feat: update auth cookies format to be able to work with multi users per auction

0076eb4b · mashony · 3c76d21a · 0076eb4b · 0076eb4b · 0076eb4b
Commit 0076eb4b authored Jul 05, 2021 by mashony
--- a/Makefile
+++ b/Makefile
@@ -147,4 +147,4 @@ help:
 		} \
 	} \
 	{ lastLine = $$0 }' $(MAKEFILE_LIST)
-	@echo ''
\ No newline at end of file
+	@echo ''
--- a/src/prozorro_sale/auth/api.py
+++ b/src/prozorro_sale/auth/api.py
@@ -80,10 +80,14 @@ async def auth_auction(request):
    data = utils.get_token(request)
    bid_token = utils.create_auth_token(data)
    auction_id = data['id']
-    redirect_url = utils.build_redirect_url(auction_id)
+    bid_uid = utils.create_bid_id_token(data['bid'])
+    redirect_url = utils.build_redirect_url(auction_id, bid_uid)
    response = web.HTTPSeeOther(redirect_url)
-    response.set_cookie(name=f'auth_token-{auction_id}', value=bid_token, httponly='1', max_age=utils.COOKIE_MAX_AGE,
-                        domain=utils.DOMAIN, path=f'/api/auctions/{auction_id}')
+    response.set_cookie(
+        name=f'auth_token-{auction_id}-{bid_uid}',
+        value=bid_token, httponly='1', max_age=utils.COOKIE_MAX_AGE,
+        domain=utils.DOMAIN, path=f'/api/auctions/{auction_id}'
+    )
    LOG.info(f'bidder {data["bid"]} successfuly redirected to auction {auction_id}')
    return response


--- a/src/prozorro_sale/auth/utils.py
+++ b/src/prozorro_sale/auth/utils.py
@@ -2,6 +2,7 @@ from prozorro_sale.auth import errors
 import jwt
 import os
 from datetime import datetime, timedelta
+from hashlib import blake2b

 PRIVATE_KEY = None
 PUBLIC_KEY = None
@@ -84,5 +85,9 @@ def create_auth_token(data):
    return encode_token(data)


-def build_redirect_url(auction_id):
-    return f'{AUCTIONS_API}/{auction_id}'
+def create_bid_id_token(bid_id):
+    return blake2b(str.encode(bid_id), digest_size=8).hexdigest()
+
+
+def build_redirect_url(auction_id, bid_uid=None):
+    return f'{AUCTIONS_API}/{auction_id}' + (f'?bid_uid={bid_uid}' if bid_uid else '')
--- a/test/integration/conftest.py
+++ b/test/integration/conftest.py
@@ -26,15 +26,25 @@ def create_auth_token(monkeypatch):

 @pytest.fixture
 def build_redirect_url(monkeypatch):
-    monkeypatch.setattr('prozorro_sale.auth.utils.build_redirect_url', lambda url: 'redirect-url')
+    monkeypatch.setattr('prozorro_sale.auth.utils.build_redirect_url', lambda auction_id, bid_uid: 'redirect-url')


 @pytest.fixture
-def get_token(monkeypatch):
-    monkeypatch.setattr('prozorro_sale.auth.utils.get_token', lambda data: {
+def patch_create_bid_id_token(monkeypatch):
+    monkeypatch.setattr('prozorro_sale.auth.utils.create_bid_id_token', lambda bid_id: 'test-token')
+
+
+@pytest.fixture
+def token_data():
+    return {
        "id": "TIE001-UA-20200915-16563",
        "dur": 86400,
        "bid": "3123636e447c40f3bc53e4ffc127b64c",
        "exp": 1900203886,
        "iss": "prozorro.api"
-    })
+    }
+
+
+@pytest.fixture
+def get_token(monkeypatch, token_data):
+    monkeypatch.setattr('prozorro_sale.auth.utils.get_token', lambda data: token_data)
--- a/test/integration/test_api.py
+++ b/test/integration/test_api.py
 import pytest


-@pytest.mark.usefixtures('create_auth_token', 'build_redirect_url', 'get_token')
+@pytest.mark.usefixtures('create_auth_token', 'build_redirect_url', 'get_token', 'patch_create_bid_id_token')
 class TestApi:

    async def test_ping(self, client):
@@ -11,7 +11,8 @@ class TestApi:

        assert data['text'] == 'pong'

-    async def test_auth(self, client):
+    async def test_auth(self, client, token_data):
        resp = await client.get('api/auth/auction?token=token', allow_redirects=False)
        assert resp.status == 303
-        assert resp.cookies.get('auth_token-TIE001-UA-20200915-16563').value == 'auth-token'
+
+        assert resp.cookies.get('auth_token-TIE001-UA-20200915-16563-test-token').value == 'auth-token'