Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Make tokens case-insensitive.

  • Loading branch information...
commit 5e3a7f8a486cb9876ba6bb4646936f20ac4501d6 1 parent 6d45dcd
@dracos dracos authored
View
3  login_token/auth_backend.py
@@ -1,6 +1,6 @@
from django.contrib.auth.models import User
-from .models import LoginToken
+from .models import LoginToken, clean_token
class LoginTokenBackend(object):
supports_inactive_user = True
@@ -9,6 +9,7 @@ def authenticate(self, token=None):
if token is None:
return None
try:
+ token = clean_token(token)
lt = LoginToken.objects.get(token=token)
except LoginToken.DoesNotExist:
return None
View
3  login_token/models.py
@@ -18,6 +18,9 @@
def generate_token():
return " ".join(random.sample(words, NUMBER_OF_TOKEN_WORDS))
+def clean_token(token):
+ return re.sub('\s+', ' ', token).strip().lower()
+
class LoginToken(InstanceMixin, models.Model):
'''Represents a readable login token for mobile devices
View
6 login_token/tests.py
@@ -32,6 +32,12 @@ def test_login_token_views(self):
# FIXME: complete
pass
+ def test_login_token_auths(self):
+ lt = LoginToken.objects.create(user=self.user_a, instance=self.instance_a)
+ self.assertTrue( self.client.login(token=lt.token) )
+ self.assertTrue( self.client.login(token=lt.token.title()) )
+ self.assertTrue( self.client.login(token=lt.token.replace(' ', ' ')) )
+
def test_instance_users_changes(self):
self.assertTrue(0 == len(LoginToken.objects.all()),
View
5 login_token/views.py
@@ -1,5 +1,4 @@
import json
-import re
import sys
from django.conf import settings
@@ -9,7 +8,7 @@
from django.views.decorators.csrf import csrf_exempt
from instances.models import Instance
-from login_token.models import LoginToken
+from login_token.models import LoginToken, clean_token
from datetime import timedelta
@@ -49,7 +48,7 @@ def check_login_token(request):
content_type='text/json',
status=401)
token = request.POST[key]
- token = re.sub('\s+', ' ', token).strip()
+ token = clean_token(token)
def instance_dict(i):
return {'label': i.label,
Please sign in to comment.
Something went wrong with that request. Please try again.