ash пре 2 година
родитељ
комит
28f8f7bd81
3 измењених фајлова са 52 додато и 20 уклоњено
  1. 2 2
      Backend/Sources/View/view_basics_api.py
  2. 20 4
      Backend/Tests/core_test.py
  3. 30 14
      Backend/Tests/inventory_api_test.py

+ 2 - 2
Backend/Sources/View/view_basics_api.py

@@ -95,7 +95,7 @@ def define_basic_api(app) :
 
 
             session["username"] = _username
-            session["user_account_id"] = Item.id
+            session["user_id"] = Item.id
             logger.info("account " + _username + " logged IN successfully with origin : " + str(request.origin))
             resp = jsonify({'message' : 'login successful', "token" : generate_auth_token(Item.id) })
             resp.status_code = 200
@@ -113,7 +113,7 @@ def define_basic_api(app) :
     @app.route('/api/me',methods = ['GET'])
     def user_description():
         with persistence.get_Session_Instance() as sess :
-            item : isp_model.user_account = sess.query(isp_model.user_account).filter(isp_model.user_account.id == session["client_id"]).first()
+            item : isp_model.user_account = sess.query(isp_model.user_account).filter(isp_model.user_account.id == session["user_id"]).first()
             json_string = model_manager.ModelObjectToJsonString(item)
             json_dict : dict = json.loads(json_string)
             json_dict.pop("password") # removing the password item for security

+ 20 - 4
Backend/Tests/core_test.py

@@ -2,6 +2,8 @@
 import os
 from time import sleep
 
+from flask import request
+
 
 os.chdir(os.path.dirname(__file__))
 import sys
@@ -16,8 +18,20 @@ import Sources.View.view_manager as view
 item_id_to_delete = 0
 import threading
 import pytest
+import json
+
+from requests.auth import AuthBase
 
+class TokenAuth(AuthBase):
+    """Implements a custom authentication scheme."""
 
+    def __init__(self, token):
+        self.token = token
+
+    def __call__(self, r):
+        """Attach an API token to a custom auth header."""
+        r.headers['x-Auth-Token'] = f'{self.token}'  # Python 3.6+
+        return r
 
 @pytest.fixture(autouse=True,scope='session')
 def fixture2():
@@ -42,13 +56,15 @@ def fixture2():
 
 def test_login() :
 
-    s = requests.Session()
-
-    r = s.post("http://127.0.0.1:8000/api/login",json={'username' : 'admin','password': 'aseqzdwxc'})
+    token = None
+    r = requests.post("http://127.0.0.1:8000/api/login",json={'username' : 'admin','password': 'aseqzdwxc'})
     print(r.__dict__)
+    data = json.loads(r.content)
+    token = data["token"]
+    assert token is not None
     assert r.status_code == 200
 
-    r = s.get("http://127.0.0.1:8000/tab")
+    r = requests.get("http://127.0.0.1:8000/api/me",auth=TokenAuth(token))
     print(r.__dict__)
     assert r.status_code == 200
 

+ 30 - 14
Backend/Tests/inventory_api_test.py

@@ -3,6 +3,7 @@ import os
 from time import sleep
 
 
+
 os.chdir(os.path.dirname(__file__))
 import sys
 sys.path.append("..")
@@ -17,7 +18,18 @@ item_id_to_delete = 0
 import threading
 import pytest
 
+from requests.auth import AuthBase
+
+class TokenAuth(AuthBase):
+    """Implements a custom authentication scheme."""
 
+    def __init__(self, token):
+        self.token = token
+
+    def __call__(self, r):
+        """Attach an API token to a custom auth header."""
+        r.headers['x-Auth-Token'] = f'{self.token}'  # Python 3.6+
+        return r
 
 @pytest.fixture(autouse=True,scope='session')
 def fixture2():
@@ -38,53 +50,57 @@ def fixture2():
     t1.join()
 
     # Perform cleanup on the data when the test function exits
+import json
 
 def test_api() :
 
     sleep(2)
-    s = requests.Session()
 
-    print("CREATE")
-    r = s.post("http://127.0.0.1:8000/api/login",json={'username' : 'admin','password': 'aseqzdwxc'})
-    print(r.__dict__)
-    assert r.status_code == 200
 
-    print("CREATE")
-    r = s.get("http://127.0.0.1:8000/tab")
+    print("login")
+    r = requests.post("http://127.0.0.1:8000/api/login",json={'username' : 'admin','password': 'aseqzdwxc'})
     print(r.__dict__)
     assert r.status_code == 200
+    data = json.loads(r.content)
+    token = data["token"]
+    assert token is not None
+
 
     print("CREATE")
-    r = s.post("http://127.0.0.1:8000/api/inventory/item",json={"assign_date_epoch": 5000, "assigned": True, "brand": "Mikrotik", "name": "RB2011", "note": "saline 2 RT 2, chez ashvin", "owned": True, "serial_number": "12345678", "tags": "#router #mikrotik #saline", "type": "router", "wear_score": 100})
+    r = requests.post("http://127.0.0.1:8000/api/inventory/item",json={"assign_date_epoch": 5000, "assigned": True, "brand": "Mikrotik", "name": "RB2011", "note": "saline 2 RT 2, chez ashvin", "owned": True, "serial_number": "12345678", "tags": "#router #mikrotik #saline", "type": "router", "wear_score": 100}
+                      ,auth=TokenAuth(token))
     print(r.__dict__)
     assert r.status_code == 200
 
     print("CREATE")
-    r = s.post("http://127.0.0.1:8000/api/inventory/item",json={"assign_date_epoch": 10000, "assigned": True, "brand": "Mikrotik", "name": "HEX S 1", "note": "saline 2 RT 3, chez ashvin", "owned": True, "serial_number": "12345678", "tags": "#router #mikrotik #saline", "type": "router", "wear_score": 100})
+    r = requests.post("http://127.0.0.1:8000/api/inventory/item",json={"assign_date_epoch": 10000, "assigned": True, "brand": "Mikrotik", "name": "HEX S 1", "note": "saline 2 RT 3, chez ashvin", "owned": True, "serial_number": "12345678", "tags": "#router #mikrotik #saline", "type": "router", "wear_score": 100}
+                      ,auth=TokenAuth(token))
     print(r.__dict__)
     assert r.status_code == 200
 
     print("CREATE")
-    r = s.post("http://127.0.0.1:8000/api/inventory/item",json={"assign_date_epoch": 10000, "assigned": True, "brand": "Mikrotik", "name": "HEX S 1", "note": "saline 2 RT 3, chez ashvin", "owned": True, "serial_number": "12345678", "tags": "#router #mikrotik #saline", "type": "router", "wear_score": 100})
+    r = requests.post("http://127.0.0.1:8000/api/inventory/item",json={"assign_date_epoch": 10000, "assigned": True, "brand": "Mikrotik", "name": "HEX S 1", "note": "saline 2 RT 3, chez ashvin", "owned": True, "serial_number": "12345678", "tags": "#router #mikrotik #saline", "type": "router", "wear_score": 100}
+                      ,auth=TokenAuth(token))
     print(r.__dict__)
     assert r.status_code == 200
 
     print("CREATE")
-    r = s.post("http://127.0.0.1:8000/api/inventory/item",json={"assign_date_epoch": 10000, "assigned": True, "brand": "Mikrotik", "name": "HEX S 1", "note": "saline 2 RT 3, chez ashvin", "owned": True, "serial_number": "12345678", "tags": "#router #mikrotik #saline", "type": "router", "wear_score": 100})
+    r = requests.post("http://127.0.0.1:8000/api/inventory/item",json={"assign_date_epoch": 10000, "assigned": True, "brand": "Mikrotik", "name": "HEX S 1", "note": "saline 2 RT 3, chez ashvin", "owned": True, "serial_number": "12345678", "tags": "#router #mikrotik #saline", "type": "router", "wear_score": 100}
+                      ,auth=TokenAuth(token))
     print(r.__dict__)
     assert r.status_code == 200
 
     print("GET")
-    r = s.get("http://127.0.0.1:8000/api/inventory/items")
+    r = requests.get("http://127.0.0.1:8000/api/inventory/items",auth=TokenAuth(token))
     print(r.__dict__)
     assert r.status_code == 200
 
     print("DELETE")
-    r = s.delete("http://127.0.0.1:8000/api/inventory/item/2")
+    r = requests.delete("http://127.0.0.1:8000/api/inventory/item/2",auth=TokenAuth(token))
     print(r.__dict__)
     assert r.status_code == 200
 
     print("CREATE SITE")
-    r = s.post("http://127.0.0.1:8000/api/inventory/site",json={"assign_date_epoch": 5000, "assigned": True, "brand": "Mikrotik", "name": "RB2011", "note": "saline 2 RT 2, chez ashvin", "owned": True, "serial_number": "12345678", "tags": "#router #mikrotik #saline", "type": "router", "wear_score": 100})
+    r = requests.post("http://127.0.0.1:8000/api/inventory/site",json={"assign_date_epoch": 5000, "assigned": True, "brand": "Mikrotik", "name": "RB2011", "note": "saline 2 RT 2, chez ashvin", "owned": True, "serial_number": "12345678", "tags": "#router #mikrotik #saline", "type": "router", "wear_score": 100},auth=TokenAuth(token))
     print(r.__dict__)
     assert r.status_code == 200