-
Notifications
You must be signed in to change notification settings - Fork 21
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add NIP-98 auth to the API and fix tests.
- Loading branch information
Showing
5 changed files
with
111 additions
and
28 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -186,7 +186,7 @@ def nostr_auth(self, private_key, expect_success=True, **kwargs): | |
self.assertNotEqual(code, 200) | ||
|
||
def test_listings(self): | ||
token_1 = self.nostr_auth(PrivateKey(), twitter_username='fixie') | ||
token_1 = self.nostr_auth(PrivateKey(), twitter_username='fixie', lightning_address="[email protected]") | ||
token_2 = self.nostr_auth(PrivateKey(), twitter_username='fixie_buyer') | ||
|
||
# GET listings to see there are none there | ||
|
@@ -568,8 +568,8 @@ def test_000_user(self): | |
self.assertNotEqual(identity_1, identity_2) | ||
|
||
def test_auctions(self): | ||
token_1 = self.nostr_auth(PrivateKey(), twitter_username='auction_user_1', contribution_percent=1, wallet=OTHER_XPUB) | ||
token_2 = self.nostr_auth(PrivateKey(), twitter_username='auction_user_2', wallet=OTHER_XPUB) | ||
token_1 = self.nostr_auth(PrivateKey(), twitter_username='auction_user_1', contribution_percent=1, wallet=OTHER_XPUB, lightning_address="[email protected]") | ||
token_2 = self.nostr_auth(PrivateKey(), twitter_username='auction_user_2', wallet=OTHER_XPUB, lightning_address="[email protected]") | ||
|
||
# GET user auctions if not logged in is OK | ||
code, response = self.get("/api/users/auction_user_1/auctions") | ||
|
@@ -657,6 +657,10 @@ def test_auctions(self): | |
self.assertEqual(response['auction']['key'], auction_key) | ||
self.assertIsNone(response['auction']['nostr_event_id']) | ||
|
||
code, response = self.put(f"/api/auctions/{auction_key}/follow", {}) | ||
self.assertEqual(code, 401) | ||
self.assertIn("missing auth header", response['message'].lower()) | ||
|
||
# create a 2nd auction, this time for the 2nd user | ||
code, response = self.post("/api/users/me/auctions", | ||
{'title': "His 2st", | ||
|
@@ -719,8 +723,8 @@ def test_auctions(self): | |
code, response = self.get(f"/api/auctions/{auction_key_2}") | ||
self.assertEqual(code, 404) | ||
|
||
# publish the auction | ||
code, response = self.put(f"/api/auctions/{auction_key}/publish", {}, | ||
# publish and start the auction | ||
code, response = self.put(f"/api/auctions/{auction_key}/start", {}, | ||
headers=self.get_auth_headers(token_1)) | ||
self.assertEqual(code, 200) | ||
|
||
|
@@ -838,7 +842,7 @@ def test_auctions(self): | |
signed_lower_event_json = json.loads(lower_bid_event.to_message())[1] | ||
code, response = self.post(f"/api/merchants/{auction_merchant_public_key}/auctions/{auction_after_edit_nostr_event_id}/bids", signed_lower_event_json) | ||
self.assertEqual(code, 400) | ||
self.assertIn("your bid needs to be higher", response['message'].lower()) | ||
self.assertIn("amount needs to be higher", response['message'].lower()) | ||
|
||
# create an auction without a start date | ||
code, response = self.post("/api/users/me/auctions", | ||
|
@@ -856,12 +860,12 @@ def test_auctions(self): | |
auction_key_3 = response['auction']['key'] | ||
|
||
# another user can't start my auction | ||
code, response = self.put(f"/api/auctions/{auction_key_3}/publish", {}, | ||
code, response = self.put(f"/api/auctions/{auction_key_3}/start", {}, | ||
headers=self.get_auth_headers(token_1)) | ||
self.assertEqual(code, 401) | ||
|
||
# start the auction | ||
code, response = self.put(f"/api/auctions/{auction_key_3}/publish", {}, | ||
code, response = self.put(f"/api/auctions/{auction_key_3}/start", {}, | ||
headers=self.get_auth_headers(token_2)) | ||
self.assertEqual(code, 200) | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters