From e4bd8e3a17d16cde919d5afdfc0fe2878f554e5c Mon Sep 17 00:00:00 2001 From: Rod Hyde Date: Wed, 20 Apr 2016 12:48:14 +0100 Subject: [PATCH 1/3] Fix attribute error in default payload handler. If the authentication handler returned a dictionary rather than an object then the default payload handler would throw an AttributeError as no default value was supplied for getattr(). --- flask_jwt/__init__.py | 2 +- tests/test_jwt.py | 13 +++++++++++++ tox.ini | 2 +- 3 files changed, 15 insertions(+), 2 deletions(-) diff --git a/flask_jwt/__init__.py b/flask_jwt/__init__.py index f864b78..dd5688b 100644 --- a/flask_jwt/__init__.py +++ b/flask_jwt/__init__.py @@ -50,7 +50,7 @@ def _default_jwt_payload_handler(identity): iat = datetime.utcnow() exp = iat + current_app.config.get('JWT_EXPIRATION_DELTA') nbf = iat + current_app.config.get('JWT_NOT_BEFORE_DELTA') - identity = getattr(identity, 'id') or identity['id'] + identity = getattr(identity, 'id', None) or identity['id'] return {'exp': exp, 'iat': iat, 'nbf': nbf, 'identity': identity} diff --git a/tests/test_jwt.py b/tests/test_jwt.py index 2157003..fb705e4 100644 --- a/tests/test_jwt.py +++ b/tests/test_jwt.py @@ -291,3 +291,16 @@ def custom_auth_request_handler(): with app.test_client() as c: resp, jdata = post_json(c, '/auth', {}) assert jdata == {'hello': 'world'} + + +def test_authentication_handler_with_dictionary_result(client, jwt, user): + @jwt.authentication_handler + def authenticate(username, password): + if username == user.username and password == user.password: + return dict(id=user.id, username=user.username, password=user.password) + return None + + resp, jdata = post_json( + client, '/auth', {'username': user.username, 'password': user.password}) + assert resp.status_code == 200 + assert 'access_token' in jdata diff --git a/tox.ini b/tox.ini index e9fda0a..93423eb 100644 --- a/tox.ini +++ b/tox.ini @@ -7,4 +7,4 @@ deps = -r{toxinidir}/requirements-dev.txt commands = - py.test --clearcache {posargs} ./tests + py.test --cache-clear {posargs} ./tests From ca7506cba6c397b3685cfaed175c83a8d7bb6193 Mon Sep 17 00:00:00 2001 From: Rod Hyde Date: Wed, 20 Apr 2016 13:14:28 +0100 Subject: [PATCH 2/3] Removed rogue tab characters --- tests/test_jwt.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/test_jwt.py b/tests/test_jwt.py index fb705e4..fd4a119 100644 --- a/tests/test_jwt.py +++ b/tests/test_jwt.py @@ -292,7 +292,7 @@ def custom_auth_request_handler(): resp, jdata = post_json(c, '/auth', {}) assert jdata == {'hello': 'world'} - + def test_authentication_handler_with_dictionary_result(client, jwt, user): @jwt.authentication_handler def authenticate(username, password): @@ -304,3 +304,4 @@ def authenticate(username, password): client, '/auth', {'username': user.username, 'password': user.password}) assert resp.status_code == 200 assert 'access_token' in jdata + From 021cf94966f601f5bd65d61cfa06894a25895a91 Mon Sep 17 00:00:00 2001 From: Rod Hyde Date: Wed, 20 Apr 2016 13:19:39 +0100 Subject: [PATCH 3/3] Removed blank line at end of file --- tests/test_jwt.py | 1 - 1 file changed, 1 deletion(-) diff --git a/tests/test_jwt.py b/tests/test_jwt.py index fd4a119..29ba038 100644 --- a/tests/test_jwt.py +++ b/tests/test_jwt.py @@ -304,4 +304,3 @@ def authenticate(username, password): client, '/auth', {'username': user.username, 'password': user.password}) assert resp.status_code == 200 assert 'access_token' in jdata -