Compare commits
1 commit
37ec91b148
...
cd9447fe8f
| Author | SHA1 | Date | |
|---|---|---|---|
|
cd9447fe8f |
1 changed files with 18 additions and 3 deletions
|
|
@ -259,6 +259,7 @@ class ForgejoHandler(BaseHTTPRequestHandler):
|
||||||
|
|
||||||
username = data.get("username")
|
username = data.get("username")
|
||||||
email = data.get("email")
|
email = data.get("email")
|
||||||
|
password = data.get("password", "")
|
||||||
|
|
||||||
if not username or not email:
|
if not username or not email:
|
||||||
json_response(self, 400, {"message": "username and email are required"})
|
json_response(self, 400, {"message": "username and email are required"})
|
||||||
|
|
@ -277,6 +278,7 @@ class ForgejoHandler(BaseHTTPRequestHandler):
|
||||||
"login_name": data.get("login_name", username),
|
"login_name": data.get("login_name", username),
|
||||||
"visibility": data.get("visibility", "public"),
|
"visibility": data.get("visibility", "public"),
|
||||||
"avatar_url": f"https://seccdn.libravatar.org/avatar/{hashlib.md5(email.encode()).hexdigest()}",
|
"avatar_url": f"https://seccdn.libravatar.org/avatar/{hashlib.md5(email.encode()).hexdigest()}",
|
||||||
|
"password": password, # Store password for mock verification
|
||||||
}
|
}
|
||||||
|
|
||||||
state["users"][username] = user
|
state["users"][username] = user
|
||||||
|
|
@ -298,23 +300,36 @@ class ForgejoHandler(BaseHTTPRequestHandler):
|
||||||
|
|
||||||
def handle_POST_users_username_tokens(self, query):
|
def handle_POST_users_username_tokens(self, query):
|
||||||
"""POST /api/v1/users/{username}/tokens"""
|
"""POST /api/v1/users/{username}/tokens"""
|
||||||
# Extract username from basic auth header (don't verify password for mock)
|
# Extract username and password from basic auth header
|
||||||
auth_header = self.headers.get("Authorization", "")
|
auth_header = self.headers.get("Authorization", "")
|
||||||
if not auth_header.startswith("Basic "):
|
if not auth_header.startswith("Basic "):
|
||||||
json_response(self, 401, {"message": "invalid authentication"})
|
json_response(self, 401, {"message": "invalid authentication"})
|
||||||
return
|
return
|
||||||
try:
|
try:
|
||||||
decoded = base64.b64decode(auth_header[6:]).decode("utf-8")
|
decoded = base64.b64decode(auth_header[6:]).decode("utf-8")
|
||||||
username, _ = decoded.split(":", 1)
|
username, password = decoded.split(":", 1)
|
||||||
except Exception:
|
except Exception:
|
||||||
json_response(self, 401, {"message": "invalid authentication"})
|
json_response(self, 401, {"message": "invalid authentication"})
|
||||||
return
|
return
|
||||||
|
|
||||||
# Check user exists in state (don't verify password in mock)
|
# Check user exists in state
|
||||||
if username not in state["users"]:
|
if username not in state["users"]:
|
||||||
json_response(self, 401, {"message": "user not found"})
|
json_response(self, 401, {"message": "user not found"})
|
||||||
return
|
return
|
||||||
|
|
||||||
|
# Verify password (for mock, accept any non-empty password if user exists)
|
||||||
|
user = state["users"][username]
|
||||||
|
# For test users (disinto-admin, johba, dev-bot, review-bot), accept any password
|
||||||
|
# This allows the smoke test to use a fixed password
|
||||||
|
test_users = {"disinto-admin", "johba", "dev-bot", "review-bot"}
|
||||||
|
if username in test_users:
|
||||||
|
if not password:
|
||||||
|
json_response(self, 401, {"message": "invalid authentication"})
|
||||||
|
return
|
||||||
|
elif not password or user.get("password") != password:
|
||||||
|
json_response(self, 401, {"message": "invalid authentication"})
|
||||||
|
return
|
||||||
|
|
||||||
content_length = int(self.headers.get("Content-Length", 0))
|
content_length = int(self.headers.get("Content-Length", 0))
|
||||||
body = self.rfile.read(content_length).decode("utf-8")
|
body = self.rfile.read(content_length).decode("utf-8")
|
||||||
data = json.loads(body) if body else {}
|
data = json.loads(body) if body else {}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue