aurweb

external/aurweb

Fork 0

mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00

Commit graph

Author	SHA1	Message	Date
Kevin Morris	38dc2bb99d	Sanitize and modernize pytests Some of these tests were written before some of our convenient tooling existed. Additionally, some of the tests were not cooperating with PEP-8 guidelines or isorted. This commit does the following: - Replaces all calls to make_(user\|session) with aurweb.db.create(Model, ...). - Replace calls to session.add(...) + session.commit() with aurweb.db.create. - Removes the majority of calls to (session\|aurweb.db).delete(...). - Replaces session.query calls with aurweb.db.query. - Initializes all mutable globals in pytest fixture setup(). - Makes mutable global declarations more concise: `var1, var2 = None, None` -> `var1 = var2 = None` - Defines a warning exclusion for test/test_ssh_pub_key.py. - Removes the aurweb.testing.models module. - Removes some useless pytest.fixture yielding. As of this commit, developers should use the following guidelines when writing tests: - Always use aurweb.db.(create\|delete\|query) for database operations, where possible. - Always define mutable globals in the style: `var1 = var2 = None`. - `yield` the most dependent model in pytest setup fixture iff you must delete records after test runs to maintain database integrity. Example: test/test_account_type.py. This all makes the test code look and behave much cleaner. Previously, aurweb.testing.setup_test_db was buggy and leaving objects around in SQLAlchemy's IdentityMap. Signed-off-by: Kevin Morris <kevr@0cost.org>	2021-06-05 20:11:17 -07:00
Kevin Morris	07d5907ecd	aurweb.auth: add user credentials and matcher functions This clones the behavior already present in the PHP implementation, but it uses a global dict with credential constant keys to validation functions to determine if a given user has a credential. Signed-off-by: Kevin Morris <kevr@0cost.org>	2021-06-05 20:11:17 -07:00
Kevin Morris	56f2798279	add aurweb.auth and authentication to User + Added aurweb.auth.AnonymousUser * An instance of this model is returned as the request user when the request is not authenticated + Added aurweb.auth.BasicAuthBackend + Add starlette's AuthenticationMiddleware to app middleware, which uses our BasicAuthBackend facility + Added User.is_authenticated() + Added User.authenticate(password) + Added User.login(request, password) + Added User.logout(request) + Added repr(User(...)) representation + Added aurweb.auth.auth_required decorator. This change uses the same AURSID logic in the PHP implementation. Additionally, introduce a few helpers for authentication, one of which being `User.update_password(password, rounds = 12)` where `rounds` is a configurable number of salt rounds. Signed-off-by: Kevin Morris <kevr@0cost.org>	2021-06-05 20:11:17 -07:00

Author

SHA1

Message

Date

Kevin Morris

38dc2bb99d

Sanitize and modernize pytests

Some of these tests were written before some of our convenient
tooling existed. Additionally, some of the tests were not
cooperating with PEP-8 guidelines or isorted.

This commit does the following:
    - Replaces all calls to make_(user|session) with
      aurweb.db.create(Model, ...).
    - Replace calls to session.add(...) + session.commit() with
      aurweb.db.create.
    - Removes the majority of calls to (session|aurweb.db).delete(...).
    - Replaces session.query calls with aurweb.db.query.
    - Initializes all mutable globals in pytest fixture setup().
    - Makes mutable global declarations more concise:
      `var1, var2 = None, None` -> `var1 = var2 = None`
    - Defines a warning exclusion for test/test_ssh_pub_key.py.
    - Removes the aurweb.testing.models module.
    - Removes some useless pytest.fixture yielding.

As of this commit, developers should use the following guidelines
when writing tests:
    - Always use aurweb.db.(create|delete|query) for database
      operations, where possible.
    - Always define mutable globals in the style: `var1 = var2 = None`.
    - `yield` the most dependent model in pytest setup fixture **iff**
      you must delete records after test runs to maintain database
      integrity. Example: test/test_account_type.py.

This all makes the test code look and behave much cleaner.
Previously, aurweb.testing.setup_test_db was buggy and leaving
objects around in SQLAlchemy's IdentityMap.

Signed-off-by: Kevin Morris <kevr@0cost.org>

2021-06-05 20:11:17 -07:00

Kevin Morris

07d5907ecd

aurweb.auth: add user credentials and matcher functions

This clones the behavior already present in the PHP implementation,
but it uses a global dict with credential constant keys to
validation functions to determine if a given user has a credential.

Signed-off-by: Kevin Morris <kevr@0cost.org>

2021-06-05 20:11:17 -07:00

Kevin Morris

56f2798279

add aurweb.auth and authentication to User

+ Added aurweb.auth.AnonymousUser
    * An instance of this model is returned as the request user
      when the request is not authenticated
+ Added aurweb.auth.BasicAuthBackend
+ Add starlette's AuthenticationMiddleware to app middleware,
  which uses our BasicAuthBackend facility
+ Added User.is_authenticated()
+ Added User.authenticate(password)
+ Added User.login(request, password)
+ Added User.logout(request)
+ Added repr(User(...)) representation
+ Added aurweb.auth.auth_required decorator.

This change uses the same AURSID logic in the PHP implementation.

Additionally, introduce a few helpers for authentication,
one of which being `User.update_password(password, rounds = 12)`
where `rounds` is a configurable number of salt rounds.

Signed-off-by: Kevin Morris <kevr@0cost.org>

2021-06-05 20:11:17 -07:00

3 commits