def invited(token):
form = InvitedUserForm()
if User.confirm_invited_user(token):
user = User.load_invited_user(token)
login_user(user)
if user.confirmed:
flash('Account already activated!')
return redirect(url_for('main.index'))
if form.validate_on_submit():
user.password = form.password.data
user.username = form.username.data
user.confirmed = True
db.session.add(user)
db.session.commit()
return redirect(url_for('main.index'))
else:
flash('Unable to confirm your invite')
return redirect(url_for('main.index'))
return render_template('auth/invited.html', form=form)
def register():
form = RegistrationForm()
if form.validate_on_submit():
email = form.email.data
username = form.username.data
user = User(email=email, username=username)
user.password = form.password.data
company = Company()
company.name = form.company.data
db.session.add(user)
db.session.add(company)
company.set_company_owner(user)
company.add_user(user)
db.session.commit()
token = user.generate_confirmation_token()
send_email(user.email, 'Confirm Your Account',
'auth/email/confirm', user=user, token=token)
flash('A confirmation email has been sent to you by email.')
return redirect(url_for('auth.login'))
return render_template('auth/register.html', form=form)
def test_valid_confirmation_token(clean_db):
u = User()
u.password = '******'
db.session.add(u)
db.session.commit()
token = u.generate_confirmation_token()
assert u.confirm(token)
def sample_data():
set_up()
user1 = User(username='******', email='*****@*****.**', password='******', confirmed=True)
user2 = User(username='******', email='*****@*****.**', password='******', confirmed=True)
db.session.add(user1)
db.session.add(user2)
db.session.commit()
print("Added sample data to database")
def test_user_login_redirects_to_index(client, user):
u = User()
u.email = user['email']
u.password = user['password']
u.confirmed = True
db.session.add(u)
db.session.commit()
data = {'email': user['email'], 'password': user['password']}
response = client.post(url_for('auth.login'),
data=data,
follow_redirects=True)
assert b'<h1>Page Header</h1>' in response.data
def test_login_required(clean_db, client, path):
u = User()
u.password = '******'
u.email = '*****@*****.**'
u.confirmed = True
response = client.post(url_for('auth.login'),
data={
'email': '*****@*****.**',
'password': '******'
},
follow_redirects=True)
assert client.get(url_for(path), follow_redirects=True).status_code == 200
def register():
form = RegistrationForm()
if form.validate_on_submit():
email = form.email.data
username = form.username.data
user = User(email=email, username=username)
user.password = form.password.data
db.session.add(user)
db.session.commit()
flash('You have been signed up. Please login.')
return redirect(url_for('auth.login'))
return render_template('auth/register.html', form=form)
def test_users_company_name(clean_db):
company = Company()
company.name = 'test name'
user1 = User()
user1.username = '******'
db.session.add(user1)
db.session.add(company)
company.add_user(user1)
db.session.commit()
assert user1.company.name == company.name
def test_company_owner(clean_db):
name = 'Test Company'
company = Company()
company.name = name
user1 = User()
user1.username = '******'
db.session.add(user1)
db.session.add(company)
company.set_company_owner(user1)
db.session.commit()
db_company = Company.query.filter_by(name=name).first()
assert user1 == db_company.owner
def remove_user(user_id):
user = User.load_user(user_id)
if user.is_admin:
flash('You cannot remove admin accounts. Pleas contact support for help.')
return redirect(url_for('auth.company_settings'))
name = user.username
db.session.delete(user)
flash(f'{name} been removed from the company')
return redirect(url_for('auth.company_settings'))
def sample_data():
set_up()
user1 = User(username='******',
email='*****@*****.**',
password='******',
confirmed=True)
user2 = User(username='******',
email='*****@*****.**',
password='******',
confirmed=True)
user3 = User(username='******',
email='*****@*****.**',
password='******',
confirmed=True)
user4 = User(username='******',
email='*****@*****.**',
password='******',
confirmed=True)
company1 = Company(name='ExampleCompanyOne.com')
company2 = Company(name='ExampleCompanyTwo.com')
db.session.add(user1)
db.session.add(user2)
db.session.add(user3)
db.session.add(user4)
company1.add_user(user1)
company1.add_user(user2)
company1.set_company_owner(user1)
company1.add_asset('company1_asset')
db.session.add(company1)
company2.add_user(user3)
company2.add_user(user4)
company2.set_company_owner(user3)
company2.add_asset('company2_asset')
db.session.add(company2)
db.session.commit()
def reset_user_password(user_id):
user = User.load_user(user_id)
print(user)
name = user.username
token = user.generate_reset_token()
send_email(user.email, 'Reset Your Password',
'auth/email/reset_password',
user=user, token=token,
next=request.args.get('next'))
flash(f'An email with instructions to reset {name}\'s password has been sent to {name}.')
return redirect(url_for('auth.company_settings'))
def test_user_salts_are_random():
u = User()
u.password = '******'
u2 = User()
u2.password = '******'
assert u.password_hash != u2.password_hash
def test_company_add_users(clean_db):
company = Company()
company.name = 'test name'
user1 = User()
user1.username = '******'
user2 = User()
user2.username = '******'
db.session.add(user1)
db.session.add(user2)
db.session.add(company)
company.add_user(user1)
company.add_user(user2)
users = company.users
assert user1 in users
assert user2 in users
def test_user_password_setter():
u = User()
u.password = '******'
assert u.password_hash is not None
def test_user_password_verification():
u = User()
u.password = '******'
assert u.verify_password('cat')
assert not u.verify_password('dog')
def test_user_no_password_getter():
u = User()
u.password = '******'
with pytest.raises(AttributeError):
b = u.password
