8b026078bc
The admin was broken as we did not worry about it up to now. On the frontend we want to use OIDC authentication only but for the admin, it is better if the default authentication works as well. To allow this, we propose to add an "email" field to the user model and make it the identifier in place of the usual username. Some changes are necessary to make the "createsuperuser" management command work. We also had to fix the "oidc_user_getter" method to make it work with Keycloak. Some tests were added to secure that everything works as expected.
26 lines
797 B
Python
26 lines
797 B
Python
"""Utils for tests in the People core application"""
|
|
from rest_framework_simplejwt.tokens import AccessToken
|
|
|
|
|
|
class OIDCToken(AccessToken):
|
|
"""Set payload on token from user/contact/email"""
|
|
|
|
@classmethod
|
|
def for_user(cls, user):
|
|
"""Returns an authorization token for the given user for testing."""
|
|
identity = user.identities.filter(is_main=True).first()
|
|
|
|
token = cls()
|
|
token["first_name"] = (
|
|
user.profile_contact.short_name if user.profile_contact else "David"
|
|
)
|
|
token["last_name"] = (
|
|
" ".join(user.profile_contact.full_name.split()[1:])
|
|
if user.profile_contact
|
|
else "Bowman"
|
|
)
|
|
token["sub"] = str(identity.sub)
|
|
token["email"] = user.email
|
|
|
|
return token
|