a real nic update api test, using basic auth

generate_secret was modified to support giving a secret (not generating a random one), so it matches the test database

add a User and a Host to the test db

conftest.py

@@ -4,15 +4,21 @@ configuration for the tests
 
 import pytest
 
+from django.conf import settings
+
 # this is to create a Domain entries in the database, so they can be used for unit tests:
 BASEDOMAIN = "nsupdate.info"
 TEST_HOST = 'test.' + BASEDOMAIN  # unit tests can update this host ONLY
+TEST_SECRET = "secret"
 NAMESERVER_IP = "85.10.192.104"
 NAMESERVER_UPDATE_ALGORITHM = "HMAC_SHA512"
 # no problem, you can ONLY update the TEST_HOST with this key, nothing else:
 NAMESERVER_UPDATE_KEY = "YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYQ=="
 NAMESERVER_PUBLIC = True
 
+USERNAME = 'test'
+PASSWORD = 'pass'
+
 from django.utils.translation import activate
 
 
@@ -22,7 +28,11 @@ def db_init(db):  # note: db is a predefined fixture and required here to have t
     """
     Init the database contents for testing, so we have a service domain, ...
     """
-    from nsupdate.main.models import Domain
+    from django.contrib.auth.models import User
+    from nsupdate.main.models import Host, Domain
+    # create a fresh test user
+    u = User.objects.create_user(USERNAME, settings.DEFAULT_FROM_EMAIL, PASSWORD)
+    u.save()
     # this is for updating:
     Domain.objects.create(
         domain=TEST_HOST,  # special: single-host update secret!
@@ -32,13 +42,16 @@ def db_init(db):  # note: db is a predefined fixture and required here to have t
         public=NAMESERVER_PUBLIC,
     )
     # this is for querying:
-    Domain.objects.create(
+    d = Domain.objects.create(
         domain=BASEDOMAIN,
         nameserver_ip=NAMESERVER_IP,
         nameserver_update_algorithm=NAMESERVER_UPDATE_ALGORITHM,
         nameserver_update_key='invalid=',  # we don't send updates there (and the real key is really secret)
         public=NAMESERVER_PUBLIC,
     )
+    # a Host for api / session update tests
+    h = Host(subdomain='test', domain=d, created_by=u)
+    h.generate_secret(secret=TEST_SECRET)
 
 
 def pytest_runtest_setup(item):

nsupdate/api/_tests/test_api.py

@@ -7,6 +7,10 @@ import pytest
 from django.core.urlresolvers import reverse
 
 
+TEST_HOST = "test.nsupdate.info"
+TEST_SECRET = "secret"
+
+
 def test_myip(client):
     response = client.get(reverse('myip'))
     assert response.status_code == 200
@@ -18,6 +22,19 @@ def test_nic_update(client):
     assert response.status_code == 401
 
 
+def make_basic_auth_header(username, password):
+    import base64
+    return "Basic " + base64.b64encode("%s:%s" % (username, password))
+
+
+def test_nic_update_authorized(client):
+    response = client.get(reverse('nic_update'),
+                          HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))
+    assert response.status_code == 200
+    # we don't care whether it is nochg or good, but should be one of them:
+    assert response.content.startswith('good ') or response.content.startswith('nochg ')
+
+
 def test_nic_update_session(client):
     response = client.get(reverse('nic_update_authorized'))
     assert response.status_code == 302  # redirects to login view
@@ -31,4 +48,3 @@ def test_detect_ip(client):
 def test_ajax_get_ips(client):
     response = client.get(reverse('ajax_get_ips'))
     assert response.status_code == 200
-

nsupdate/main/models.py

@@ -165,11 +165,12 @@ class Host(models.Model):
             self.ssl_update_ipv6 = ssl
         self.save()
 
-    def generate_secret(self):
+    def generate_secret(self, secret=None):
         # note: we use a quick hasher for the update_secret as expensive
         # more modern hashes might put too much load on the servers. also
         # many update clients might use http without ssl, so it is not too
         # secure anyway.
+        if secret is None:
             secret = User.objects.make_random_password()
         self.update_secret = make_password(
             secret,