QRouland/M2OLA
Archived
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

TG-35 : Ajout de l'API UserInfo + TU

Browse Source
This commit is contained in:
Clément ARNAUDEAU 2017-01-26 17:16:23 +01:00
parent faebce28a2
commit c7ed6d7f02
5 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
backend/README.md
View File

@ -26,6 +26,9 @@ python-tk
pdftk
libmagickwand-dev
```
```
apt install python-dev python-pip libtiff5-dev libjpeg8-dev zlib1g-dev libfreetype6-dev liblcms2-dev libwebp-dev tcl8.6-dev tk8.6-dev python-tk pdftk libmagickwand-dev
```
## Python

12
backend/app/api/UserInfoAPI.py Normal file
View File

@ -0,0 +1,12 @@
from flask import session
from flask_restful import Resource
class UserInfoAPI(Resource):
"""
UserInfo Api Resource
"""
def get(self):
user = session["user"]
return {'USER': user}, 200

5
backend/app/api/loginAPI.py
View File

@ -16,6 +16,9 @@ class LoginAPI(Resource):
parser.add_argument('password', required=True, help="Password cannot be blank!")
args = parser.parse_args()
if "user" in session and session["user"] is not None:
return {'AUTH_RESULT': 'ALREADY_LOGGED'}, 201
userInfo = self.getUserInfoFromCAS(args['login'], args['password'])
if userInfo is not None:
@ -24,8 +27,10 @@ class LoginAPI(Resource):
session['user'] = user
return {'AUTH_RESULT': 'OK'}, 200
else:
session['user'] = None
return {'AUTH_RESULT': 'NOT_ALLOWED'}, 403
else:
session['user'] = None
return {'AUTH_RESULT': 'AUTHENTICATION_FAILED'}, 401
def delete(self):

2
backend/app/urls.py
View File

@ -1,3 +1,4 @@
from app.api.UserInfoAPI import UserInfoAPI
from app.api.exampleapi import SomeApi
from app.api.loginAPI import LoginAPI
from app.core import api
@ -5,3 +6,4 @@ from app.core import api
# Some Api resource
api.add_resource(SomeApi, '/api/someapi', '/api/someapi/<int:id>')
api.add_resource(LoginAPI, '/api/login', '/api/login')
api.add_resource(UserInfoAPI, '/api/userInfo', '/api/userInfo')

15
backend/tests/api/test_loginAPI.py → backend/tests/api/test_Auth.py
View File

@ -50,6 +50,9 @@ class AuthTestCase(unittest.TestCase):
)
), content_type='application/json')
def getUserInfo(self):
return self.app.get('/api/userInfo')
def logout(self):
return self.app.delete('/api/login')
@ -57,12 +60,24 @@ class AuthTestCase(unittest.TestCase):
rv = self.login('admin', 'admin')
self.assertEqual(rv.status_code, 200, 'Login as admin Failed')
rv = self.login('admin', 'admin')
self.assertEqual(rv.status_code, 201, 'Login as admin succeed but should have already been done')
rv = self.getUserInfo()
self.assertEqual(rv.status_code, 200, 'Getting user info failed')
self.assertEqual({"id": getUser(login="admin")["id"], "login": "admin", "email": "admin@admin.com", "role": 4,
"phone": "00.00.00.00.00"}, json.loads(rv.data)['USER'], 'Invalid user info')
rv = self.logout()
self.assertEqual(rv.status_code, 200, 'Logout Failed')
rv = self.login('adminx', 'admin')
self.assertEqual(rv.status_code, 401, 'Authentication from CAS has not failed for the invalid user xadmin !')
rv = self.getUserInfo()
self.assertEqual(rv.status_code, 200, 'Getting user info failed')
self.assertIsNone(json.loads(rv.data)['USER'], 'User info should be None')
rv = self.login('admin', 'adminx')
self.assertEqual(rv.status_code, 401,
'Authentication from CAS has not failed for the invalid password xadmin !')