def test_user_validate():
u = create_user_with_permissions()
u.password = u'testpass123'
db.sess.commit()
assert User.validate(u.login_id, u'bad_password') is None
assert User.validate(u'bad_login', u'testpass123') is None
assert User.validate(u.login_id, u'testpass123').id == u.id
def post(self):
if self.form.is_valid():
user = orm_User.validate(
self.form.els.login_id.value,
self.form.els.password.value
)
if user:
if user.inactive:
session_user.add_message('error', 'That user is inactive.')
else:
load_session_user(user)
log.application('user %s logged in; session id: %s; remote_ip: %s',
user.login_id, rg.session.id, rg.request.remote_addr)
session_user.add_message('notice', 'You logged in successfully!')
if user.reset_required:
url = url_for('auth:ChangePassword')
else:
url = after_login_url()
redirect(url)
else:
log.application('user login failed; user login: %s; session id: %s; remote_ip: %s',
self.form.elements.login_id.value, rg.session.id,
rg.request.remote_addr)
session_user.add_message('error', 'Login failed! Please try again.')
elif self.form.is_submitted():
# form was submitted, but invalid
self.form.assign_user_errors()
self.default()
