Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Patch use authentication on api #1110

Merged
merged 4 commits into from
Oct 9, 2024
Merged

Patch use authentication on api #1110

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
4c4be4d
patch: use token to authenticate aganist API
tinashechiraya Oct 9, 2024
ad2caa2
patch: add authentication to test
tinashechiraya Oct 9, 2024
441b78b
patch: add authentication to api
tinashechiraya Oct 9, 2024
f8b7313
patch: update tests to generate and use token for api
tinashechiraya Oct 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions django_project/monitor/site_views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,8 @@
from django.utils.dateparse import parse_date
from drf_yasg.utils import swagger_auto_schema
from drf_yasg import openapi
from rest_framework_simplejwt.authentication import JWTAuthentication
from rest_framework.permissions import IsAuthenticated


from monitor.serializers import (
Expand Down Expand Up @@ -203,6 +205,8 @@ def get(self, request, latitude, longitude):

class SitesWithObservationsView(APIView):
serializer_class = SitesAndObservationsSerializer
authentication_classes = [JWTAuthentication]
permission_classes = [IsAuthenticated]
@swagger_auto_schema(
operation_description="Retrieve detailed information about a site, including its observations and images.",
manual_parameters=[
Expand Down
24 changes: 24 additions & 0 deletions django_project/monitor/tests/test_sites.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,11 @@ def image_field(self, name):
def setUp(self):
# Create a user for authentication
self.user = User.objects.create_user(username='testuser', password='testpassword', email='[email protected]')
self.user_token = User.objects.create_superuser(
username='testuser2',
password='testpassword',
email='[email protected]'
)
self.site = Sites.objects.create(
site_name='Test Site',
river_name='Test River',
Expand Down Expand Up @@ -81,6 +86,15 @@ def setUp(self):
elec_cond="2.50",
elec_cond_unit="mS/m"
)
self.token = self.generate_token_for_user(self.user_token.email)
self.client = APIClient()
self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + self.token)

def generate_token_for_user(self, email):
url = reverse('generate_special_token', args=[email])
response = self.client.post(url)
self.assertEqual(response.status_code, status.HTTP_200_OK)
return response.json().get('token')


def test_get_all_sites_with_observations(self):
Expand Down Expand Up @@ -119,6 +133,16 @@ def test_get_sites_with_observations_with_no_data(self):
self.assertEqual(response.status_code, status.HTTP_200_OK)
self.assertEqual(len(response.data), 0)

def test_get_sites_with_observations_without_token(self):
# Remove token authentication for this request
self.client.credentials()

url = reverse('sites-with-observations')
response = self.client.get(url)

# Expect 401 Unauthorized without a token
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)


def test_multiple_image_upload(self):
client = APIClient()
Expand Down