Beispiel #1
0
    def post(self):
        parser = reqparse.RequestParser()
        parser.add_argument("username",
                            required=True,
                            location='headers',
                            help="Username is required")
        parser.add_argument("password",
                            required=True,
                            location='headers',
                            help="Password is required")
        args = parser.parse_args()

        username = args["username"]
        password = args["password"]

        try:
            user = User.get_by_username(username)
            if not user.check_password(password):
                raise ValueError
        except ValueError:
            return error("Username and/or password is incorrect.", 401)

        sess = Session.new_session(username)
        db.session.add(sess)
        db.session.commit()

        return sess.json(), 200
Beispiel #2
0
    def get(self, id):
        try:
            user = User.get_by_id(id)
        except AttributeError as e:
            return error(e, 400)
        except ValueError as e:
            return error(e, 404)

        return user.json()
Beispiel #3
0
def test_new_user():
    username = "******"
    password = "******"
    role = "admin"
    user = User.new_user(username, password, role)
    assert user.username == "test-new"
    assert user.check_password(password)
    assert user.json()["username"] == username
    assert user.role == role
Beispiel #4
0
def test_user_backref(setup):
    username = "******"
    session = Session.new_session(username)
    setup.session.add(session)
    setup.session.commit()
    
    user = User.get_by_username(username)
    ids = [session.id for session in user.sessions]

    assert session.id in ids
Beispiel #5
0
    def new_employee(id, name, gender, tel, level=0) -> "Employee":
        # Test that employee id exists in user table
        user = User.get_by_id(id)

        return Employee(
            id=id,
            name=name,
            gender=gender,
            tel=tel,
            level=level,
            # stat = stat
        )
Beispiel #6
0
    def post(self):
        args = self.parser.parse_args()

        username = args["username"]
        password = args["password"]
        role = args["role"]

        if role == None:
            role = "customer"

        if username == None or password == None:
            return error("Request must contain username and password.", 400)

        if not User.username_available(username):
            return error(f"Username '{username}' has been taken.", 400)

        try:
            user = User.new_user(username, password, role)
            db.session.add(user)
            db.session.commit()
            return user.json(), 201

        except Exception as e:
            return error(str(e), 400)
Beispiel #7
0
from uuid import uuid4
import itertools

from backend.session.model import User

from backend.generator_utils import fake


def generate_user(ids, first_username, password, role):
    for i, current_id in enumerate(ids):
        if i == 0:
            yield (current_id, first_username, password, role)
        else:
            yield (current_id, fake.user_name(), password, role)


admin_ids = [str(uuid4()) for i in range(1)]
customer_ids = [str(uuid4()) for i in range(20)]
employee_ids = [str(uuid4()) for i in range(10)]

users = itertools.chain(
    generate_user(admin_ids, "admin", "pass", "admin"),
    generate_user(customer_ids, "customer", "pass", "customer"),
    generate_user(employee_ids, "employee", "pass", "employee"),
)

UsersGenerator = (User.new_user_with_id(id, name, pwd, role)
                  for id, name, pwd, role in users)
Beispiel #8
0
def test_salt():
    a = User.new_user("a", "pass")
    b = User.new_user("b", "pass")
    assert a.hash != b.hash