Forked from
funkwhale / funkwhale
6781 commits behind the upstream repository.
-
Eliot Berriot authoredVerified281bef48
test_authentication.py 2.19 KiB
import binascii
import pytest
from rest_framework import exceptions
from funkwhale_api.subsonic import authentication
def test_auth_with_salt(api_request, factories):
salt = "salt"
user = factories["users.User"]()
user.subsonic_api_token = "password"
user.save()
token = authentication.get_token(salt, "password")
request = api_request.get("/", {"t": token, "s": salt, "u": user.username})
authenticator = authentication.SubsonicAuthentication()
u, _ = authenticator.authenticate(request)
assert user == u
def test_auth_with_password_hex(api_request, factories):
user = factories["users.User"]()
user.subsonic_api_token = "password"
user.save()
request = api_request.get(
"/",
{
"u": user.username,
"p": "enc:{}".format(
binascii.hexlify(user.subsonic_api_token.encode("utf-8")).decode(
"utf-8"
)
),
},
)
authenticator = authentication.SubsonicAuthentication()
u, _ = authenticator.authenticate(request)
assert user == u
def test_auth_with_password_cleartext(api_request, factories):
user = factories["users.User"]()
user.subsonic_api_token = "password"
user.save()
request = api_request.get("/", {"u": user.username, "p": "password"})
authenticator = authentication.SubsonicAuthentication()
u, _ = authenticator.authenticate(request)
assert user == u
def test_auth_with_inactive_users(api_request, factories):
user = factories["users.User"](is_active=False)
user.subsonic_api_token = "password"
user.save()
request = api_request.get("/", {"u": user.username, "p": "password"})
authenticator = authentication.SubsonicAuthentication()
with pytest.raises(exceptions.AuthenticationFailed):
authenticator.authenticate(request)
def test_auth_case_insensitive(api_request, factories):
user = factories["users.User"](username="Hello")
user.subsonic_api_token = "password"
user.save()
request = api_request.get("/", {"u": "hello", "p": "password"})
authenticator = authentication.SubsonicAuthentication()
u, _ = authenticator.authenticate(request)
assert user == u