Auth support (#25)

* initial auth implementation * add create user parser * add tests * update dependencies list * add login annd logout to index also improve auth * realworld fixes * add method set_option to Configuration and also use it everywhere * split CreateUser handler to additional read method * check user duplicate on auth mapping read * generate salt by using passlib instead of random.choice * case-insensetive usernames * update dependencies * update configuration reference * improve tests * fix codefactor errors * hide fields if authorization is enabled, but no auth supplied * add settings object for auth provider * readme update
2026-04-08 19:23:38 +00:00 · 2021-09-02 23:36:00 +03:00
parent 60b94b9ac0
commit b7cff0a19d
63 changed files with 2200 additions and 184 deletions
--- a/tests/ahriman/core/auth/test_helpers.py
+++ b/tests/ahriman/core/auth/test_helpers.py
@@ -0,0 +1,102 @@
+import importlib
+import sys
+
+import ahriman.core.auth.helpers as helpers
+
+from pytest_mock import MockerFixture
+
+
+def test_import_aiohttp_security() -> None:
+    """
+    must import aiohttp_security correctly
+    """
+    assert helpers._has_aiohttp_security
+
+
+def test_import_aiohttp_security_missing(mocker: MockerFixture) -> None:
+    """
+    must set missing flag if no aiohttp_security module found
+    """
+    mocker.patch.dict(sys.modules, {"aiohttp_security": None})
+    importlib.reload(helpers)
+    assert not helpers._has_aiohttp_security
+
+
+async def test_authorized_userid_dummy(mocker: MockerFixture) -> None:
+    """
+    must not call authorized_userid from library if not enabled
+    """
+    mocker.patch.object(helpers, "_has_aiohttp_security", False)
+    authorized_userid_mock = mocker.patch("aiohttp_security.authorized_userid")
+    await helpers.authorized_userid()
+    authorized_userid_mock.assert_not_called()
+
+
+async def test_authorized_userid_library(mocker: MockerFixture) -> None:
+    """
+    must call authorized_userid from library if enabled
+    """
+    mocker.patch.object(helpers, "_has_aiohttp_security", True)
+    authorized_userid_mock = mocker.patch("aiohttp_security.authorized_userid")
+    await helpers.authorized_userid()
+    authorized_userid_mock.assert_called_once()
+
+
+async def test_check_authorized_dummy(mocker: MockerFixture) -> None:
+    """
+    must not call check_authorized from library if not enabled
+    """
+    mocker.patch.object(helpers, "_has_aiohttp_security", False)
+    check_authorized_mock = mocker.patch("aiohttp_security.check_authorized")
+    await helpers.check_authorized()
+    check_authorized_mock.assert_not_called()
+
+
+async def test_check_authorized_library(mocker: MockerFixture) -> None:
+    """
+    must call check_authorized from library if enabled
+    """
+    mocker.patch.object(helpers, "_has_aiohttp_security", True)
+    check_authorized_mock = mocker.patch("aiohttp_security.check_authorized")
+    await helpers.check_authorized()
+    check_authorized_mock.assert_called_once()
+
+
+async def test_forget_dummy(mocker: MockerFixture) -> None:
+    """
+    must not call forget from library if not enabled
+    """
+    mocker.patch.object(helpers, "_has_aiohttp_security", False)
+    forget_mock = mocker.patch("aiohttp_security.forget")
+    await helpers.forget()
+    forget_mock.assert_not_called()
+
+
+async def test_forget_library(mocker: MockerFixture) -> None:
+    """
+    must call forget from library if enabled
+    """
+    mocker.patch.object(helpers, "_has_aiohttp_security", True)
+    forget_mock = mocker.patch("aiohttp_security.forget")
+    await helpers.forget()
+    forget_mock.assert_called_once()
+
+
+async def test_remember_dummy(mocker: MockerFixture) -> None:
+    """
+    must not call remember from library if not enabled
+    """
+    mocker.patch.object(helpers, "_has_aiohttp_security", False)
+    remember_mock = mocker.patch("aiohttp_security.remember")
+    await helpers.remember()
+    remember_mock.assert_not_called()
+
+
+async def test_remember_library(mocker: MockerFixture) -> None:
+    """
+    must call remember from library if enabled
+    """
+    mocker.patch.object(helpers, "_has_aiohttp_security", True)
+    remember_mock = mocker.patch("aiohttp_security.remember")
+    await helpers.remember()
+    remember_mock.assert_called_once()