Merge pull request #189 from Sakuten/feature/158-disable-recaptcha-4-…

…admin adminトークン生成時にreCAPTCHAを回避
Sakuten · Sep 9, 2018 · 2b15dc5 · 2b15dc5
2 parents bd30bac + 5c09599
commit 2b15dc5
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 1 deletion.
diff --git a/api/routes/auth.py b/api/routes/auth.py
@@ -45,7 +45,7 @@ def home():
                 f'Skipping request from {request.remote_addr}')
             success = True
 
-        if success:
+        if success or user.authority == 'admin':
             token = generate_token({'user_id': user.id})
             return jsonify({"message": "Login Successful",
                             "token": token.decode()})

diff --git a/test/test_user.py b/test/test_user.py
@@ -30,6 +30,10 @@ def test_login(client):
     assert 'Login Successful' in resp['message']
     resp = login(client, 'notexist', 'notexist')
     assert 'Login unsuccessful' in resp['message']
+    with mock.patch('api.routes.auth.json.loads',
+                    return_value={'success': False,
+                                  'error-codes': ['invalid-input-secret']}):
+        assert 'Login unsuccessful' in resp['message']
 
 
 def test_login_form(client):
@@ -209,3 +213,12 @@ def test_auth_overtime_as_student(client):
 
     assert resp.status_code == 200
     assert resp.get_json()['message'] == 'Login Successful'
+
+
+def test_auth_admin(client):
+    """test to login as admin without reCAPTCHA
+        target_url: /auth
+    """
+    resp = login(client, admin['secret_id'], '')
+
+    assert resp['message'] == 'Login Successful'