TG-35 : Ajout de l'API UserInfo + TU

backend/README.md

@@ -26,6 +26,9 @@ python-tk
 pdftk
 libmagickwand-dev
 ```
+```
+apt install python-dev python-pip libtiff5-dev libjpeg8-dev zlib1g-dev libfreetype6-dev liblcms2-dev libwebp-dev tcl8.6-dev tk8.6-dev python-tk pdftk libmagickwand-dev
+```
 
 ## Python
 

backend/app/api/UserInfoAPI.py

@@ -0,0 +1,12 @@
+from flask import session
+from flask_restful import Resource
+
+
+class UserInfoAPI(Resource):
+    """
+        UserInfo Api Resource
+    """
+
+    def get(self):
+        user = session["user"]
+        return {'USER': user}, 200

backend/app/api/loginAPI.py

@@ -16,6 +16,9 @@ class LoginAPI(Resource):
         parser.add_argument('password', required=True, help="Password cannot be blank!")
         args = parser.parse_args()
 
+        if "user" in session and session["user"] is not None:
+            return {'AUTH_RESULT': 'ALREADY_LOGGED'}, 201
+
         userInfo = self.getUserInfoFromCAS(args['login'], args['password'])
 
         if userInfo is not None:
@@ -24,8 +27,10 @@ class LoginAPI(Resource):
                 session['user'] = user
                 return {'AUTH_RESULT': 'OK'}, 200
             else:
+                session['user'] = None
                 return {'AUTH_RESULT': 'NOT_ALLOWED'}, 403
         else:
+            session['user'] = None
             return {'AUTH_RESULT': 'AUTHENTICATION_FAILED'}, 401
 
     def delete(self):

backend/app/urls.py

@@ -1,3 +1,4 @@
+from app.api.UserInfoAPI import UserInfoAPI
 from app.api.exampleapi import SomeApi
 from app.api.loginAPI import LoginAPI
 from app.core import api
@@ -5,3 +6,4 @@ from app.core import api
 # Some Api resource
 api.add_resource(SomeApi, '/api/someapi', '/api/someapi/<int:id>')
 api.add_resource(LoginAPI, '/api/login', '/api/login')
+api.add_resource(UserInfoAPI, '/api/userInfo', '/api/userInfo')

backend/tests/api/test_Auth.py

@@ -50,6 +50,9 @@ class AuthTestCase(unittest.TestCase):
                                  )
                              ), content_type='application/json')
 
+    def getUserInfo(self):
+        return self.app.get('/api/userInfo')
+
     def logout(self):
         return self.app.delete('/api/login')
 
@@ -57,12 +60,24 @@ class AuthTestCase(unittest.TestCase):
         rv = self.login('admin', 'admin')
         self.assertEqual(rv.status_code, 200, 'Login as admin Failed')
 
+        rv = self.login('admin', 'admin')
+        self.assertEqual(rv.status_code, 201, 'Login as admin succeed but should have already been done')
+
+        rv = self.getUserInfo()
+        self.assertEqual(rv.status_code, 200, 'Getting user info failed')
+        self.assertEqual({"id": getUser(login="admin")["id"], "login": "admin", "email": "admin@admin.com", "role": 4,
+                          "phone": "00.00.00.00.00"}, json.loads(rv.data)['USER'], 'Invalid user info')
+
         rv = self.logout()
         self.assertEqual(rv.status_code, 200, 'Logout Failed')
 
         rv = self.login('adminx', 'admin')
         self.assertEqual(rv.status_code, 401, 'Authentication from CAS has not failed for the invalid user xadmin !')
 
+        rv = self.getUserInfo()
+        self.assertEqual(rv.status_code, 200, 'Getting user info failed')
+        self.assertIsNone(json.loads(rv.data)['USER'], 'User info should be None')
+
         rv = self.login('admin', 'adminx')
         self.assertEqual(rv.status_code, 401,
                          'Authentication from CAS has not failed for the invalid password xadmin !')