def main(argv):
if len(argv) > 1:
print("Usage: %s" % argv[0], file=sys.stderr)
return 1
username = input("Username: "******"Email: ")
password1 = getpass.getpass("Password: "******"Error: %s" % ex.message, file=sys.stderr)
return 2
password2 = getpass.getpass("Confirm password: "******"Passwords don't match!", file=sys.stderr)
return 2
try:
with app.app_context():
_create_user(username, password=password1, email=email,
is_admin=True, requires_activation=False)
db.session.commit()
except AuthException as ex:
print("Error: %s" % ex.message, file=sys.stderr)
return 2
print("Success.")
return 0
def testDuplicateUserFails(self):
try:
_create_user(self.TEST_USER,
pasword=self.TEST_PASSWORD,
email=self.TEST_USER_EMAIL,
requires_activation=False)
except:
return True
raise Exception('Creating duplicate user failed to raise')
def testRefreshToken(self):
# try to exchange a token for a new one that expires later
token = self.getToken()
t = self.decodeToken(token)
exp = t.get('exp')
auth_headers = {
'Authorization': token,
'content-type': 'application/json'
}
api_root_request = self.app.get('/api/me', headers=auth_headers)
assert api_root_request.status_code == 200
time.sleep(2)
auth_headers = {
'Authorization': token,
'content-type': 'application/json'
}
new_token_request = self.app.post('/api/refresh', headers=auth_headers)
new_token = json.loads(
new_token_request.data.decode('utf8')).get('token')
new_exp = self.decodeToken(new_token).get('exp')
assert new_exp > exp
# test re-creating user doesn't invalidate tokens
try:
_create_user(self.TEST_USER,
password=self.TEST_PASSWORD,
email='{user}{suf}'.format(user=self.TEST_USER,
suf=self.email_suffix),
requires_activation=False)
except:
pass
auth_headers = {
'Authorization': new_token,
'content-type': 'application/json'
}
api_root_request = self.app.get('/api/me', headers=auth_headers)
assert api_root_request.status_code == 200
def setUp(self):
# avoid using a ton of CPU for hashing passwords in testing
pwd_context.update(pbkdf2_sha512__default_rounds=1)
self.requests_mock = responses.RequestsMock(assert_all_requests_are_fired=False)
self.requests_mock.start()
mock_mp = Mixpanel('dummy_token', MockMixpanelConsumer())
self.mp_patcher = mock.patch('quilt_server.views.mp', mock_mp)
self.mp_patcher.start()
self.payments_patcher = mock.patch('quilt_server.views.HAVE_PAYMENTS', False)
self.payments_patcher.start()
self.s3_stubber = Stubber(s3_client)
self.s3_stubber.activate()
random_name = ''.join(random.sample(string.ascii_lowercase, 10))
self.db_url = 'postgresql://postgres@localhost/test_%s' % random_name
def mock_verify(username_or_token):
user = User.query.filter_by(name=username_or_token).one_or_none()
if user:
return user
else:
return verify_token_string(username_or_token)
# instead of checking token, just use username
self.token_verify_mock = mock.patch('quilt_server.views.verify_token_string', mock_verify)
self.token_verify_mock.start()
# disable 8 character restriction for passwords
self.validate_password_mock = mock.patch('quilt_server.auth.validate_password',
lambda x: True)
self.validate_password_mock.start()
self.app = quilt_server.app.test_client()
quilt_server.app.config['TESTING'] = True
quilt_server.app.config['SQLALCHEMY_ECHO'] = False
quilt_server.app.config['SQLALCHEMY_DATABASE_URI'] = self.db_url
sqlalchemy_utils.create_database(self.db_url)
quilt_server.db.create_all()
self.email_suffix = '@example.com'
self.TEST_USER = '******'
self.TEST_USER_EMAIL = '*****@*****.**'
self.TEST_USER_PASSWORD = '******'
self.OTHER_USER = '******'
self.OTHER_USER_EMAIL = '*****@*****.**'
self.OTHER_USER_PASSWORD = '******'
self.TEST_ADMIN = 'admin'
self.TEST_ADMIN_EMAIL = '*****@*****.**'
self.TEST_ADMIN_PASSWORD = '******'
_create_user(self.TEST_USER, email=self.TEST_USER_EMAIL,
password=self.TEST_USER_PASSWORD, requires_activation=False)
_create_user(self.TEST_ADMIN, email=self.TEST_ADMIN_EMAIL,
password=self.TEST_ADMIN_PASSWORD, is_admin=True, requires_activation=False)
_create_user('bad_user', email='*****@*****.**', requires_activation=False)
_create_user(self.OTHER_USER, email=self.OTHER_USER_EMAIL,
password=self.OTHER_USER_PASSWORD, requires_activation=False)
_create_user('user1', email='*****@*****.**', password='******', requires_activation=False)
_create_user('user2', email='*****@*****.**', password='******', requires_activation=False)
db.session.commit()