From 48971bffde83c9f8ca3d24192dda46bfc9994f31 Mon Sep 17 00:00:00 2001 From: irfanuddinahmad Date: Wed, 30 Oct 2024 17:40:16 +0500 Subject: [PATCH] feat: Added auth and permission classes for auto auth --- .../core/djangoapps/user_authn/permissions.py | 19 +++++++++++++++++++ .../djangoapps/user_authn/views/auto_auth.py | 6 ++++++ 2 files changed, 25 insertions(+) create mode 100644 openedx/core/djangoapps/user_authn/permissions.py diff --git a/openedx/core/djangoapps/user_authn/permissions.py b/openedx/core/djangoapps/user_authn/permissions.py new file mode 100644 index 000000000000..b16626d32f96 --- /dev/null +++ b/openedx/core/djangoapps/user_authn/permissions.py @@ -0,0 +1,19 @@ +""" +This module provides a custom DRF Permission class for supporting the e2e +testing. +""" +from django.conf import settings +from rest_framework.permissions import BasePermission + + +class IsE2eTestUser(BasePermission): + """ + Method that will ensure whether the requesting user is e2e + test user or not + """ + def has_permission(self, request, view): + # check whether requesting user is the e2e test user or not + if request.user.username == settings.E2E_TEST_USER_USERNAME: + return True + + return False diff --git a/openedx/core/djangoapps/user_authn/views/auto_auth.py b/openedx/core/djangoapps/user_authn/views/auto_auth.py index 324a0c1959d4..5e8d720b267f 100644 --- a/openedx/core/djangoapps/user_authn/views/auto_auth.py +++ b/openedx/core/djangoapps/user_authn/views/auto_auth.py @@ -14,10 +14,13 @@ from django.template.context_processors import csrf from django.urls import NoReverseMatch, reverse from django.utils.translation import gettext as _ +from edx_rest_framework_extensions.auth.jwt.authentication import JwtAuthentication from opaque_keys.edx.locator import CourseLocator +from rest_framework.authentication import SessionAuthentication from lms.djangoapps.verify_student.models import ManualVerification from openedx.core.djangoapps.django_comment_common.models import assign_role +from openedx.core.djangoapps.user_authn.permissions import IsE2eTestUser from openedx.core.djangoapps.user_authn.views.registration_form import AccountCreationForm from openedx.features.course_experience import course_home_url from common.djangoapps.student.helpers import ( @@ -35,6 +38,7 @@ create_comments_service_user ) from common.djangoapps.util.json_request import JsonResponse +from openedx.core.lib.api.authentication import BearerAuthentication from edx_django_utils.user import generate_password # lint-amnesty, pylint: disable=wrong-import-order @@ -61,6 +65,8 @@ def auto_auth(request): # pylint: disable=too-many-statements If username, email, or password are not provided, use randomly generated credentials. """ + authentication_classes = (JwtAuthentication, BearerAuthentication, SessionAuthentication,) + permission_classes = (IsE2eTestUser,) # Generate a unique name to use if none provided generated_username = uuid.uuid4().hex[0:30]