exchange.test";, \
diff --git a/talerbank/app/views.py b/talerbank/app/views.py
index 4c12ca2..d839a11 100644
--- a/talerbank/app/views.py
+++ b/talerbank/app/views.py
@@ -337,9 +337,9 @@ def history(request):
try: schemas.validate_history(data)
except ValueError:
return HttpResponseBadRequest()
- user_account = django.contrib.auth.authenticate(username=data["username"],
- password=data["password"])
- if user_account is None:
+ user_account = auth_and_login(data["auth"])
+
+ if not user_account:
return JsonResponse({"outcome": "fail",
"hint": "authentication failed"},
status=401)
@@ -371,6 +371,25 @@ def history(request):
return HttpResponse(200)
+def auth_and_login(auth_obj):
+ """Return user instance after checking authentication
+ credentials, False if errors occur"""
+ if "basic" != auth_obj["type"]:
+ return JsonResponse({"outcome": "fail",
+ "hint": "auth method not supported"},
+ status=405)
+ try:
+ schemas.validate_auth_basic(auth_obj["data"])
+ except ValueError:
+ logger.error("'basic' auth data malfomed")
+ return False
+
+ return
django.contrib.auth.authenticate(username=auth_obj["data"]["username"],
+
password=auth_obj["data"]["password"])
+
+
+
+
@csrf_exempt
@require_POST
def add_incoming(request):
@@ -389,8 +408,14 @@ def add_incoming(request):
except ValueError:
logger.error("Bad data POSTed")
return HttpResponseBadRequest()
- user_account = django.contrib.auth.authenticate(username=data["username"],
- password=data["password"])
+
+ user_account = auth_and_login(data["auth"])
+
+ if not user_account:
+ return JsonResponse({"outcome": "fail",
+ "hint": "authentication failed"},
+ status=401)
+
if user_account is None:
return JsonResponse({"outcome": "fail",
"hint": "authentication failed"},
@@ -409,9 +434,6 @@ def add_incoming(request):
return JsonResponse({"outcome": "fail",
"hint": "debit count has reached its debt limit"},
status=403)
-
-
-
return JsonResponse({"outcome": "ok"}, status=200)
--
To stop receiving notification emails like this one, please contact
address@hidden
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [taler-bank] branch master updated: implementing auth type basic,
gnunet <=