mirror of
https://github.com/GNS3/gns3-server
synced 2024-12-26 00:38:10 +00:00
Add default JWT secret key and fix tests.
This commit is contained in:
parent
bde706d19a
commit
58c1b01439
@ -23,7 +23,6 @@ from passlib.context import CryptContext
|
||||
from typing import Optional
|
||||
from fastapi import HTTPException, status
|
||||
from gns3server.schemas.tokens import TokenData
|
||||
from gns3server.controller.controller_error import ControllerError
|
||||
from gns3server.config import Config
|
||||
from pydantic import ValidationError
|
||||
|
||||
@ -32,6 +31,8 @@ log = logging.getLogger(__name__)
|
||||
|
||||
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")
|
||||
|
||||
DEFAULT_JWT_SECRET_KEY = "efd08eccec3bd0a1be2e086670e5efa90969c68d07e072d7354a76cea5e33d4e"
|
||||
|
||||
|
||||
class AuthService:
|
||||
|
||||
@ -75,7 +76,8 @@ class AuthService:
|
||||
if secret_key is None:
|
||||
secret_key = self._server_config.get("jwt_secret_key", None)
|
||||
if secret_key is None:
|
||||
raise ControllerError("No JWT secret key has been configured")
|
||||
secret_key = DEFAULT_JWT_SECRET_KEY
|
||||
log.error("A JWT secret key must be configured to secure the server, using default key...")
|
||||
algorithm = self._server_config.get("jwt_algorithm", "HS256")
|
||||
encoded_jwt = jwt.encode(to_encode, secret_key, algorithm=algorithm)
|
||||
return encoded_jwt
|
||||
@ -91,7 +93,8 @@ class AuthService:
|
||||
if secret_key is None:
|
||||
secret_key = self._server_config.get("jwt_secret_key", None)
|
||||
if secret_key is None:
|
||||
raise ControllerError("No JWT secret key has been configured")
|
||||
secret_key = DEFAULT_JWT_SECRET_KEY
|
||||
log.error("A JWT secret key must be configured to secure the server, using default key...")
|
||||
algorithm = self._server_config.get("jwt_algorithm", "HS256")
|
||||
payload = jwt.decode(token, secret_key, algorithms=[algorithm])
|
||||
username: str = payload.get("sub")
|
||||
|
@ -25,6 +25,7 @@ from jose import jwt
|
||||
from sqlalchemy.ext.asyncio import AsyncSession
|
||||
from gns3server.db.repositories.users import UsersRepository
|
||||
from gns3server.services import auth_service
|
||||
from gns3server.services.authentication import DEFAULT_JWT_SECRET_KEY
|
||||
from gns3server.config import Config
|
||||
from gns3server.schemas.users import User
|
||||
|
||||
@ -129,18 +130,16 @@ class TestAuthTokens:
|
||||
test_user: User
|
||||
) -> None:
|
||||
|
||||
secret_key = auth_service._server_config.get("jwt_secret_key")
|
||||
token = auth_service.create_access_token(test_user.username)
|
||||
payload = jwt.decode(token, secret_key, algorithms=["HS256"])
|
||||
payload = jwt.decode(token, DEFAULT_JWT_SECRET_KEY, algorithms=["HS256"])
|
||||
username = payload.get("sub")
|
||||
assert username == test_user.username
|
||||
|
||||
async def test_token_missing_user_is_invalid(self, app: FastAPI, client: AsyncClient, config: Config) -> None:
|
||||
|
||||
secret_key = auth_service._server_config.get("jwt_secret_key")
|
||||
token = auth_service.create_access_token(None)
|
||||
with pytest.raises(jwt.JWTError):
|
||||
jwt.decode(token, secret_key, algorithms=["HS256"])
|
||||
jwt.decode(token, DEFAULT_JWT_SECRET_KEY, algorithms=["HS256"])
|
||||
|
||||
async def test_can_retrieve_username_from_token(
|
||||
self,
|
||||
@ -198,9 +197,8 @@ class TestUserLogin:
|
||||
assert res.status_code == status.HTTP_200_OK
|
||||
|
||||
# check that token exists in response and has user encoded within it
|
||||
secret_key = auth_service._server_config.get("jwt_secret_key")
|
||||
token = res.json().get("access_token")
|
||||
payload = jwt.decode(token, secret_key, algorithms=["HS256"])
|
||||
payload = jwt.decode(token, DEFAULT_JWT_SECRET_KEY, algorithms=["HS256"])
|
||||
assert "sub" in payload
|
||||
username = payload.get("sub")
|
||||
assert username == test_user.username
|
||||
|
@ -39,6 +39,7 @@ if sys.platform.startswith("win") and sys.version_info < (3, 8):
|
||||
yield loop
|
||||
asyncio.set_event_loop(None)
|
||||
|
||||
|
||||
# https://github.com/pytest-dev/pytest-asyncio/issues/68
|
||||
# this event_loop is used by pytest-asyncio, and redefining it
|
||||
# is currently the only way of changing the scope of this fixture
|
||||
|
Loading…
Reference in New Issue
Block a user