def authenticate_user(db: Session, email: str, password: str):
user = get_user_by_email(db, email=email)
if not user:
return None
if not verify_password(password, user.hashed_password):
return None
return user
def authenticate_user(db_session: Session, username: str, password: str):
user = get_user_by_username(db_session, username)
if not user:
return False
if not verify_password(password, user.password_hash):
return False
return user
def authenticate(self, db_session: Session, *, name: str,
password: str) -> Optional[User]:
user = self.get_by_name(db_session, name=name)
if not user:
return None
if not verify_password(password, user.password):
return None
return user
def test_update_user(db: Session):
user = UserFactory()
new_user_data = UserCreateFactory()
updated_user = user_crud.update(db, user, new_user_data)
assert updated_user is not None
assert new_user_data.login == updated_user.login
assert verify_password(new_user_data.password.get_secret_value(),
updated_user.hashed_password)
def authenticate(self, db: Session, username: str,
password: str) -> Optional[User]:
user = self.get_by_username(db, username=username)
if not user:
return None
if not verify_password(password, user.hashed_password):
return None
return user
def test_valid_saves_on_db(self, payload, session_maker):
response = client.post(self.build_url(), json=payload)
assert response.ok
assert session_maker().query(models.Entity).count() == 1
db_entity = session_maker().query(models.Entity).first()
assert security.verify_password(
payload["password"], db_entity.hashed_password
)
assert payload["name"] == db_entity.name
assert payload["cpf_cnpj"] == db_entity.cpf_cnpj
def test_valid_saves_on_db(self, payload_user, session_maker):
assert session_maker().query(models.User).count() == 0
response = client.post(self.build_url(), json=payload_user)
assert response.ok
assert session_maker().query(models.User).count() == 1
user = session_maker().query(models.User).first()
assert payload_user['username'] == user.username
assert payload_user['email'] == user.email
assert security.verify_password(payload_user['password'],
user.hashed_password)
async def get_tokens(
form_data: OAuth2PasswordRequestForm = Depends(),
db_client: AsyncIOClient = Depends(deps.db_client),
):
"""Grant new access token for a given credentials."""
username = form_data.username.lower()
try:
uid, password = await crud.user.get_password(db_client,
username=username)
except errors.UserNotFound as exc:
raise exceptions.InvalidCredentials() from exc
if not security.verify_password(form_data.password, password):
raise exceptions.InvalidCredentials()
return Tokens(access_token=security.create_access_token(str(uid)))
async def authenticate(con: AsyncIOConnection, *, email: str,
password: str) -> Optional[UserInDB]:
try:
result = await con.fetchone_json(
"""SELECT User {
id,
hashed_password,
is_active
}
FILTER .email = <str>$email""",
email=email,
)
except NoDataError:
return None
except Exception as e:
print(f"EXCEPTION: {e}")
user = UserInDB.parse_raw(result)
if not verify_password(password, user.hashed_password):
return None
return user
async def authenticate(con: AsyncIOConnection, *, email: str,
password: str) -> Optional[UserInDB]:
try:
result = await con.query_one_json(
"""SELECT User {
id,
hashed_password,
is_active
}
FILTER .email = <str>$email""",
email=email,
)
except NoDataError:
return None
except Exception as e:
raise HTTPException(status_code=400, detail=f"{e}")
user = UserInDB.parse_raw(result)
if not verify_password(password, user.hashed_password):
return None
return user
def login_access_token(
db: sa.orm.Session = get_db,
form_data: OAuth2PasswordRequestForm = Depends(),
) -> Any:
"""
OAuth2 compatible token login, get an access token for future requests
"""
user = User.get_by_email(db, form_data.username)
if user is None or not verify_password(user.password, form_data.password):
raise HTTPException(status_code=400,
detail="Incorrect email or password")
access_token_expires = timedelta(
minutes=settings.ACCESS_TOKEN_EXPIRE_MINUTES)
return {
"access_token":
create_access_token(user.id, expires_delta=access_token_expires),
"token_type":
"bearer",
}
def verify_password(user, password):
user_hash = sec.get_user_hash(user)
if len(user_hash) > 0 and sec.verify_password(password, user_hash[0][0]):
return True
return False
def test_create_user(db: Session):
actual_user_data = UserCreateFactory()
user = user_crud.create(db, actual_user_data)
assert actual_user_data.login == user.login
assert verify_password(actual_user_data.password.get_secret_value(),
user.hashed_password)