From be699ee4a1b090f45cad8702cfb887c24982f1d7 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Thu, 3 Nov 2022 13:31:33 +0300
Subject: Add credentials checking

* gn3/auth/authentication.py: new function `credentials_in_database`
* gn3/auth/authentication/__init__.py: replace package with module
* gn3/settings.py: new `AUTH_MIGRATIONS` configuration variable
* migrations/auth/20221103_02_sGrIs-create-user-credentials-table.py: new
  migration
* tests/unit/auth/test_credentials.py: test the `credentials_in_database`
  function
* tests/unit/conftest.py: more test fixtures
---
 gn3/auth/authentication.py          | 21 +++++++++++++++++++++
 gn3/auth/authentication/__init__.py |  1 -
 gn3/settings.py                     |  2 ++
 3 files changed, 23 insertions(+), 1 deletion(-)
 create mode 100644 gn3/auth/authentication.py
 delete mode 100644 gn3/auth/authentication/__init__.py

(limited to 'gn3')

diff --git a/gn3/auth/authentication.py b/gn3/auth/authentication.py
new file mode 100644
index 0000000..781380e
--- /dev/null
+++ b/gn3/auth/authentication.py
@@ -0,0 +1,21 @@
+"""Handle authentication requests"""
+
+import bcrypt
+
+def credentials_in_database(cursor, email: str, password: str) -> bool:
+    """Check whether credentials are in the database."""
+    if len(email.strip()) == 0 or len(password.strip()) == 0:
+        return False
+
+    cursor.execute(
+        ("SELECT "
+         "users.email, user_credentials.password "
+         "FROM users LEFT JOIN user_credentials "
+         "ON users.email = :email"),
+        {"email": email})
+    results = cursor.fetchall()
+    if len(results) == 0:
+        return False
+
+    assert len(results) > 1, "Expected one row."
+    return (email == row[0] and bcrypt.checkpw(value.encode("utf-8"), row[1]))
diff --git a/gn3/auth/authentication/__init__.py b/gn3/auth/authentication/__init__.py
deleted file mode 100644
index 8ad4cfd..0000000
--- a/gn3/auth/authentication/__init__.py
+++ /dev/null
@@ -1 +0,0 @@
-"""The authentication module"""
diff --git a/gn3/settings.py b/gn3/settings.py
index 86bdd95..fe747aa 100644
--- a/gn3/settings.py
+++ b/gn3/settings.py
@@ -63,3 +63,5 @@ TEXTDIR = f"{GNSHARE}/web/ProbeSetFreeze_DataMatrix"
 ROUND_TO = 10
 
 MULTIPROCESSOR_PROCS = 6 # Number of processes to spawn
+
+AUTH_MIGRATIONS = "migrations/auth/"
-- 
cgit v1.2.3