External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-01-19 05:31:22 -03:30
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1383 from jakemcdermott/401-on-invalid-login

Browse Source 
issue a 401 on invalid login
This commit is contained in:
Matthew Jones 2018-02-28 08:35:11 -05:00 committed by GitHub
commit dc4b9341da
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 29 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
awx/api/generics.py
View File

@ -66,14 +66,15 @@ class LoggedLoginView(auth_views.LoginView):
original_user = getattr(request, 'user', None)
ret = super(LoggedLoginView, self).post(request, *args, **kwargs)
current_user = getattr(request, 'user', None)
if current_user and getattr(current_user, 'pk', None) and current_user != original_user:
logger.info("User {} logged in.".format(current_user.username))
if request.user.is_authenticated:
return ret
else:
ret.status = 401
ret.status_code = 401
return ret
class LoggedLogoutView(auth_views.LogoutView):

26
awx/main/tests/functional/api/test_auth.py Normal file
View File

@ -0,0 +1,26 @@
import pytest
from django.contrib import auth
from django.test import Client
from rest_framework.test import APIRequestFactory
from awx.api.generics import LoggedLoginView
from awx.api.versioning import drf_reverse
@pytest.mark.django_db
def test_invalid_login():
anon = auth.get_user(Client())
url = drf_reverse('api:login')
factory = APIRequestFactory()
data = {'userame': 'invalid', 'password': 'invalid'}
request = factory.post(url, data)
request.user = anon
response = LoggedLoginView.as_view()(request)
assert response.status_code == 401