update requirements, tests and all that jazz

requirements.txt

@@ -48,4 +48,6 @@ slackclient
 ldap3
 Flask-WTF
 lxml
-pykerberos
+pykerberos
+bcrypt
+flask-bcrypt

setup.py

@@ -76,6 +76,10 @@ vertica = ['vertica-python>=0.5.1']
 ldap = ['ldap3>=0.9.9.1']
 devel = ['lxml>=3.3.4']
 kerberos = ['pykerberos>=1.1.8']
+password = [
+    'bcrypt>=2.0.0',
+    'flask-bcrypt>=0.7.1',
+]
 
 all_dbs = postgres + mysql + hive + mssql + hdfs + vertica
 devel = all_dbs + doc + samba + s3 + ['nose'] + slack + crypto + oracle
@@ -135,6 +139,7 @@ setup(
         'ldap': ldap,
         'webhdfs': webhdfs,
         'kerberos': kerberos,
+        'password': password,
     },
     author='Maxime Beauchemin',
     author_email='maximebeauchemin@gmail.com',

tests/core.py

@@ -563,6 +563,72 @@ class WebUiTests(unittest.TestCase):
         pass
 
 
+class WebPasswordAuthTest(unittest.TestCase):
+
+    def setUp(self):
+        configuration.conf.set("webserver", "authenticate", "True")
+        configuration.conf.set("webserver", "auth_backend", "airflow.contrib.auth.backends.password_auth")
+
+        app = application.create_app()
+        app.config['TESTING'] = True
+        self.app = app.test_client()
+        from airflow.contrib.auth.backends.password_auth import PasswordUser
+
+        session = Session()
+        user = models.User()
+        password_user = PasswordUser(user)
+        password_user.username = 'airflow'
+        password_user.password = 'password'
+        session.add(password_user)
+        session.commit()
+        session.close()
+
+    def get_csrf(self, response):
+        tree = html.fromstring(response.data)
+        form = tree.find('.//form')
+
+        return form.find('.//input[@name="_csrf_token"]').value
+
+    def login(self, username, password):
+        response = self.app.get('/admin/airflow/login')
+        csrf_token = self.get_csrf(response)
+
+        return self.app.post('/admin/airflow/login', data=dict(
+            username=username,
+            password=password,
+            csrf_token=csrf_token
+        ), follow_redirects=True)
+
+    def logout(self):
+        return self.app.get('/admin/airflow/logout', follow_redirects=True)
+
+    def test_login_logout_password_auth(self):
+        assert configuration.getboolean('webserver', 'authenticate') is True
+
+        response = self.login('user1', 'userx')
+        assert 'Incorrect login details' in response.data.decode('utf-8')
+
+        response = self.login('userz', 'user1')
+        assert 'Incorrect login details' in response.data.decode('utf-8')
+
+        response = self.login('airflow', 'wrongpassword')
+        assert 'Incorrect login details' in response.data.decode('utf-8')
+
+        response = self.login('airflow', 'password')
+        assert 'Data Profiling' in response.data.decode('utf-8')
+
+        response = self.logout()
+        assert 'form-signin' in response.data.decode('utf-8')
+
+    def test_unauthorized_password_auth(self):
+        response = self.app.get("/admin/airflow/landing_times")
+        self.assertEqual(response.status_code, 302)
+
+    def tearDown(self):
+        configuration.test_mode()
+        configuration.conf.set("webserver", "authenticate", "False")
+
+
 class WebLdapAuthTest(unittest.TestCase):
 
     def setUp(self):