def test_authenticate(self, app, user_class, db):
"""
This test verifies that the authenticate function can be used to
retrieve a User instance when the correct username and password are
supplied. It also verifies that None is returned when a matching
password and username are not supplied
"""
default_guard = Praetorian(app, user_class)
the_dude = user_class(
username='******',
password=default_guard.encrypt_password('abides'),
)
db.session.add(the_dude)
db.session.commit()
assert default_guard.authenticate('TheDude', 'abides') == the_dude
assert default_guard.authenticate('TheDude', 'is_undudelike') is None
assert default_guard.authenticate('Walter', 'abides') is None
db.session.delete(the_dude)
db.session.commit()
def test_authenticate(self, app, user_class, db):
"""
This test verifies that the authenticate function can be used to
retrieve a User instance when the correct username and password are
supplied. It also verifies that exceptions are raised when a user
cannot be found or the passwords do not match
"""
default_guard = Praetorian(app, user_class)
the_dude = user_class(
username='******',
password=default_guard.encrypt_password('abides'),
)
db.session.add(the_dude)
db.session.commit()
assert default_guard.authenticate('TheDude', 'abides') == the_dude
with pytest.raises(MissingUserError):
default_guard.authenticate('TheBro', 'abides')
with pytest.raises(AuthenticationError):
default_guard.authenticate('TheDude', 'is_undudelike')
db.session.delete(the_dude)
db.session.commit()
def test_authenticate_validate_and_update(self, app, user_class, db):
"""
This test verifies the authenticate() function, when altered by
either 'PRAETORIAN_HASH_AUTOUPDATE' or 'PRAETORIAN_HASH_AUTOTEST'
performs the authentication and the required subaction.
"""
default_guard = Praetorian(app, user_class)
pbkdf2_sha512_password = default_guard.hash_password('start_password')
# create our default test user
the_dude = user_class(
username='******',
email='*****@*****.**',
password=pbkdf2_sha512_password,
)
db.session.add(the_dude)
db.session.commit()
"""
Test the existing model as a baseline
"""
assert default_guard.authenticate(the_dude.username, 'start_password')
"""
Test the existing model with a bad password as a baseline
"""
with pytest.raises(AuthenticationError):
default_guard.authenticate(the_dude.username, 'failme')
"""
Test the updated model with a bad hash scheme and AUTOTEST enabled.
Should raise and exception
"""
app.config['PRAETORIAN_HASH_SCHEME'] = 'bcrypt'
default_guard = Praetorian(app, user_class)
bcrypt_password = default_guard.hash_password('bcrypt_password')
the_dude.password = bcrypt_password
del app.config['PRAETORIAN_HASH_SCHEME']
app.config['PRAETORIAN_HASH_DEPRECATED_SCHEMES'] = ['bcrypt']
app.config['PRAETORIAN_HASH_AUTOTEST'] = True
default_guard = Praetorian(app, user_class)
with pytest.raises(LegacyScheme):
default_guard.authenticate(the_dude.username, 'bcrypt_password')
"""
Test the updated model with a bad hash scheme and AUTOUPDATE enabled.
Should return an updated user object we need to save ourselves.
"""
the_dude_old_password = the_dude.password
app.config['PRAETORIAN_HASH_AUTOUPDATE'] = True
default_guard = Praetorian(app, user_class)
updated_dude = default_guard.authenticate(the_dude.username,
'bcrypt_password')
assert updated_dude.password != the_dude_old_password
# put away your toys
db.session.delete(the_dude)
db.session.commit()
