Advanced to version 0.3.1.

Added the test_disabled test to the FlaskLoginTestCase test case.
Fixed to store the auth state in request instead of the g global object in the flask_login load_user_from_request and unauthorized handlers in the init_app method of the DigestAuth class. This is so that the auth state is always reset in the lifecycle of request even if g stays. Revised the unauthorized to create a new auth state if it is not available in the current request, in the case that the load_user_from_request handler was not run previously.
2022-12-29 23:49:28 +08:00 · 2022-12-29 23:44:02 +08:00 · 2022-12-29 23:43:35 +08:00
4 changed files with 49 additions and 6 deletions
--- a/docs/source/conf.py
+++ b/docs/source/conf.py
@@ -13,7 +13,7 @@ sys.path.insert(0, os.path.abspath('../../src/'))
 project = 'Flask-Digest-Auth'
 copyright = '2022, imacat'
 author = 'imacat'
-release = '0.3.0'
+release = '0.3.1'

 # -- General configuration ---------------------------------------------------
 # https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration
--- a/setup.cfg
+++ b/setup.cfg
@@ -17,7 +17,7 @@

 [metadata]
 name = flask-digest-auth
-version = 0.3.0
+version = 0.3.1
 author = imacat
 author_email = imacat@mail.imacat.idv.tw
 description = The Flask HTTP Digest Authentication project.
--- a/src/flask_digest_auth/auth.py
+++ b/src/flask_digest_auth/auth.py
@@ -356,10 +356,13 @@ class DigestAuth:

                :return: None.
                """
+                state: AuthState = request.digest_auth_state \
+                    if hasattr(request, "digest_auth_state") \
+                    else AuthState()
                response: Response = Response()
                response.status = 401
                response.headers["WWW-Authenticate"] \
-                    = self.__make_response_header(g.digest_auth_state)
+                    = self.__make_response_header(state)
                abort(response)

            @login_manager.request_loader
@@ -370,7 +373,7 @@ class DigestAuth:
                :return: The authenticated user, or None if the
                    authentication fails
                """
-                g.digest_auth_state = AuthState()
+                request.digest_auth_state = AuthState()
                authorization: Authorization = req.authorization
                try:
                    if authorization is None:
@@ -378,7 +381,7 @@ class DigestAuth:
                    if authorization.type != "digest":
                        raise UnauthorizedException(
                            "Not an HTTP digest authorization")
-                    self.__authenticate(g.digest_auth_state)
+                    self.__authenticate(request.digest_auth_state)
                    user = login_manager.user_callback(
                        authorization.username)
                    login_user(user)
--- a/tests/test_flask_login.py
+++ b/tests/test_flask_login.py
@@ -45,7 +45,6 @@ class User:
        self.password_hash: str = make_password_hash(
            _REALM, username, password)
        self.visits: int = 0
-        self.is_authenticated: bool = True
        self.is_active: bool = True
        self.is_anonymous: bool = False

@@ -57,6 +56,16 @@ class User:
        """
        return self.username

+    @property
+    def is_authenticated(self) -> bool:
+        """Returns whether the user is authenticated.
+        This is required by Flask-Login.
+        This should return self.is_active.
+
+        :return: True if the user is active, or False otherwise.
+        """
+        return self.is_active
+

 class FlaskLoginTestCase(TestCase):
    """The test case with the Flask-Login integration."""
@@ -256,3 +265,34 @@ class FlaskLoginTestCase(TestCase):
        response = self.client.get(admin_uri)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(self.user.visits, 2)
+
+    def test_disabled(self) -> None:
+        """Tests the disabled user.
+
+        :return: None.
+        """
+        if not self.has_flask_login:
+            self.skipTest("Skipped without Flask-Login.")
+
+        response: Response
+
+        self.user.is_active = False
+        response = self.client.get(self.app.url_for("admin-1"))
+        self.assertEqual(response.status_code, 401)
+        response = self.client.get(self.app.url_for("admin-1"),
+                                   digest_auth=(_USERNAME, _PASSWORD))
+        self.assertEqual(response.status_code, 401)
+
+        self.user.is_active = True
+        response = self.client.get(self.app.url_for("admin-1"),
+                                   digest_auth=(_USERNAME, _PASSWORD))
+        self.assertEqual(response.status_code, 200)
+        response = self.client.get(self.app.url_for("admin-1"))
+        self.assertEqual(response.status_code, 200)
+
+        self.user.is_active = False
+        response = self.client.get(self.app.url_for("admin-1"))
+        self.assertEqual(response.status_code, 401)
+        response = self.client.get(self.app.url_for("admin-1"),
+                                   digest_auth=(_USERNAME, _PASSWORD))
+        self.assertEqual(response.status_code, 401)
Author	SHA1	Message	Date
imacat	2de770aed0	Advanced to version 0.3.1.	2022-12-29 23:49:28 +08:00
imacat	9ab413d583	Added the test_disabled test to the FlaskLoginTestCase test case.	2022-12-29 23:44:02 +08:00
imacat	aeb93a60e5	Fixed to store the auth state in request instead of the g global object in the flask_login load_user_from_request and unauthorized handlers in the init_app method of the DigestAuth class. This is so that the auth state is always reset in the lifecycle of request even if g stays. Revised the unauthorized to create a new auth state if it is not available in the current request, in the case that the load_user_from_request handler was not run previously.	2022-12-29 23:43:35 +08:00