No longer hash auth tokens + store the token scopes

This partially reverts commit c57aefd48b. The code to check against hashed tokens remains, because existing tokens should still work. The unhashed tokens are necessary for fetching badges from Blender ID.
2018-09-11 16:11:44 +02:00
parent a753637e70
commit 85eab0c6cb
8 changed files with 27 additions and 43 deletions
--- a/tests/test_api/test_blender_id_subclient.py
+++ b/tests/test_api/test_blender_id_subclient.py
@@ -42,8 +42,6 @@ class BlenderIdSubclientTest(AbstractPillarTest):

    @responses.activate
    def test_store_multiple_tokens(self):
-        from pillar.api.utils.authentication import hash_auth_token
-
        scst1 = '%s-1' % TEST_SUBCLIENT_TOKEN
        scst2 = '%s-2' % TEST_SUBCLIENT_TOKEN
        db_user1 = self._common_user_test(201, scst=scst1)
@@ -53,10 +51,8 @@ class BlenderIdSubclientTest(AbstractPillarTest):
        # Now there should be two tokens.
        with self.app.test_request_context():
            tokens = self.app.data.driver.db['tokens']
-            self.assertIsNotNone(tokens.find_one(
-                {'user': db_user1['_id'], 'token_hashed': hash_auth_token(scst1)}))
-            self.assertIsNotNone(tokens.find_one(
-                {'user': db_user1['_id'], 'token_hashed': hash_auth_token(scst2)}))
+            self.assertIsNotNone(tokens.find_one({'user': db_user1['_id'], 'token': scst1}))
+            self.assertIsNotNone(tokens.find_one({'user': db_user1['_id'], 'token': scst2}))

        # There should still be only one auth element for blender-id in the user doc.
        self.assertEqual(1, len(db_user1['auth']))
@@ -80,8 +76,6 @@ class BlenderIdSubclientTest(AbstractPillarTest):
    def _common_user_test(self, expected_status_code, scst=TEST_SUBCLIENT_TOKEN,
                          expected_full_name=TEST_FULL_NAME,
                          mock_happy_blender_id=True):
-        from pillar.api.utils.authentication import hash_auth_token
-
        if mock_happy_blender_id:
            self.mock_blenderid_validate_happy()

@@ -110,7 +104,7 @@ class BlenderIdSubclientTest(AbstractPillarTest):
            # Check that the token was succesfully stored.
            tokens = self.app.data.driver.db['tokens']
            db_token = tokens.find_one({'user': db_user['_id'],
-                                        'token_hashed': hash_auth_token(scst)})
+                                        'token': scst})
            self.assertIsNotNone(db_token)

        return db_user