109 lines
3.2 KiB
Python
109 lines
3.2 KiB
Python
import asyncio
|
|
|
|
from aiohttp import web
|
|
from aiohttp_security import (remember, forget,
|
|
AbstractAuthorizationPolicy)
|
|
from aiohttp_security import setup as _setup
|
|
from aiohttp_security.cookies_identity import CookiesIdentityPolicy
|
|
from aiohttp_security.api import IDENTITY_KEY
|
|
|
|
|
|
class Autz(AbstractAuthorizationPolicy):
|
|
|
|
@asyncio.coroutine
|
|
def permits(self, identity, permission, context=None):
|
|
pass
|
|
|
|
@asyncio.coroutine
|
|
def authorized_userid(self, identity):
|
|
pass
|
|
|
|
|
|
@asyncio.coroutine
|
|
def test_remember(loop, test_client):
|
|
|
|
@asyncio.coroutine
|
|
def handler(request):
|
|
response = web.Response()
|
|
yield from remember(request, response, 'Andrew')
|
|
return response
|
|
|
|
app = web.Application(loop=loop)
|
|
_setup(app, CookiesIdentityPolicy(), Autz())
|
|
app.router.add_route('GET', '/', handler)
|
|
client = yield from test_client(app)
|
|
resp = yield from client.get('/')
|
|
assert 200 == resp.status
|
|
assert 'Andrew' == resp.cookies['AIOHTTP_SECURITY'].value
|
|
yield from resp.release()
|
|
|
|
|
|
@asyncio.coroutine
|
|
def test_identify(loop, test_client):
|
|
|
|
@asyncio.coroutine
|
|
def create(request):
|
|
response = web.Response()
|
|
yield from remember(request, response, 'Andrew')
|
|
return response
|
|
|
|
@asyncio.coroutine
|
|
def check(request):
|
|
policy = request.app[IDENTITY_KEY]
|
|
user_id = yield from policy.identify(request)
|
|
assert 'Andrew' == user_id
|
|
return web.Response()
|
|
|
|
app = web.Application(loop=loop)
|
|
_setup(app, CookiesIdentityPolicy(), Autz())
|
|
app.router.add_route('GET', '/', check)
|
|
app.router.add_route('POST', '/', create)
|
|
client = yield from test_client(app)
|
|
resp = yield from client.post('/')
|
|
assert 200 == resp.status
|
|
yield from resp.release()
|
|
resp = yield from client.get('/')
|
|
assert 200 == resp.status
|
|
yield from resp.release()
|
|
|
|
|
|
@asyncio.coroutine
|
|
def test_forget(loop, test_client):
|
|
|
|
@asyncio.coroutine
|
|
def index(request):
|
|
return web.Response()
|
|
|
|
@asyncio.coroutine
|
|
def login(request):
|
|
response = web.HTTPFound(location='/')
|
|
yield from remember(request, response, 'Andrew')
|
|
return response
|
|
|
|
@asyncio.coroutine
|
|
def logout(request):
|
|
response = web.HTTPFound(location='/')
|
|
yield from forget(request, response)
|
|
return response
|
|
|
|
app = web.Application(loop=loop)
|
|
_setup(app, CookiesIdentityPolicy(), Autz())
|
|
app.router.add_route('GET', '/', index)
|
|
app.router.add_route('POST', '/login', login)
|
|
app.router.add_route('POST', '/logout', logout)
|
|
client = yield from test_client(app)
|
|
resp = yield from client.post('/login')
|
|
assert 200 == resp.status
|
|
assert resp.url.endswith('/')
|
|
cookies = client.session.cookie_jar.filter_cookies(
|
|
client.make_url('/'))
|
|
assert 'Andrew' == cookies['AIOHTTP_SECURITY'].value
|
|
yield from resp.release()
|
|
resp = yield from client.post('/logout')
|
|
assert 200 == resp.status
|
|
assert resp.url.endswith('/')
|
|
cookies = client.session.cookie_jar.filter_cookies(
|
|
client.make_url('/'))
|
|
assert 'AIOHTTP_SECURITY' not in cookies
|
|
yield from resp.release()
|