feat: Added auth and permission classes for auto auth

openedx · Oct 31, 2024 · 48971bf · 48971bf
1 parent d5a7689
commit 48971bf
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 0 deletions.
diff --git a/openedx/core/djangoapps/user_authn/permissions.py b/openedx/core/djangoapps/user_authn/permissions.py
@@ -0,0 +1,19 @@
+"""
+This module provides a custom DRF Permission class for supporting the e2e
+testing.
+"""
+from django.conf import settings
+from rest_framework.permissions import BasePermission
+
+
+class IsE2eTestUser(BasePermission):
+    """
+    Method that will ensure whether the requesting user is e2e
+    test user or not
+    """
+    def has_permission(self, request, view):
+        # check whether requesting user is the e2e test user or not
+        if request.user.username == settings.E2E_TEST_USER_USERNAME:
+            return True
+
+        return False
diff --git a/openedx/core/djangoapps/user_authn/views/auto_auth.py b/openedx/core/djangoapps/user_authn/views/auto_auth.py
@@ -14,10 +14,13 @@
 from django.template.context_processors import csrf
 from django.urls import NoReverseMatch, reverse
 from django.utils.translation import gettext as _
+from edx_rest_framework_extensions.auth.jwt.authentication import JwtAuthentication
 from opaque_keys.edx.locator import CourseLocator
+from rest_framework.authentication import SessionAuthentication
 
 from lms.djangoapps.verify_student.models import ManualVerification
 from openedx.core.djangoapps.django_comment_common.models import assign_role
+from openedx.core.djangoapps.user_authn.permissions import IsE2eTestUser
 from openedx.core.djangoapps.user_authn.views.registration_form import AccountCreationForm
 from openedx.features.course_experience import course_home_url
 from common.djangoapps.student.helpers import (
@@ -35,6 +38,7 @@
     create_comments_service_user
 )
 from common.djangoapps.util.json_request import JsonResponse
+from openedx.core.lib.api.authentication import BearerAuthentication
 
 from edx_django_utils.user import generate_password  # lint-amnesty, pylint: disable=wrong-import-order
 
@@ -61,6 +65,8 @@ def auto_auth(request):  # pylint: disable=too-many-statements
     If username, email, or password are not provided, use
     randomly generated credentials.
     """
+    authentication_classes = (JwtAuthentication, BearerAuthentication, SessionAuthentication,)
+    permission_classes = (IsE2eTestUser,)
 
     # Generate a unique name to use if none provided
     generated_username = uuid.uuid4().hex[0:30]