almet/ihatemoney
1
0
Fork 0
mirror of https://github.com/spiral-project/ihatemoney.git synced 2025-04-28 17:32:38 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Token support (#504)

Browse source 
Added API support to generate authentication tokens, at `/api/projects/:id/token`
This commit is contained in:
José Antonio de la Torre 2019-10-25 13:17:54 +02:00 committed by Alexis Metaireau
parent e30d863c56
commit b683d062f0
2 changed files with 48 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
ihatemoney/api.py
View file

@ -186,8 +186,20 @@ class BillHandler(Resource):
return "OK", 200 return "OK", 200
class TokenHandler(Resource):
method_decorators = [need_auth]
def get(self, project):
if not project:
return "Not Found", 404
token = project.generate_token()
return {"token": token}, 200
restful_api.add_resource(ProjectsHandler, "/projects") restful_api.add_resource(ProjectsHandler, "/projects")
restful_api.add_resource(ProjectHandler, "/projects/<string:project_id>") restful_api.add_resource(ProjectHandler, "/projects/<string:project_id>")
restful_api.add_resource(TokenHandler, "/projects/<string:project_id>/token")
restful_api.add_resource(MembersHandler, "/projects/<string:project_id>/members") restful_api.add_resource(MembersHandler, "/projects/<string:project_id>/members")
restful_api.add_resource( restful_api.add_resource(
ProjectStatsHandler, "/projects/<string:project_id>/statistics" ProjectStatsHandler, "/projects/<string:project_id>/statistics"

36
ihatemoney/tests/tests.py
View file

@ -1357,6 +1357,42 @@ class APITestCase(IhatemoneyTestCase):
) )
self.assertEqual(401, resp.status_code) self.assertEqual(401, resp.status_code)
def test_token_creation(self):
"""Test that token of project is generated
"""
# Create project
resp = self.api_create("raclette")
self.assertTrue(201, resp.status_code)
# Get token
resp = self.client.get(
"/api/projects/raclette/token", headers=self.get_auth("raclette")
)
self.assertEqual(200, resp.status_code)
decoded_resp = json.loads(resp.data.decode("utf-8"))
# Access with token
resp = self.client.get(
"/api/projects/raclette/token",
headers={"Authorization": "Basic %s" % decoded_resp["token"]},
)
self.assertEqual(200, resp.status_code)
def test_token_login(self):
resp = self.api_create("raclette")
# Get token
resp = self.client.get(
"/api/projects/raclette/token", headers=self.get_auth("raclette")
)
decoded_resp = json.loads(resp.data.decode("utf-8"))
resp = self.client.get("/authenticate?token={}".format(decoded_resp["token"]))
# Test that we are redirected.
self.assertEqual(302, resp.status_code)
def test_member(self): def test_member(self):
# create a project # create a project
self.api_create("raclette") self.api_create("raclette")