Fakultas Ilmu Komputer UI

Commit 7b972ace authored by Muhammad Ariq Basyar's avatar Muhammad Ariq Basyar
Browse files

Merge branch 'development' into 'PBI-2-deployment'

Conflicts:
  pplbackend/settings.py
parents 5d56ed1d 64838995
Pipeline #66487 passed with stages
in 6 minutes and 20 seconds
from django.test import TestCase
import json
from .views import validate_google_token, _create_random_phone_number, _create_google_user
from unittest.mock import patch
from django.test import Client
from registrasi.models import BisaGoUser
from django.contrib.auth.models import User
import time
# Create your tests here.
class TestOauth(TestCase):
def setUp(self):
email = 'mock_user@email.com'
password = 'pass12345'
name = 'name'
user = User.objects.create_user(username=email, email=email,
password=password, last_name=name)
user.is_active = True
user.save()
BisaGoUser.objects.create(user=user, phone_number='089892234567',
tanggal_lahir='1990-05-05', pekerjaan='Mahasiswa',
alamat='Alamat Palsu')
email = 'mock_user12@email.com'
name = 'name12323'
user = User.objects.create_user(username=email, email=email,
password=password, last_name=name)
user.is_active = False
user.save()
BisaGoUser.objects.create(user=user, phone_number='9x1x4x5x5x4x8x0',
tanggal_lahir='1990-05-05', pekerjaan='Mahasiswa',
alamat='Alamat Palsu')
def test_request_token_email_exist_active(self):
email = 'mock_user@email.com'
passcode = 'pass12345'
response = Client().post('/api-token-auth/', {
'username': email,
'name': 'name',
"access_token": "sankdsanlk",
'password': passcode
})
json_response = json.loads(response.content)
self.assertEqual(200, response.status_code)
self.assertEqual('mock_user@email.com', json_response.get("username"))
def test_request_token_email_not_exists(self):
email = 'mock_user1212@email.com'
passcode = 'pass12345'
response = Client().post('/api-token-auth/', {
'username': email,
'name': 'name',
"access_token": "sankdsanlk",
'password': passcode
})
json_response = json.loads(response.content)
self.assertEqual(404, response.status_code)
self.assertEqual(json_response['response'], "User not exist")
def test_request_token_not_active(self):
email = 'mock_user12@email.com'
password = 'pass12345'
response = Client().post('/api-token-auth/', {
'username': email,
'name': 'name12323',
"access_token": "sankdsanlk",
'password': password
})
json_response = json.loads(response.content)
self.assertEqual(400, response.status_code)
self.assertEqual(json_response['response'], "Please activate your account")
def test_user_wrong_password(self):
email = 'mock_user12@email.com'
password = 'pass123456'
response = Client().post('/api-token-auth/', {
'username': email,
'name': 'name',
"access_token": "sankdsanlk",
'password': password
})
json_response = json.loads(response.content)
self.assertEqual(400, response.status_code)
self.assertEqual(json_response['response'], "Wrong password")
@patch('oauth.views.json.loads')
def test_google_login_exist(self, mock_json_loads):
email = 'mock_user@email.com'
passcode = 'pass12345'
mock_json_loads.return_value = {"email": 'mock_user@email.com'}
response = Client().post('/api-token-auth/', {
'username': email,
'name': 'name',
"access_token": "sankdsanlk",
'password': passcode,
'google': True,
})
json_response = json.loads(response.content)
self.assertEqual(200, response.status_code)
self.assertEqual('mock_user@email.com', json_response.get("username"))
time.sleep(1)
@patch('oauth.views.json.loads')
def test_google_login_not_exist(self, mock_json_loads):
email = 'mock_user4545@email.com'
passcode = 'pass1234567'
mock_json_loads.return_value = {"email": 'mock_user4545@email.com'}
response = Client().post('/api-token-auth/', {
'username': email,
'name': 'name',
"access_token": "sankdsanlk",
'password': passcode,
'google': True,
})
json_response = json.loads(response.content)
self.assertEqual(200, response.status_code)
self.assertEqual('mock_user4545@email.com', json_response.get("username"))
time.sleep(1)
@patch('oauth.views.json.loads')
def test_google_login_error(self, mock_json_loads):
email = 'mock_user4545@email.com'
passcode = 'pass1234567'
mock_json_loads.return_value = {"error": 'error'}
response = Client().post('/api-token-auth/', {
'username': email,
'name': 'name',
"access_token": "sankdsanlk",
'password': passcode,
'google': True,
})
json_response = json.loads(response.content)
self.assertEqual(404, response.status_code)
self.assertTrue("message" in json_response)
time.sleep(1)
@patch('oauth.views.requests.get')
@patch('oauth.views.json.loads')
def test_validate_access_token_valid(self, mock_json_loads, mock_get):
mock_get.return_value.text = "DKSJNDKDSKN"
mock_json_loads.return_value = {"email": 'mock_user@email.com'}
result_flag, result_email = validate_google_token("DLSLDSMDSBAS^&**")
self.assertTrue(result_flag)
self.assertEqual('mock_user@email.com', result_email)
@patch('oauth.views.requests.get')
@patch('oauth.views.json.loads')
def test_validate_access_token_invalid(self, mock_json_loads, mock_get):
mock_get.return_value.text = "DKSJNDKDSKN"
mock_json_loads.return_value = {"error": 'error description'}
result_flag, result_email = validate_google_token("DLSLDSMDSBAS^&**")
json_response = json.loads(result_email.content)
self.assertTrue("message" in json_response)
self.assertEqual(404, result_email.status_code)
self.assertFalse(result_flag)
@patch('oauth.views.random.randint')
def test_create_phone_number_exist(self, mock_randint):
mock_randint.side_effect = [9, 1, 4, 5, 5, 4, 8, 0, 1, 1, 1, 1, 1, 1, 1, 1]
phone_number = _create_random_phone_number()
self.assertEqual('1x1x1x1x1x1x1x1', phone_number)
@patch('oauth.views.random.randint')
def test_create_phone_number_not_exist_already(self, mock_randint):
mock_randint.side_effect = [1, 1, 1, 1, 1, 1, 1, 1]
phone_number = _create_random_phone_number()
self.assertEqual('1x1x1x1x1x1x1x1', phone_number)
def test_create_google_user_exist(self):
user = _create_google_user('mock_user@email.com', 'name')
self.assertEqual('mock_user@email.com', user.username)
self.assertEqual('mock_user@email.com', user.email)
self.assertEqual('name', user.last_name)
@patch('oauth.views._create_random_phone_number')
def test_create_google_user_exist(self, mock_random_phone):
mock_random_phone.return_value = '1x1x1x1x1x1x1x1'
user = _create_google_user('mock_user3434@email.com', 'name')
self.assertEqual('mock_user3434@email.com', user.username)
self.assertEqual('mock_user3434@email.com', user.email)
self.assertEqual('name', user.last_name)
self.assertEqual('1x1x1x1x1x1x1x1', user.phone_number.phone_number)
import requests
import random
from urllib.parse import parse_qs, urlparse
from rest_framework.utils import json
from rest_framework.views import APIView
from rest_framework.response import Response
from rest_framework_simplejwt.tokens import RefreshToken
from rest_framework.permissions import IsAuthenticated
from rest_framework.authtoken.models import Token
from django.views.decorators.csrf import csrf_exempt
from django.http import JsonResponse, HttpResponse
from django.http import JsonResponse
from django.contrib.auth import authenticate
from django.contrib.auth.base_user import BaseUserManager
from django.contrib.auth.hashers import make_password
from django.contrib.auth.models import User
from django.conf import settings
from registrasi.models import BisaGoUser
@csrf_exempt
......@@ -27,30 +18,32 @@ def request_token(request):
password = request.POST["password"]
google = request.POST.get("google", False)
response = {}
status = 200
if google:
access_token = request.POST["access_token"]
name = request.POST["name"]
try:
user = User.objects.get(email=email)
result_code, result_email = validate_google_token(access_token)
if result_code:
user = User.objects.get(email=result_email)
email = result_email
else:
return result_email
except User.DoesNotExist:
user, status = _request_token_from_google(email, access_token, name)
user = _create_google_user(email, name)
else:
try:
user = authenticate(request, username=email, password=password)
if user is None:
User.objects.get(email=email)
except User.DoesNotExist:
response["response"] = "User not exist"
return JsonResponse(response, status=404)
if status != 200:
return status
if user is not None:
if user.is_active:
#print("user active")
token, create = Token.objects.get_or_create(user=user)
response = {}
response['username'] = user.username
response['token'] = token.key
response['token_type'] = "token"
response = {'username': user.username, 'token': token.key, 'token_type': "token"}
return JsonResponse(response, status=200)
else:
response["response"] = "Please activate your account"
......@@ -58,37 +51,43 @@ def request_token(request):
else:
response["response"] = "Wrong password"
return JsonResponse(response, status=400)
@csrf_exempt
def _request_token_from_google(email, access_token, name):
payload = {'access_token': access_token} # validate the token
req = requests.get('https://www.googleapis.com/oauth2/v2/userinfo', params=payload, proxies=settings.PROXIES)
data = json.loads(req.text)
if 'error' in data:
content = {'message': 'wrong google token / this google token is already expired.'}
return None, JsonResponse(content, status=404)
user = User()
user.username = email
# provider random default password
user.password = make_password(BaseUserManager().make_random_password())
user.email = email
user.is_active = True
user.last_name = name
user.save()
random_generated_phone_number = 'x'.join([str(random.randint(0, 9)) for i in range(8)])
BisaGoUser.objects.create(user=user, phone_number=random_generated_phone_number)
return user, 200
def _create_google_user(email, name):
try:
return User.objects.get(username=email)
except User.DoesNotExist:
user = User()
user.username = email
# provider random default password
user.password = make_password(BaseUserManager().make_random_password())
user.email = email
user.is_active = True
user.last_name = name
user.save()
random_generated_phone_number = _create_random_phone_number()
BisaGoUser.objects.create(user=user, phone_number=random_generated_phone_number)
return user
def _create_random_phone_number():
phone_number = 'x'.join([str(random.randint(0, 9)) for i in range(8)])
try:
BisaGoUser.objects.get(phone_number=phone_number)
return _create_random_phone_number()
except BisaGoUser.DoesNotExist:
return phone_number
@csrf_exempt
def validate_google_token(email, access_token):
def validate_google_token(access_token):
payload = {'access_token': access_token} # validate the token
req = requests.get('https://www.googleapis.com/oauth2/v2/userinfo', params=payload, proxies=settings.PROXIES)
req = requests.get('https://www.googleapis.com/oauth2/v2/userinfo',
params=payload, proxies=settings.PROXIES)
data = json.loads(req.text)
if 'error' in data:
if 'error' in data or 'email' not in data:
content = {'message': 'wrong google token / this google token is already expired.'}
return None, JsonResponse(content, status=404)
return User.objects.get(email=email)
return False, JsonResponse(content, status=404)
return True, data.get("email")
......
......@@ -176,7 +176,8 @@ SITE_ID = 1
AUTHENTICATION_BACKENDS = [
# Default backend -- used to login by username in Django admin
"django.contrib.auth.backends.ModelBackend",
# This allow inactive user to authenticate
'django.contrib.auth.backends.AllowAllUsersModelBackend',
# `allauth` specific authentication methods, such as login by e-mail
"allauth.account.auth_backends.AuthenticationBackend",
]
......@@ -231,10 +232,10 @@ SIMPLE_JWT = {
'REFRESH_TOKEN_LIFETIME': timedelta(days=90),
}
http_proxy = os.environ.get('http_proxy', '')
http_proxy = os.environ.get('http_proxy', '')
https_proxy = os.environ.get('https_proxy', '')
PROXIES ={
"http" : http_proxy,
"https" : https_proxy
}
PROXIES = {
"http": http_proxy,
"https": https_proxy
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment