API - disable registration - #36

This commit is contained in:
Sam 2019-08-25 12:06:58 +02:00
parent 8762bc1779
commit 5b6a94fb85
7 changed files with 48 additions and 1 deletions

View File

@ -2,6 +2,7 @@ export REACT_APP_API_URL = http://$(HOST):$(API_PORT)
export REACT_APP_THUNDERFOREST_API_KEY=
export REACT_APP_GPX_LIMIT_IMPORT=10
export WEATHER_API=
export FT_ALLOW_REGISTRATION=true
# for dev env
export CODACY_PROJECT_TOKEN=

View File

@ -186,6 +186,7 @@
</li>
</ul>
</p></li>
<li><p><a class="reference external" href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.4">403 Forbidden</a> Error. Registration is disabled.</p></li>
<li><p><a class="reference external" href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.5.1">500 Internal Server Error</a> Error. Please try again or contact the administrator.</p></li>
</ul>
</dd>

File diff suppressed because one or more lines are too long

View File

@ -16,6 +16,9 @@ class BaseConfig:
)
PICTURE_ALLOWED_EXTENSIONS = {'jpg', 'png', 'gif'}
ACTIVITY_ALLOWED_EXTENSIONS = {'gpx', 'zip'}
REGISTRATION_ALLOWED = (
False if os.getenv('FT_ALLOW_REGISTRATION') == "false" else True
)
class DevelopmentConfig(BaseConfig):

View File

@ -21,6 +21,18 @@ def app():
return app
@pytest.fixture
def app_no_registration():
app = create_app()
app.config['REGISTRATION_ALLOWED'] = False
with app.app_context():
db.create_all()
yield app
db.session.remove()
db.drop_all()
return app
@pytest.fixture()
def user_1():
user = User(username='test', email='test@test.com', password='12345678')

View File

@ -232,6 +232,28 @@ def test_user_registration_invalid_data(app):
assert 'error' in data['status']
def test_user_registration_not_allowed(app_no_registration):
client = app_no_registration.test_client()
response = client.post(
'/api/auth/register',
data=json.dumps(
dict(
username='test',
email='test@test.com',
password='12345678',
password_conf='12345678',
)
),
content_type='application/json',
)
assert response.content_type == 'application/json'
assert response.status_code == 403
data = json.loads(response.data.decode())
assert data['status'] == 'error'
assert data['message'] == 'Error. Registration is disabled.'
def test_login_registered_user(app, user_1):
client = app.test_client()
response = client.post(

View File

@ -66,10 +66,18 @@ def register_user():
- Valid email must be provided.
- Password and password confirmation don't match.
- Password: 8 characters required.
:statuscode 403:
Error. Registration is disabled.
:statuscode 500:
Error. Please try again or contact the administrator.
"""
if not current_app.config.get('REGISTRATION_ALLOWED'):
response_object = {
'status': 'error',
'message': 'Error. Registration is disabled.',
}
return jsonify(response_object), 403
# get post data
post_data = request.get_json()
if not post_data or post_data.get('username') is None \