-
Notifications
You must be signed in to change notification settings - Fork 9
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Patch use authentication on api (#1110)
* patch: use token to authenticate aganist API * patch: add authentication to test * patch: add authentication to api * patch: update tests to generate and use token for api
- Loading branch information
1 parent
43659bf
commit c88eb10
Showing
2 changed files
with
28 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -30,6 +30,11 @@ def image_field(self, name): | |
def setUp(self): | ||
# Create a user for authentication | ||
self.user = User.objects.create_user(username='testuser', password='testpassword', email='[email protected]') | ||
self.user_token = User.objects.create_superuser( | ||
username='testuser2', | ||
password='testpassword', | ||
email='[email protected]' | ||
) | ||
self.site = Sites.objects.create( | ||
site_name='Test Site', | ||
river_name='Test River', | ||
|
@@ -81,6 +86,15 @@ def setUp(self): | |
elec_cond="2.50", | ||
elec_cond_unit="mS/m" | ||
) | ||
self.token = self.generate_token_for_user(self.user_token.email) | ||
self.client = APIClient() | ||
self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + self.token) | ||
|
||
def generate_token_for_user(self, email): | ||
url = reverse('generate_special_token', args=[email]) | ||
response = self.client.post(url) | ||
self.assertEqual(response.status_code, status.HTTP_200_OK) | ||
return response.json().get('token') | ||
|
||
|
||
def test_get_all_sites_with_observations(self): | ||
|
@@ -119,6 +133,16 @@ def test_get_sites_with_observations_with_no_data(self): | |
self.assertEqual(response.status_code, status.HTTP_200_OK) | ||
self.assertEqual(len(response.data), 0) | ||
|
||
def test_get_sites_with_observations_without_token(self): | ||
# Remove token authentication for this request | ||
self.client.credentials() | ||
|
||
url = reverse('sites-with-observations') | ||
response = self.client.get(url) | ||
|
||
# Expect 401 Unauthorized without a token | ||
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED) | ||
|
||
|
||
def test_multiple_image_upload(self): | ||
client = APIClient() | ||
|