Improve remote auth bootstrap flow
This commit is contained in:
+35
@@ -161,6 +161,41 @@ class NetworkGuardTests(unittest.TestCase):
|
||||
self.assertEqual(handler.response_status, HTTPStatus.SEE_OTHER)
|
||||
self.assertEqual(headers.get("Location"), "/")
|
||||
self.assertIn("ani_cli_web_token=secret-token", headers.get("Set-Cookie", ""))
|
||||
self.assertIn("Max-Age=", headers.get("Set-Cookie", ""))
|
||||
|
||||
def test_remote_browser_get_without_token_renders_login_page(self):
|
||||
handler = DummyHandler("/")
|
||||
handler.client_address = ("192.168.1.25", 8421)
|
||||
handler.command = "GET"
|
||||
|
||||
with mock.patch.dict(
|
||||
os.environ,
|
||||
{"ANI_CLI_WEB_ALLOW_REMOTE": "1", "ANI_CLI_WEB_REMOTE_TOKEN": "secret-token"},
|
||||
clear=False,
|
||||
):
|
||||
APP.Handler.do_GET(handler)
|
||||
|
||||
body = handler.wfile.getvalue().decode("utf-8")
|
||||
self.assertEqual(handler.response_status, HTTPStatus.UNAUTHORIZED)
|
||||
self.assertIn('<form method="post" action="/auth/login">', body)
|
||||
self.assertIn("Remote access token", body)
|
||||
|
||||
def test_remote_login_post_sets_cookie_and_redirects(self):
|
||||
body = b"token=secret-token&next=%2Fwatchlist"
|
||||
handler = DummyHandler("/auth/login", body=body, content_length=len(body))
|
||||
handler.client_address = ("192.168.1.25", 8421)
|
||||
|
||||
with mock.patch.dict(
|
||||
os.environ,
|
||||
{"ANI_CLI_WEB_ALLOW_REMOTE": "1", "ANI_CLI_WEB_REMOTE_TOKEN": "secret-token"},
|
||||
clear=False,
|
||||
):
|
||||
APP.Handler.do_POST(handler)
|
||||
|
||||
headers = dict(handler.response_headers)
|
||||
self.assertEqual(handler.response_status, HTTPStatus.SEE_OTHER)
|
||||
self.assertEqual(headers.get("Location"), "/watchlist")
|
||||
self.assertIn("ani_cli_web_token=secret-token", headers.get("Set-Cookie", ""))
|
||||
|
||||
def test_loopback_proxy_with_forwarded_remote_ip_requires_token(self):
|
||||
handler = DummyHandler("/api/config")
|
||||
|
||||
Reference in New Issue
Block a user