add JWT auth

c16a9567 · Kenzo-Hugo Hillion · 5c0eff4a · c16a9567 · c16a9567 · c16a9567
Commit c16a9567 authored Jun 19, 2019 by Kenzo-Hugo Hillion ♻
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -30,5 +30,5 @@ test-backend:
    DJANGO_SETTINGS_MODULE: "metagenedb.settings-gitlab-ci"
  script:
    - flake8 --max-line-length 120
-    - pytest --cov . 2>&1 pytest_tmp.out
-    - pytest --cov scripts/ --cov-append
+    - coverage run --source='.' scripts/manage.py test metagenedb/tests
+    - coverage report
--- a/backend/metagenedb/apps/accounts/__init__.py
+++ b/backend/metagenedb/apps/accounts/__init__.py
--- a/backend/metagenedb/apps/accounts/apps.py
+++ b/backend/metagenedb/apps/accounts/apps.py
+from django.apps import AppConfig
+
+
+class AccountsConfig(AppConfig):
+    name = 'accounts'
--- a/backend/metagenedb/apps/accounts/migrations/__init__.py
+++ b/backend/metagenedb/apps/accounts/migrations/__init__.py
--- a/backend/metagenedb/apps/accounts/urls.py
+++ b/backend/metagenedb/apps/accounts/urls.py
+from django.urls import re_path
+from rest_framework_jwt.views import (
+    obtain_jwt_token,
+    refresh_jwt_token,
+    verify_jwt_token,
+)
+
+
+urlpatterns = [
+    re_path(
+        r'^auth/obtain_token/',
+        obtain_jwt_token,
+        name='api-jwt-auth'
+    ),
+    re_path(
+        r'^auth/refresh_token/',
+        refresh_jwt_token,
+        name='api-jwt-refresh'
+    ),
+    re_path(
+        r'^auth/verify_token/',
+        verify_jwt_token,
+        name='api-jwt-verify'
+    ),
+]
--- a/backend/metagenedb/settings/django.py
+++ b/backend/metagenedb/settings/django.py
@@ -10,6 +10,7 @@ environ.Env.read_env(root('.env'))  # reading .env file

 INSTALLED_APPS = [
    'metagenedb.apps.catalog',
+    'metagenedb.apps.accounts',
    'django.contrib.admin',
    'django.contrib.auth',
    'django.contrib.contenttypes',
@@ -93,6 +94,20 @@ CORS_ORIGIN_WHITELIST = (
 )


+# Rest framework
+
+REST_FRAMEWORK = {
+    'DEFAULT_PERMISSION_CLASSES': (
+        'rest_framework.permissions.IsAuthenticated',
+    ),
+    'DEFAULT_AUTHENTICATION_CLASSES': (
+        'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
+        'rest_framework.authentication.SessionAuthentication',
+        'rest_framework.authentication.BasicAuthentication',
+    ),
+}
+
+
 # Config by .env file

 DEBUG = env.bool('DEBUG', default=False)

--- a/backend/metagenedb/tests/__init__.py
+++ b/backend/metagenedb/tests/__init__.py
--- a/backend/metagenedb/tests/apps/__init__.py
+++ b/backend/metagenedb/tests/apps/__init__.py
--- a/backend/metagenedb/tests/apps/accounts/__init__.py
+++ b/backend/metagenedb/tests/apps/accounts/__init__.py
--- a/backend/metagenedb/tests/apps/accounts/tests.py
+++ b/backend/metagenedb/tests/apps/accounts/tests.py
+from django.urls import reverse
+from rest_framework.test import APITestCase
+from rest_framework import status
+
+
+from django.contrib.auth.models import User
+
+
+class TestAccounts(APITestCase):
+
+    def test_obtain_jwt(self):
+
+        # create an inactive user
+        url = reverse('api-jwt-auth')
+        u = User.objects.create_user(username='user', email='user@foo.com', password='pass')
+        u.is_active = False
+        u.save()
+
+        # authenticate with username and password
+        resp = self.client.post(url, {'email': 'user@foo.com', 'password': 'pass'}, format='json')
+        self.assertEqual(resp.status_code, status.HTTP_400_BAD_REQUEST)
+
+        # set the user to activate and attempt to get a token from login
+        u.is_active = True
+        u.save()
+        resp = self.client.post(url, {'username': 'user', 'password': 'pass'}, format='json')
+        self.assertEqual(resp.status_code, status.HTTP_200_OK)
+        self.assertTrue('token' in resp.data)
--- a/backend/metagenedb/tests/test_user.py
+++ b/backend/metagenedb/tests/test_user.py
-from django.contrib.auth.models import User
-from django.test import TestCase
-
-
-class TestDatabase(TestCase):
-    def test_create_user(self):
-        user = User.objects.create_user(
-            username='user',
-            email='user@foo.com',
-            password='pass'
-        )
-        user.save()
-        user_count = User.objects.all().count()
-        self.assertEqual(user_count, 1)
--- a/backend/metagenedb/urls.py
+++ b/backend/metagenedb/urls.py
@@ -18,6 +18,7 @@ from django.urls import include, path


 urlpatterns = [
+    path('', include('metagenedb.apps.accounts.urls')),
    path('admin/', admin.site.urls),
    path('catalog/', include('metagenedb.apps.catalog.urls'))
 ]
--- a/backend/pytest.ini
+++ b/backend/pytest.ini
 [pytest]
-DJANGO_SETTINGS_MODULE = backend.settings
+DJANGO_SETTINGS_MODULE = metagenedb.settings
 python_files = tests.py test_*.py *_tests.py
\ No newline at end of file
--- a/backend/requirements.txt
+++ b/backend/requirements.txt
@@ -2,8 +2,11 @@ Django==2.2.1
 django-cors-headers==3.0.2
 django-environ==0.4.5
 django-extensions==2.1.7
+django-filter==2.1.0
 djangorestframework==3.9.4
+djangorestframework-jwt==1.11.0
 psycopg2==2.8.2
+PyJWT==1.7.1
 pytz==2019.1
 six==1.12.0
 sqlparse==0.3.0
--- a/backend/requirements_dev.txt
+++ b/backend/requirements_dev.txt
@@ -20,7 +20,6 @@ pyflakes==2.1.1
 pyparsing==2.4.0
 pytest==4.6.3
 pytest-cov==2.7.1
-pytest-django==3.5.0
 pytz==2019.1
 six==1.12.0
 sqlparse==0.3.0