[core] Make GET hood/id public and implement register correctly

This commit is contained in:
Cathy Hu 2020-08-18 23:44:13 +02:00
parent dcea411f5b
commit 71ac6fd7fa
4 changed files with 12 additions and 9 deletions

View file

@ -9,6 +9,7 @@
from fastapi import APIRouter, Depends, HTTPException, status from fastapi import APIRouter, Depends, HTTPException, status
from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm from fastapi.security import OAuth2PasswordBearer, OAuth2PasswordRequestForm
from kibicara import email from kibicara import email
from kibicara.config import config
from kibicara.model import Admin, AdminHoodRelation from kibicara.model import Admin, AdminHoodRelation
from logging import getLogger from logging import getLogger
from nacl.encoding import URLSafeBase64Encoder from nacl.encoding import URLSafeBase64Encoder
@ -96,13 +97,14 @@ async def admin_register(values: BodyAdmin):
) )
register_token = to_token(**values.__dict__) register_token = to_token(**values.__dict__)
logger.debug(f'register_token={register_token}') logger.debug(f'register_token={register_token}')
# TODO implement check to see if email already is in database
try: try:
admin = await Admin.objects.filter(email=values.email).all()
if admin:
raise HTTPException(status_code=status.HTTP_409_CONFLICT)
body = f'{config["root_url"]}/confirm?token={register_token}'
logger.debug(body)
email.send_email( email.send_email(
to=values.email, to=values.email, subject='Confirm Account', body=body,
subject='Confirm Account',
# XXX create real confirm link
body=register_token,
) )
except (ConnectionRefusedError, SMTPException): except (ConnectionRefusedError, SMTPException):
logger.exception('Email sending failed') logger.exception('Email sending failed')

View file

@ -83,7 +83,7 @@ async def hood_create(values: BodyHood, response: Response, admin=Depends(get_ad
operation_id='get_hood', operation_id='get_hood',
tags=['hoods'], tags=['hoods'],
) )
async def hood_read(hood=Depends(get_hood)): async def hood_read(hood=Depends(get_hood_unauthorized)):
""" Get hood with id **hood_id**. """ """ Get hood with id **hood_id**. """
return hood return hood

View file

@ -10,6 +10,7 @@ from kibicara.model import Hood, Mapping
from kibicara.platforms.twitter.model import Twitter from kibicara.platforms.twitter.model import Twitter
from kibicara.webapi import router from kibicara.webapi import router
from pytest import fixture from pytest import fixture
from urllib.parse import urlparse
@fixture(scope='module') @fixture(scope='module')
@ -50,7 +51,7 @@ def register_token(client, receive_email):
'/api/admin/register/', json={'email': 'user', 'password': 'password'} '/api/admin/register/', json={'email': 'user', 'password': 'password'}
) )
assert response.status_code == status.HTTP_202_ACCEPTED assert response.status_code == status.HTTP_202_ACCEPTED
return receive_email()['body'] return urlparse(receive_email()['body']).query.split('=', 1)[1]
@fixture(scope='module') @fixture(scope='module')

View file

@ -16,9 +16,9 @@ def test_hood_create_unauthorized(client, hood_id):
assert response.status_code == status.HTTP_401_UNAUTHORIZED assert response.status_code == status.HTTP_401_UNAUTHORIZED
def test_hood_read_unauthorized(client, hood_id): def test_hood_read(client, hood_id):
response = client.get('/api/hoods/%d' % hood_id) response = client.get('/api/hoods/%d' % hood_id)
assert response.status_code == status.HTTP_401_UNAUTHORIZED assert response.status_code == status.HTTP_200_OK
def test_hood_update_unauthorized(client, hood_id): def test_hood_update_unauthorized(client, hood_id):