def test_follow(self):
u1 = User(nickname='john', email='*****@*****.**')
u2 = User(nickname='susan', email= '*****@*****.**')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
assert u1.unfollow(u2) is None
u = u1.follow(u2)
db.session.add(u)
db.session.commit()
assert u1.follow(u2) is None
assert u1.is_following(u2)
assert u1.followed.count() == 1
assert u1.followed.first().nickname == 'susan'
assert u2.followers.count() == 1
assert u2.followers.first().nickname == 'john'
u = u1.unfollow(u2)
assert u is not None
db.session.add(u)
db.session.commit()
assert u1.is_following(u2) is False
assert u1.followed.count() == 0
assert u2.followers.count() == 0
def client(app):
with app.app_context():
client = app.test_client()
db.create_all()
# Add Users
password = generate_password_hash('Monday1')
db.session.add(
User(id=1,
first_name='TestA',
last_name='UserOne',
email='*****@*****.**',
password=password))
db.session.add(
User(id=2,
first_name='TestB',
last_name='UserTwo',
email='*****@*****.**',
password=password))
db.session.commit()
# Add some Characters db.session.add(Character(id=1, name='Paladin', is_dead=False))
db.session.add(Character(id=2, name='Rogue', is_dead=False))
db.session.add(Character(id=3, name='Fighter', is_dead=False))
db.session.commit()
# Set the current Character
db.session.add(Setting(key='current_character', value='2'))
db.session.commit()
yield client
db.drop_all()
def client_loaded(app):
with app.app_context():
client_loaded = app.test_client()
db.create_all()
password = generate_password_hash('Monday1')
db.session.add(
User(id=1,
first_name='Test',
last_name='User',
email='*****@*****.**',
password=password))
db.session.add(
User(id=2,
first_name='John',
last_name='Smith',
email='*****@*****.**',
password=password))
db.session.commit()
db.session.add(
Character(id=1, name='Paladin', is_dead=False, user_id=1))
db.session.add(Character(id=2, name='Rogue', is_dead=False, user_id=1))
db.session.add(
Character(id=3, name='Fighter', is_dead=False, user_id=2))
db.session.commit()
data = dict(email='*****@*****.**',
password='******',
remember_me=False)
client_loaded.post('/login', data=data)
yield client_loaded
db.drop_all()
def test_make_unique_nickname(self):
u = User(nickname='john', email='*****@*****.**')
db.session.add(u)
db.session.commit()
nickname = User.make_unique_nickname('john')
assert nickname != 'john'
u = User(nickname=nickname, email='*****@*****.**')
db.session.add(u)
db.session.commit()
nickname2 = User.make_unique_nickname('john')
assert nickname2 != 'john'
assert nickname2 != nickname
def post(self):
'''新增用户'''
if not session.get('status'):
return redirect(url_for('html_system_login'), 302)
args = self.parser.parse_args()
key_username = args.username
key_password = args.password
key_phone = args.phone
key_email = args.email
key_remark = args.remark
if session['username'] != 'root':
return {'status_code': 202, 'msg': '新增用户失败,不能新增root用户'}
user_query = User.query.filter(User.username == key_username).first()
if user_query: # 用户名存在
addlog(session.get('username'), session.get('login_ip'),
f'新增用户[{key_username}]失败,原因:用户已存在')
return {'status_code': 201, 'msg': f'新增用户失败,{key_username}用户名已存在'}
user1 = User(username=key_username,
password=key_password,
phone=key_phone,
email=key_email,
remark=key_remark)
DB.session.add(user1)
try:
DB.session.commit()
except Exception as e:
logger.log('ALERT', f'用户新增接口SQL错误:{e}')
DB.session.rollback()
return {'status_code': 500, 'msg': '新增用户失败,sql错误'}
addlog(session.get('username'), session.get('login_ip'),
f'新增用户[{key_username}]成功')
return {'status_code': 200, 'msg': '新增用户成功'}
def post(self):
if not session.get('status'):
return {'result': {'status_code': 401}}
args = self.parser.parse_args()
key_username = args.username
key_password = args.password
key_xingming = args.xingming
key_phone = args.phone
key_email = args.email
key_remark = args.remark
if session['username'] != 'root':
return {'result': {'status_code': 202}}
user_query = User.query.filter(User.username == key_username).first()
if user_query: # 用户名存在
addlog(session.get('username'), session.get('login_ip'),
f'新增用户[{key_username}]失败,原因:用户已存在')
return {'result': {'status_code': 201}}
user1 = User(username=key_username,
password=key_password,
name=key_xingming,
phone=key_phone,
email=key_email,
remark=key_remark)
DB.session.add(user1)
try:
DB.session.commit()
except Exception as e:
logger.log('ALERT', f'用户新增接口SQL错误:{e}')
DB.session.rollback()
return {'result': {'status_code': 500}}
addlog(session.get('username'), session.get('login_ip'),
f'新增用户[{key_username}]成功')
return {'result': {'status_code': 200}}
def post(self):
registerData = {
'username': request.json['username'],
'password': request.json['password'],
'email': request.json['email']}
user = User.query.filter_by(username=registerData['username']).first()
userEmail = User.query.filter_by(email=registerData['email']).first()
if user:
return abort(403, description='Użytkownik o podanej nazwie już istnieje!')
elif userEmail:
return abort(403, description='Konto o podanym adresie email już istnieje! prosimy o podanie innego.')
newUser = User(
username=registerData['username'],
password=bcrypt.generate_password_hash(
registerData['password']),
email=registerData['email'],
registered_on=datetime.now())
token = generate_confirmation_token(newUser.email)
db.session.add(newUser)
send_email(
newUser.email,
'Aktywacja Konta',
render_template(
'auth/activate.html',
confirm_url=url_for(
'auth.confirm_account',
token=token,
_external=True)))
db.session.commit()
return jsonify(message='Twoje konto zostało pomyślnie utworzone! Na adres e-mail została wysłana wiadomość z linkiem aktywacyjnym - prosimy aktywować konto.')
def register():
if current_user.is_authenticated:
return redirect(url_for('home.home_page'))
form = RegistrationForm()
if form.validate_on_submit():
user = User.objects(username=form.username.data).first()
userEmail = User.objects(email=form.email.data).first()
if user:
flash('Podana nazwa użytkownika jest już zajęta!', 'danger')
elif userEmail:
return flash('Konto o podanym adresie email już istnieje! prosimy o podanie innego.', 'danger')
newUser = User(
username=form.username.data,
email=form.email.data,
password=bcrypt.generate_password_hash(
form.password.data)).save()
token = generate_confirmation_token(newUser.email)
send_email(
newUser.email,
'Aktywacja Konta',
render_template(
'auth/activate.html',
confirm_url=url_for(
'auth.confirm_account',
token=token,
_external=True)))
flash('Twoje konto zostało pomyślnie utworzone! Na podany adres e-mail wyslaliśmy wiadomość z linkiem aktywacyjnym. Prosimy aktywować swoje konto aby mieć dostęp do pełnej wersji strony', 'success')
return redirect(url_for('home.home_page'))
return render_template('/auth/register.html', form=form)
def process_user_form(user_id=None):
"""
Create or edit a user.
"""
if user_id is not None:
# Edit a user
form = EditUserForm()
if not form.validate():
return render_template('/admin/create_user.html',
form=form,
message='Some errors were found')
user = User.query.filter(User.id == user_id).first()
form.populate_obj(user)
db.session.commit()
flash('User successfully updated', 'success')
else:
# Create a new user (by the admin)
form = CreateUserForm()
if not form.validate():
return render_template('/admin/create_user.html',
form=form,
message='Some errors were found')
user = User(name=form.name.data,
email=form.email.data,
pwdhash=generate_password_hash(form.password.data),
is_admin=form.is_admin.data,
is_active=True)
db.session.add(user)
db.session.commit()
flash('User successfully created', 'success')
return redirect(url_for('administration.user_form', user_id=user.id))
def test_incorrect_password_without_symbol(self):
name= "USER"
password = "******"
user = User(name)
error, goodPassword = user.check_password_strength_and_hash_if_ok(password)
self.assertFalse(goodPassword)
self.assertEqual(error, 'The password must include at least one symbol')
def test_incorrect_password_without_lowercase_letter(self):
name= "USER"
password = "******"
user = User(name)
error, goodPassword = user.check_password_strength_and_hash_if_ok(password)
self.assertFalse(goodPassword)
self.assertEqual(error, 'The password must include at least one lowercase letter')
def test_incorrect_password_too_long(self):
name= "USER"
password = "******"*50
user = User(name)
error, goodPassword = user.check_password_strength_and_hash_if_ok(password)
self.assertFalse(goodPassword)
self.assertEqual(error, 'The password is too long')
def create_user(login, password, is_admin):
user = User(login=login,
pwdhash=generate_password_hash(password),
is_active=True,
is_admin=is_admin)
db.session.add(user)
db.session.commit()
def register():
if current_user.is_authenticated:
return redirect(url_for('home.home_page'))
form = RegistrationForm()
if form.validate_on_submit():
newUser = User(username=form.username.data,
email=form.email.data,
password=bcrypt.generate_password_hash(
form.password.data),
registered_on=datetime.now().strftime('%m-%d-%Y'),
registered_time=datetime.now().strftime('%H:%M'))
print(newUser)
db.session.add(newUser)
db.session.commit()
token = generate_confirmation_token(newUser.email)
send_email(
newUser.email, 'Aktywacja Konta',
render_template('auth/activate.html',
confirm_url=url_for('auth.confirm_account',
token=token,
_external=True)))
login_user(newUser)
flash(
'Twoje konto zostało pomyślnie utworzone! Na podany adres e-mail wyslaliśmy wiadomość z linkiem aktywacyjnym. Prosimy aktywować swoje konto aby mieć dostęp do pełnej wersji strony',
'success')
return redirect(url_for('home.home_page'))
return render_template('/auth/register.html', form=form)
def login(request):
reJson = json.loads(request.body)
code = reJson['code']
url = 'https://api.weixin.qq.com/sns/jscode2session?appid=%s&secret=%s&js_code=%s&grant_type=authorization_code' % (
appid, appsecret, code)
re = requests.get(url)
# result返回 session_key 和 openid
reJson = json.loads(re.content.decode('utf-8'))
print(re.content.decode('utf-8'))
openid = reJson['openid']
logger.info("User: "******" login.")
# 用户初次登入小程序即为其创建数据库记录
if not User.objects.filter(openid=openid):
newUser = User(openid=openid)
logger.info(openid + " create new user")
newUser.save()
# 加密openid
token = createToken(openid)
return HttpResponse(token)
def create_user(email, name, password):
user = User(email=email,
name=name,
pwdhash=generate_password_hash(password),
is_active=True)
db.session.add(user)
db.session.commit()
def test_user_password(self, testapp):
""" Test password hashing and checking """
admin = User('admin', 'supersafepassword')
assert admin.username == 'admin'
assert admin.check_password('supersafepassword')
def populate_db(db):
role_admin, role_user = db_create(db)
user1, user2 = [
User(nickname=name,
email="*****@*****.**" % name,
pwdhash=name,
roles=[role_user],
activation_key="") for name in ["user1", "user2"]
]
db.session.add(user1)
db.session.add(user2)
db.session.commit()
for user in (user1, user2):
for feed_name in ['feed1', 'feed2', 'feed3']:
feed = Feed(link=feed_name,
user_id=user.id,
title="%r %r" % (user.nickname, feed_name))
db.session.add(feed)
db.session.commit()
for article in ['article1', 'article2', 'article3']:
entry = "%s %s %s" % (user.nickname, feed.title, article)
article = Article(entry_id=entry,
link=article,
feed_id=feed.id,
user_id=user.id,
title=entry,
content=article)
db.session.add(article)
db.session.commit()
db.session.commit()
def check_user(username, password):
"""
根据账户名密码
:param username:用户名(str)
:param password: 原始密码(str)
:return: 字典对象{'ID': 1, 'NAME': '测试账号', 'TYPE': '1'}
or None
"""
tel = re.compile(r"^\d{11}$")
email = re.compile(r"^[\w\d]+@[\w\d]+\.com$")
u_id = re.compile(r"^\d{6,8}$")
# 加密密码
password = encrypt.encryption(password)
# 查询条件
condition = {'password': password, "status": "1"}
# 以电话登陆
if tel.match(username):
condition['tel_number'] = username
# 以邮件登陆
elif email.match(username):
condition['email'] = username
# 以 id 登陆
elif u_id.match(username):
condition['id'] = int(username)
else:
return None
# 连接服务器
mongo = MongoOperator(**MongoDB_CONFIG)
# 除_id 外全部获取
result = mongo.get_collection('user').find_one(condition, {"_id": 0})
if result:
return User(**result)
return None
def create_user():
'''Inserts a test user that has an active habit to the db'''
db.session.add(
User(username='******',
password=generate_password_hash('test_password',
method='sha256')))
db.session.commit()
def create_users(self):
for key, value in users.items():
existing_user = User.query.filter_by(name=key).first()
if existing_user is None:
user = User(name=key)
user.check_password_strength_and_hash_if_ok(value)
user.add(user)
def check_registration():
user = User.get(login='******')
if user is None:
user = User(login='******', vk_id=1)
user.save('123456')
print(user.check_user('123456'))
print(user.vk_user)
def signup_post():
form = SignupForm()
if form.validate_on_submit():
new_user = User(first_name=form.first_name.data,
last_name=form.last_name.data,
email=form.email.data,
password=generate_password_hash(form.password.data,
method='sha256'))
# check if the user exists
user = User.query.filter_by(email=new_user.email).first()
if user:
# user exists, go back to signup
flash('email already exists', 'warning')
return redirect(url_for('auth_bp.signup'))
# User doesn't exist add them, then to login form
db.session.add(new_user)
db.session.commit()
flash('User added, please login', 'success')
return redirect(url_for('auth_bp.login'))
else:
# Invalid form, back to signup
return redirect(url_for('auth_bp.signup'))
def test_follow_posts(self):
u1 = User(nickname='john', email='*****@*****.**')
u2 = User(nickname='susan', email= '*****@*****.**')
u3 = User(nickname='mary', email='*****@*****.**')
u4 = User(nickname='david', email= '*****@*****.**')
db.session.add(u1)
db.session.add(u2)
db.session.add(u3)
db.session.add(u4)
utcnow = datetime.utcnow()
p1 = Post(body="post from john", author=u1, timestamp=utcnow + timedelta(seconds=1))
p2 = Post(body="post from susan", author=u2, timestamp=utcnow + timedelta(seconds=2))
p3 = Post(body="post from mary", author=u3, timestamp=utcnow + timedelta(seconds=3))
p4 = Post(body="post from david", author=u4, timestamp=utcnow + timedelta(seconds=4))
db.session.add(p1)
db.session.add(p2)
db.session.add(p3)
db.session.add(p4)
db.session.commit()
u1.follow(u1)
u1.follow(u2)
u1.follow(u4)
u2.follow(u2)
u2.follow(u3)
u3.follow(u3)
u3.follow(u4)
u4.follow(u4)
db.session.add(u1)
db.session.add(u2)
db.session.add(u3)
db.session.add(u4)
db.session.commit()
f1 = u1.followed_posts().all()
f2 = u2.followed_posts().all()
f3 = u3.followed_posts().all()
f4 = u4.followed_posts().all()
assert len(f1) == 3
assert len(f2) == 2
assert len(f3) == 2
assert len(f4) == 1
assert f1 == [p4, p2, p1, ]
assert f2 == [p3, p2, ]
assert f3 == [p4, p3, ]
assert f4 == [p4, ]
def registration():
form = RegForm()
if form.validate_on_submit():
password = sha256(form.password.data.encode()).hexdigest()
user = User(form.login.data, password)
user.save()
return redirect('/')
return render_template('registration.html', form=form)
def test_check_correct_password_and_verify_the_hash(self):
name= "USER"
password = "******"
user = User(name)
error, goodPassword = user.check_password_strength_and_hash_if_ok(password)
self.assertTrue(goodPassword, error)
password_verified = user.verify_password(password)
self.assertTrue(password_verified, "The password could not be verified")
def CreateUser():
'''创建测试账户'''
sql = User.query.filter(User.username == 'root').first()
if not sql:
user1 = User(username='******', password='******', name='管理员', phone='1388888888', email='*****@*****.**',
remark='安全工程师')
DB.session.add(user1)
DB.session.commit()
def test_user_save(self, testapp):
""" Test Saving the user model to the database """
admin = User('admin', 'supersafepassword')
db.session.add(admin)
db.session.commit()
user = User.query.filter_by(username="******").first()
assert user is not None
def test(self):
user = User()
user.username = "******"
password = "******"
user.password = password
db.session.add(user)
db.session.commit()
result = db.session.query(User).all()[0]
self.assertTrue(result.verify_password(password))
def register():
form = RegistrationForm()
if form.validate_on_submit():
user = User(username=form.username.data, password=form.password.data)
db.session.add(user)
db.session.commit()
flash('Your registration was successful!')
return redirect(url_for('auth.login'))
return render_template('register.html', form=form)
