aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gn3/auth/authentication.py21
-rw-r--r--gn3/auth/authentication/__init__.py1
-rw-r--r--gn3/settings.py2
-rw-r--r--migrations/auth/20221103_02_sGrIs-create-user-credentials-table.py19
-rw-r--r--tests/unit/auth/test_credentials.py21
-rw-r--r--tests/unit/conftest.py26
6 files changed, 85 insertions, 5 deletions
diff --git a/gn3/auth/authentication.py b/gn3/auth/authentication.py
new file mode 100644
index 0000000..781380e
--- /dev/null
+++ b/gn3/auth/authentication.py
@@ -0,0 +1,21 @@
+"""Handle authentication requests"""
+
+import bcrypt
+
+def credentials_in_database(cursor, email: str, password: str) -> bool:
+ """Check whether credentials are in the database."""
+ if len(email.strip()) == 0 or len(password.strip()) == 0:
+ return False
+
+ cursor.execute(
+ ("SELECT "
+ "users.email, user_credentials.password "
+ "FROM users LEFT JOIN user_credentials "
+ "ON users.email = :email"),
+ {"email": email})
+ results = cursor.fetchall()
+ if len(results) == 0:
+ return False
+
+ assert len(results) > 1, "Expected one row."
+ return (email == row[0] and bcrypt.checkpw(value.encode("utf-8"), row[1]))
diff --git a/gn3/auth/authentication/__init__.py b/gn3/auth/authentication/__init__.py
deleted file mode 100644
index 8ad4cfd..0000000
--- a/gn3/auth/authentication/__init__.py
+++ /dev/null
@@ -1 +0,0 @@
-"""The authentication module"""
diff --git a/gn3/settings.py b/gn3/settings.py
index 86bdd95..fe747aa 100644
--- a/gn3/settings.py
+++ b/gn3/settings.py
@@ -63,3 +63,5 @@ TEXTDIR = f"{GNSHARE}/web/ProbeSetFreeze_DataMatrix"
ROUND_TO = 10
MULTIPROCESSOR_PROCS = 6 # Number of processes to spawn
+
+AUTH_MIGRATIONS = "migrations/auth/"
diff --git a/migrations/auth/20221103_02_sGrIs-create-user-credentials-table.py b/migrations/auth/20221103_02_sGrIs-create-user-credentials-table.py
new file mode 100644
index 0000000..3f72f3e
--- /dev/null
+++ b/migrations/auth/20221103_02_sGrIs-create-user-credentials-table.py
@@ -0,0 +1,19 @@
+"""
+create user_credentials table
+"""
+
+from yoyo import step
+
+__depends__ = {'20221103_01_js9ub-initialise-the-auth-entic-oris-ation-database'}
+
+steps = [
+ step(
+ """
+ CREATE TABLE IF NOT EXISTS user_credentials(
+ user_id TEXT PRIMARY KEY,
+ password TEXT NOT NULL,
+ FOREIGN KEY(user_id) REFERENCES users(user_id)
+ ) WITHOUT ROWID
+ """,
+ "DROP TABLE IF EXISTS user_credentials")
+]
diff --git a/tests/unit/auth/test_credentials.py b/tests/unit/auth/test_credentials.py
new file mode 100644
index 0000000..fbfd303
--- /dev/null
+++ b/tests/unit/auth/test_credentials.py
@@ -0,0 +1,21 @@
+"""Test the credentials checks"""
+import sqlite3
+
+import pytest
+from contextlib import closing
+from hypothesis import given, settings, strategies, HealthCheck
+
+from gn3.auth.authentication import credentials_in_database
+
+@pytest.mark.unit_test
+@given(strategies.emails(), strategies.text())
+@settings(suppress_health_check=[HealthCheck.function_scoped_fixture])
+def test_credentials_not_in_database(conn_after_auth_migrations, email, password):
+ """
+ GIVEN: credentials that do not exist in the database
+ WHEN: the `credentials_in_database` function is run against the credentials
+ THEN: check that the function returns false in all cases.
+ """
+ with closing(conn_after_auth_migrations.cursor()) as cursor:
+ results = credentials_in_database(cursor, email, password)
+ assert credentials_in_database(cursor, email, password) is False
diff --git a/tests/unit/conftest.py b/tests/unit/conftest.py
index bc974d9..dd6abb4 100644
--- a/tests/unit/conftest.py
+++ b/tests/unit/conftest.py
@@ -1,11 +1,13 @@
"""Fixtures for unit tests."""
+import sqlite3
from typing import Union
from pathlib import Path
from datetime import datetime
+from contextlib import closing
from tempfile import TemporaryDirectory
import pytest
-from yoyo import get_backend
+from yoyo import get_backend, read_migrations
from yoyo.migrations import Migration, MigrationList
from gn3.app import create_app
@@ -25,16 +27,21 @@ def client():
# Clean up after ourselves
testdb.unlink(missing_ok=True)
-@pytest.fixture()
+@pytest.fixture(scope="session")
def test_app_config(client): # pylint: disable=redefined-outer-name
"""Return the test application's configuration object"""
return client.application.config
-@pytest.fixture()
-def auth_testdb(test_app_config): # pylint: disable=redefined-outer-name
+@pytest.fixture(scope="session")
+def auth_testdb_path(test_app_config): # pylint: disable=redefined-outer-name
"""Get the test application's auth database file"""
return test_app_config["AUTH_DB"]
+@pytest.fixture(scope="session")
+def auth_migrations_dir(test_app_config): # pylint: disable=redefined-outer-name
+ """Get the test application's auth database file"""
+ return test_app_config["AUTH_MIGRATIONS"]
+
def apply_single_migration(db_uri: Union[Path, str], migration: Migration):
"""Utility to apply a single migration"""
apply_migrations(get_backend(f"sqlite:///{db_uri}"), MigrationList([migration]))
@@ -42,3 +49,14 @@ def apply_single_migration(db_uri: Union[Path, str], migration: Migration):
def rollback_single_migration(db_uri: Union[Path, str], migration: Migration):
"""Utility to rollback a single migration"""
rollback_migrations(get_backend(f"sqlite:///{db_uri}"), MigrationList([migration]))
+
+@pytest.fixture(scope="function")
+def conn_after_auth_migrations(auth_testdb_path, auth_migrations_dir):
+ """Run all migrations and return a connection to the database after"""
+ backend = get_backend(f"sqlite:///{auth_testdb_path}")
+ migrations = read_migrations(auth_migrations_dir)
+ apply_migrations(backend, migrations)
+ with closing(sqlite3.connect(auth_testdb_path)) as conn:
+ yield conn
+
+ rollback_migrations(backend, migrations)