reuse ApiKey if same device
This commit is contained in:
parent
98487aba10
commit
14b48835ae
|
@ -56,6 +56,9 @@ def auth_login():
|
||||||
ret["mfa_key"] = s.sign(str(user.id))
|
ret["mfa_key"] = s.sign(str(user.id))
|
||||||
ret["api_key"] = None
|
ret["api_key"] = None
|
||||||
else:
|
else:
|
||||||
|
api_key = ApiKey.get_by(user_id=user.id, name=device)
|
||||||
|
if not api_key:
|
||||||
|
LOG.d("create new api key for %s and %s", user, device)
|
||||||
api_key = ApiKey.create(user.id, device)
|
api_key = ApiKey.create(user.id, device)
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
ret["mfa_key"] = None
|
ret["mfa_key"] = None
|
||||||
|
|
|
@ -6,6 +6,7 @@ from itsdangerous import Signer, BadSignature
|
||||||
from app.api.base import api_bp
|
from app.api.base import api_bp
|
||||||
from app.config import FLASK_SECRET
|
from app.config import FLASK_SECRET
|
||||||
from app.extensions import db
|
from app.extensions import db
|
||||||
|
from app.log import LOG
|
||||||
from app.models import User, ApiKey
|
from app.models import User, ApiKey
|
||||||
|
|
||||||
|
|
||||||
|
@ -58,8 +59,12 @@ def auth_mfa():
|
||||||
"name": user.name,
|
"name": user.name,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
api_key = ApiKey.get_by(user_id=user.id, name=device)
|
||||||
|
if not api_key:
|
||||||
|
LOG.d("create new api key for %s and %s", user, device)
|
||||||
api_key = ApiKey.create(user.id, device)
|
api_key = ApiKey.create(user.id, device)
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
|
|
||||||
ret["api_key"] = api_key.code
|
ret["api_key"] = api_key.code
|
||||||
|
|
||||||
return jsonify(**ret), 200
|
return jsonify(**ret), 200
|
||||||
|
|
|
@ -40,3 +40,26 @@ def test_auth_login_success_mfa_enabled(flask_client):
|
||||||
assert r.json["mfa_enabled"] == True
|
assert r.json["mfa_enabled"] == True
|
||||||
assert r.json["mfa_key"]
|
assert r.json["mfa_key"]
|
||||||
assert r.json["name"] == "Test User"
|
assert r.json["name"] == "Test User"
|
||||||
|
|
||||||
|
|
||||||
|
def test_auth_login_device_exist(flask_client):
|
||||||
|
User.create(email="a@b.c", password="password", name="Test User", activated=True)
|
||||||
|
db.session.commit()
|
||||||
|
|
||||||
|
r = flask_client.post(
|
||||||
|
url_for("api.auth_login"),
|
||||||
|
json={"email": "a@b.c", "password": "password", "device": "Test Device"},
|
||||||
|
)
|
||||||
|
|
||||||
|
assert r.status_code == 200
|
||||||
|
api_key = r.json["api_key"]
|
||||||
|
assert r.json["mfa_enabled"] == False
|
||||||
|
assert r.json["mfa_key"] is None
|
||||||
|
assert r.json["name"] == "Test User"
|
||||||
|
|
||||||
|
# same device, should return same api_key
|
||||||
|
r = flask_client.post(
|
||||||
|
url_for("api.auth_login"),
|
||||||
|
json={"email": "a@b.c", "password": "password", "device": "Test Device"},
|
||||||
|
)
|
||||||
|
assert r.json["api_key"] == api_key
|
||||||
|
|
Loading…
Reference in New Issue