def login():
'''
This router function attempts to fulfill a login request. During its
attempt, it returns a json string, with two values:
- boolean, inidicates if account exists
- integer, codified indicator of registration attempt:
- 0, successful login
- 1, username does not exist
- 2, username does not have a password
- 3, supplied password does not match stored password
'''
if request.method == 'POST':
# local variables
username = request.form.getlist('user[login]')[0]
password = request.form.getlist('user[password]')[0]
account = Retrieve_Account()
# validate: check username exists
if (account.check_username(username)['result']
and account.get_uid(username)['result']):
# database query: get hashed password, and userid
hashed_password = account.get_password(username)['result']
uid = account.get_uid(username)['result']
# notification: verify hashed password exists
if hashed_password:
# notification: verify password
if verifypass(str(password), hashed_password):
# set session: uid corresponds to primary key, from the
# user database table, and a unique integer
# representing the username.
session['uid'] = uid
# return user status
return json.dumps({'status': 0, 'username': username})
else:
return json.dumps({'status': 3, 'username': username})
# notification: user does not have a password
else:
return json.dumps({'status': 2, 'username': username})
# notification: username does not exist
else:
return json.dumps({'status': 1, 'username': username})
def test_login(client, live_server):
'''
This method tests the user login process. Specifically, the tests include
verifying the user credentials (i.e. username, and password). Then, it
checks, if the flask session has successfully stored the userid (i.e. uid),
into flask's session implementation.
'''
live_server.start()
# local variables
username = '******'
password = '******'
url = '/login'
authenticate = Retrieve_Account()
# validate: username exists
if authenticate.check_username(username)['result']:
# database query: get hashed password
hashed_password = authenticate.get_password(username)['result']
# notification: verify hashed password exists
if hashed_password:
# notification: verify password
if verifypass(str(password), hashed_password):
# post requests: login response
payload = {'user[login]': username, 'user[password]': password}
login = client.post(url, data=payload)
assert login.status_code == 200
assert session.get('uid') == 1
else:
assert False
# notification: user does not have a password
else:
assert False
# notification: username does not exist
else:
assert False
def login():
'''
This router function attempts to fulfill a login request. During its
attempt, it returns a json string, with two values:
- boolean, inidicates if account exists
- integer, codified indicator of registration attempt:
- 0, successful login
- 1, username does not exist
- 2, username does not have a password
- 3, supplied password does not match stored password
'''
if request.method == 'POST':
# local variables
username = request.form.getlist('user[login]')[0]
password = request.form.getlist('user[password]')[0]
account = Retrieve_Account()
# validate: check username exists
if (
account.check_username(username)['result'] and
account.get_uid(username)['result']
):
# database query: get hashed password, and userid
hashed_password = account.get_password(username)['result']
uid = account.get_uid(username)['result']
# notification: verify hashed password exists
if hashed_password:
# notification: verify password
if verifypass(str(password), hashed_password):
# set session: uid corresponds to primary key, from the
# user database table, and a unique integer
# representing the username.
session['uid'] = uid
# return user status
return json.dumps({
'status': 0,
'username': username
})
else:
return json.dumps({
'status': 3,
'username': username
})
# notification: user does not have a password
else:
return json.dumps({
'status': 2,
'username': username
})
# notification: username does not exist
else:
return json.dumps({
'status': 1,
'username': username
})
