Moving authentication out of login_resource

This is ongoing work to be able to accept and validate user domain
on login (so the user can use <username> or <username@domain.com>)

We are extracting the authentication logic from login_resource to be
able to test and cover the cases we need

1 files changed, 34 insertions, 0 deletions

diff --git a/service/test/unit/test_authentication.py b/service/test/unit/test_authentication.py
new file mode 100644
index 00000000..2fb97d69
--- /dev/null
+++ b/service/test/unit/test_authentication.py
@@ -0,0 +1,34 @@
+from twisted.trial import unittest
+
+from leap.bitmask.bonafide._srp import SRPAuthError
+from pixelated.authentication import Authentication
+
+
+class AuthenticationTest(unittest.TestCase):
+
+    def test_authenticates_with_username_and_password(self):
+        self.fail()
+
+    def test_validate_username_accepts_username(self):
+        auth = Authentication('domain.org')
+        self.assertTrue(auth.validate_username('username'))
+
+    def test_validate_username_accepts_email_address(self):
+        auth = Authentication('domain.org')
+        self.assertTrue(auth.validate_username('username@domain.org'))
+
+    def test_validate_username_denies_other_domains(self):
+        auth = Authentication('domain.org')
+        self.assertFalse(auth.validate_username('username@wrongdomain.org'))
+
+    def test_username_with_domain(self):
+        auth = Authentication('domain.org')
+        self.assertEqual('user@domain.org', auth.username_with_domain('user'))
+
+    def test_extract_username_extracts_from_plain_username(self):
+        auth = Authentication('domain.org')
+        self.assertEqual(auth.extract_username('user'), 'user')
+
+    def test_extract_username_extracts_from_email_address(self):
+        auth = Authentication('domain.org')
+        self.assertEqual(auth.extract_username('user@domain.org'), 'user')