def test_ChangeEmail_wrong_token(db, fast_passwords):
password = random_hex()
new_email = f"{random_hex()}@couchers.org.invalid"
user, token = generate_user(db, hashed_password=hash_password(password))
with account_session(db, token) as account:
account.ChangeEmail(
account_pb2.ChangeEmailReq(
password=wrappers_pb2.StringValue(value=password),
new_email=new_email,
))
with session_scope(db) as session:
user_updated = (session.query(User).filter(User.id == user.id).filter(
User.new_email == new_email).filter(
User.new_email_token_created <= func.now()).filter(
User.new_email_token_expiry >= func.now())).one()
token = user_updated.new_email_token
with auth_api_session(db) as auth_api:
with pytest.raises(grpc.RpcError) as e:
res = auth_api.CompleteChangeEmail(
auth_pb2.CompleteChangeEmailReq(
change_email_token="wrongtoken", ))
assert e.value.code() == grpc.StatusCode.UNAUTHENTICATED
assert e.value.details() == errors.INVALID_TOKEN
with session_scope(db) as session:
user_updated2 = session.query(User).filter(User.id == user.id).one()
assert user_updated2.email == user.email
def test_ChangeEmail(db, fast_passwords):
password = random_hex()
new_email = f"{random_hex()}@couchers.org.invalid"
user, token = generate_user(db, hashed_password=hash_password(password))
with account_session(db, token) as account:
account.ChangeEmail(
account_pb2.ChangeEmailReq(
password=wrappers_pb2.StringValue(value=password),
new_email=new_email,
))
with session_scope(db) as session:
user_updated = (session.query(User).filter(User.id == user.id).filter(
User.new_email == new_email).filter(
User.new_email_token_created <= func.now()).filter(
User.new_email_token_expiry >= func.now())).one()
token = user_updated.new_email_token
with auth_api_session(db) as auth_api:
res = auth_api.CompleteChangeEmail(
auth_pb2.CompleteChangeEmailReq(change_email_token=token, ))
with session_scope(db) as session:
user_updated2 = session.query(User).filter(User.id == user.id).one()
assert user_updated2.email == new_email
assert user_updated2.new_email is None
assert user_updated2.new_email_token is None
# check there's no valid tokens left
with session_scope(db) as session:
assert (session.query(User).filter(
User.new_email_token_created <= func.now()).filter(
User.new_email_token_expiry >= func.now())).count() == 0
def test_ChangeEmail_no_change(db, fast_passwords):
password = random_hex()
new_email = f"{random_hex()}@couchers.org.invalid"
user, token = generate_user(db, hashed_password=hash_password(password))
with account_session(db, token) as account:
with pytest.raises(grpc.RpcError) as e:
account.ChangeEmail(
account_pb2.ChangeEmailReq(
password=wrappers_pb2.StringValue(value=password),
new_email=user.email,
))
assert e.value.code() == grpc.StatusCode.INVALID_ARGUMENT
assert e.value.details() == errors.INVALID_EMAIL
with session_scope(db) as session:
assert (session.query(User).filter(
User.new_email_token_created <= func.now()).filter(
User.new_email_token_expiry >= func.now())).count() == 0
