diff --git a/seahub/api2/serializers.py b/seahub/api2/serializers.py index 305123e895..1c734f581b 100644 --- a/seahub/api2/serializers.py +++ b/seahub/api2/serializers.py @@ -1,11 +1,9 @@ -import re - from rest_framework import serializers from seahub.auth import authenticate from seahub.api2.models import Token, TokenV2, DESKTOP_PLATFORMS from seahub.api2.utils import get_token_v1, get_token_v2 -from seahub.utils import is_valid_username +from seahub.profile.models import Profile def all_none(values): for value in values: @@ -35,7 +33,7 @@ class AuthTokenSerializer(serializers.Serializer): platform_version = serializers.CharField(required=False) def validate(self, attrs): - username = attrs.get('username') + login_id = attrs.get('username') password = attrs.get('password') platform = attrs.get('platform', None) @@ -54,10 +52,9 @@ class AuthTokenSerializer(serializers.Serializer): else: raise serializers.ValidationError('invalid params') - # first check username and password - if username: - if not is_valid_username(username): - raise serializers.ValidationError('username is not valid.') + username = Profile.objects.get_username_by_login_id(login_id) + if username is None: + username = login_id if username and password: user = authenticate(username=username, password=password) diff --git a/seahub/profile/models.py b/seahub/profile/models.py index 25c3ac1966..56bf1be189 100644 --- a/seahub/profile/models.py +++ b/seahub/profile/models.py @@ -47,6 +47,9 @@ class ProfileManager(models.Manager): def get_username_by_login_id(self, login_id): """Convert a user's login id to username(login email). """ + if not login_id: + return None + try: return super(ProfileManager, self).get(login_id=login_id).user except Profile.DoesNotExist: @@ -55,7 +58,7 @@ class ProfileManager(models.Manager): def get_user_language(self, username): """Get user's language from profile. Return default language code if user has no preferred language. - + Arguments: - `self`: - `username`: diff --git a/tests/api/test_obtain_auth_token.py b/tests/api/test_obtain_auth_token.py new file mode 100644 index 0000000000..4a27328bbe --- /dev/null +++ b/tests/api/test_obtain_auth_token.py @@ -0,0 +1,54 @@ +import json + +from seahub.profile.models import Profile +from seahub.test_utils import BaseTestCase +from .urls import TOKEN_URL + +class ObtainAuthTokenTest(BaseTestCase): + def setUp(self): + self.p = Profile.objects.add_or_update(self.user.username, '', '') + self.p.login_id = 'test_login_id' + self.p.save() + + def test_correct_email_passwd(self): + resp = self.client.post(TOKEN_URL, { + 'username': self.user.username, + 'password': self.user_password, + }) + + json_resp = json.loads(resp.content) + assert json_resp['token'] is not None + assert len(json_resp['token']) == 40 + + def test_correct_loginID_password(self): + + resp = self.client.post(TOKEN_URL, { + 'username': self.p.login_id, + 'password': self.user_password, + }) + + json_resp = json.loads(resp.content) + assert json_resp['token'] is not None + assert len(json_resp['token']) == 40 + + def test_invalid_password(self): + resp = self.client.post(TOKEN_URL, { + 'username': self.user.username, + 'password': 'random_password', + }) + self.assertEqual(400, resp.status_code) + json_resp = json.loads(resp.content) + assert json_resp['non_field_errors'] == ['Unable to login with provided credentials.'] + + def test_empty_login_id(self): + self.p.login_id = "" + self.p.save() + + resp = self.client.post(TOKEN_URL, { + 'username': self.p.login_id, + 'password': self.user_password, + }) + + self.assertEqual(400, resp.status_code) + json_resp = json.loads(resp.content) + assert json_resp['non_field_errors'] == ['Must include "username" and "password"']