new apps.lyric.authenticate model PasswordlessAuthenticationBackend and authenticate() function help determine Token authenticity, login to existing accounts, or create new ones; associated .tests.test_authentication class asserts this functionality; apps.lyric.models & .tests.models now handles token uid instead of id, completing the transition away from email-as-pk

src/apps/lyric/authentication.py

@@ -0,0 +1,16 @@
+from django.core.exceptions import ValidationError
+from .models import Token, User
+
+
+class PasswordlessAuthenticationBackend:
+    def authenticate(self, request, uid=None):
+        if uid is None:
+            return None
+        try:
+            token = Token.objects.get(uid=uid)
+        except (Token.DoesNotExist, ValidationError):
+            return None
+        try:
+            return User.objects.get(email=token.email)
+        except User.DoesNotExist:
+            return User.objects.create(email=token.email)

src/apps/lyric/models.py

@@ -3,7 +3,7 @@ from django.db import models
 
 class Token(models.Model):
     email = models.EmailField()
-    uid = models.UUIDField(default=uuid.uuid4)
+    uid = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
 
 class User(models.Model):
     id = models.BigAutoField(primary_key=True)

src/apps/lyric/tests/test_authentication.py

@@ -0,0 +1,44 @@
+import uuid
+from django.http import HttpRequest
+from django.test import TestCase
+
+from ..authentication import PasswordlessAuthenticationBackend
+from ..models import Token, User
+
+
+class AuthenticateTest(TestCase):
+    def test_returns_None_if_token_is_invalid_uuid(self):
+        result = PasswordlessAuthenticationBackend().authenticate(
+            HttpRequest(), "no-such-token"
+        )
+        self.assertIsNone(result)
+
+    def test_returns_None_if_token_uuid_not_found(self):
+        uid = uuid.uuid4()
+        result = PasswordlessAuthenticationBackend().authenticate(
+            HttpRequest(), uid
+        )
+        self.assertIsNone(result)
+
+    def test_returns_new_user_with_correct_email_if_token_exists(self):
+        email = "discoman@example.com"
+        token = Token.objects.create(email=email)
+        user = PasswordlessAuthenticationBackend().authenticate(
+            HttpRequest(), token.uid
+        )
+        new_user = User.objects.get(email=email)
+        self.assertEqual(user, new_user)
+
+    def test_returns_existing_user_with_correct_email_if_token_exists(self):
+        email = "discoman@example.com"
+        existing_user = User.objects.create(email=email)
+        token = Token.objects.create(email=email)
+        user = PasswordlessAuthenticationBackend().authenticate(
+            HttpRequest(), token.uid
+        )
+        self.assertEqual(user, existing_user)
+
+    def test_can_retrieve_token_by_uuid(self):
+        token = Token.objects.create(email="a@b.cde")
+        fetched = Token.objects.get(pk=token.uid)
+        self.assertEqual(fetched, token)

src/apps/lyric/tests/test_models.py

@@ -1,3 +1,4 @@
+import uuid
 from django.contrib import auth
 from django.test import TestCase
 from ..models import Token, User
@@ -16,6 +17,7 @@ class UserModelTest(TestCase):
 
 class TokenModelTest(TestCase):
     def test_links_user_with_autogen_uid(self):
-        token1 = Token.objects.create(id="123")
+        token1 = Token.objects.create(email="a@b.cde")
-        token2 = Token.objects.create(id="124")
+        token2 = Token.objects.create(email="v@w.xyz")
-        self.assertNotEqual(token1.uid, token2.uid)
+        self.assertNotEqual(token1.pk, token2.pk)
+        self.assertIsInstance(token1.pk, uuid.UUID)