Beispiel #1
0
 def test_passwords(self):
     p = make_password('testing')
     self.assertTrue(check_password('testing', p))
     self.assertFalse(check_password('testing ', p))
     self.assertFalse(check_password('Testing', p))
     self.assertFalse(check_password('', p))
     
     p2 = make_password('Testing')
     self.assertFalse(p == p2)
Beispiel #2
0
 def test_create(self):
     self.create_users()
     
     new_pass = make_password('test')
     
     user_data = {'username': '******', 'password': new_pass}
     serialized = json.dumps(user_data)
     
     # authorized as an admin
     resp = self.app.post('/api/user/', data=serialized, headers=self.auth_headers('admin', 'admin'))
     self.assertEqual(resp.status_code, 200)
     
     new_user = User.get(username='******')
     self.assertTrue(check_password('test', new_user.password))
     
     resp_json = self.response_json(resp)
     self.assertAPIUser(resp_json, new_user)
Beispiel #3
0
 def test_auth_create(self):
     self.create_users()
     
     new_pass = make_password('test')
     
     user_data = {'username': '******', 'password': new_pass}
     serialized = json.dumps(user_data)
     
     # this request is not authorized
     resp = self.app.post('/api/user/', data=serialized)
     self.assertEqual(resp.status_code, 401)
     
     # authorized, but user does not exist in database
     resp = self.app.post('/api/user/', data=serialized, headers=self.auth_headers('xxx', 'xxx'))
     self.assertEqual(resp.status_code, 401)
     
     # authorized, user in database, but not an administrator
     resp = self.app.post('/api/user/', data=serialized, headers=self.auth_headers('normal', 'normal'))
     self.assertEqual(resp.status_code, 401)
     
     # authorized as an admin
     resp = self.app.post('/api/user/', data=serialized, headers=self.auth_headers('admin', 'admin'))
     self.assertEqual(resp.status_code, 200)
Beispiel #4
0
 def set_password(self, password):
     self.password = make_password(password)