diff options
| author | Aditi <aditi.iitr@gmail.com> | 2013-06-26 22:13:23 +0530 |
|---|---|---|
| committer | Aditi <aditi.iitr@gmail.com> | 2013-06-26 22:13:23 +0530 |
| commit | 054ef9a76a2ca73c0ca3cb8325a01cc981a39ddd (patch) | |
| tree | b8890b62d50cfc20a7d9af7d86d6ceb0a29eb5fd /mediagoblin/tests/test_basic_auth.py | |
| parent | 2719d546a57c2332e36cc056ac80ec5d79672c1a (diff) | |
| parent | 491f2007f5d1f5f595c37491b7f9c0c2b4c93963 (diff) | |
| download | mediagoblin-054ef9a76a2ca73c0ca3cb8325a01cc981a39ddd.tar.lz mediagoblin-054ef9a76a2ca73c0ca3cb8325a01cc981a39ddd.tar.xz mediagoblin-054ef9a76a2ca73c0ca3cb8325a01cc981a39ddd.zip | |
Merge branch 'master' of git://gitorious.org/mediagoblin/mediagoblin
Diffstat (limited to 'mediagoblin/tests/test_basic_auth.py')
| -rw-r--r-- | mediagoblin/tests/test_basic_auth.py | 59 |
1 files changed, 59 insertions, 0 deletions
diff --git a/mediagoblin/tests/test_basic_auth.py b/mediagoblin/tests/test_basic_auth.py new file mode 100644 index 00000000..cdd80fca --- /dev/null +++ b/mediagoblin/tests/test_basic_auth.py @@ -0,0 +1,59 @@ +# GNU MediaGoblin -- federated, autonomous media hosting +# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +from mediagoblin.plugins.basic_auth import tools as auth_tools +from mediagoblin.tools.testing import _activate_testing + +_activate_testing() + + +######################## +# Test bcrypt auth funcs +######################## + + +def test_bcrypt_check_password(): + # Check known 'lollerskates' password against check function + assert auth_tools.bcrypt_check_password( + 'lollerskates', + '$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO') + + assert not auth_tools.bcrypt_check_password( + 'notthepassword', + '$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO') + + # Same thing, but with extra fake salt. + assert not auth_tools.bcrypt_check_password( + 'notthepassword', + '$2a$12$ELVlnw3z1FMu6CEGs/L8XO8vl0BuWSlUHgh0rUrry9DUXGMUNWwl6', + '3><7R45417') + + +def test_bcrypt_gen_password_hash(): + pw = 'youwillneverguessthis' + + # Normal password hash generation, and check on that hash + hashed_pw = auth_tools.bcrypt_gen_password_hash(pw) + assert auth_tools.bcrypt_check_password( + pw, hashed_pw) + assert not auth_tools.bcrypt_check_password( + 'notthepassword', hashed_pw) + + # Same thing, extra salt. + hashed_pw = auth_tools.bcrypt_gen_password_hash(pw, '3><7R45417') + assert auth_tools.bcrypt_check_password( + pw, hashed_pw, '3><7R45417') + assert not auth_tools.bcrypt_check_password( + 'notthepassword', hashed_pw, '3><7R45417') |