def login():
# create LoginForm instance
form = LoginForm()
if request.method == 'POST':
# check inputs' data
if form.validate_on_submit():
error = None
# get user by email
user = UserOp().get_user_email(form.email.data)
# check if the user exists or not
if user is None:
error = 'Incorrect email.'
# check is password correct using is_correct_password() func on Models
elif not user.is_correct_password(form.password.data):
error = 'Incorrect password.'
if error is None:
# set loged in user
login_user(user)
return redirect(url_for('main.index'))
flash(error, 'danger')
return render_template('auth/login.html', form=form)
def register():
# create RegisterForm instance
form = RegisterForm()
if request.method == 'POST':
if form.validate_on_submit():
error = None
# check the username has already existed
chk_name = UserOp().get_user_name(form.username.data)
if chk_name is not None:
error = 'The username has already existed.'
else:
# check the email has already existed
chk_email = UserOp().get_user_email(form.email.data)
if chk_email is not None:
error = 'The email has already existed.'
if error is None:
UserOp().add_user(form.username.data, form.email.data,
form.password.data)
flash('Your account has been created!', 'success')
return redirect(url_for('auth.login'))
flash(error, 'danger')
return render_template('auth/register.html', form=form)
def test_update_user(db, create_user):
"""
GIVEN a UserOp model and an existing User
WHEN the User is update
THEN check the user data are stored (updated) correctly
"""
user_id = create_user.id
old_username = create_user.username
old_created = create_user.created
old_updated = create_user.updated
create_user.username = username
create_user.email = email
create_user.set_password(password)
# update the user
UserOp().update_user(create_user)
user = User.query.get(user_id)
assert user.username != old_username
assert user.username == username
assert user.email == email
assert user.is_correct_password(password)
assert user.created == old_created
assert user.updated != old_updated
user = User.query.filter_by(username=old_username).first()
assert user is None
def load_user():
username = '******'
email = '*****@*****.**'
password = '******'
# Insert user data
UserOp().add_user(username, email, password)
test_user = TestUser(username, email, password)
return test_user
def test_get_user_name(db, create_user):
"""
GIVEN a UserOp model and an existing User
WHEN get_user_name is called
THEN check the user are returned correctly
"""
user = UserOp().get_user_name(create_user.username)
assert user.id == create_user.id
assert user.email == create_user.email
assert user.password == create_user.password
assert user.created == create_user.created
assert user.updated == create_user.updated
invalid_username = create_user.username + 'a'
user = UserOp().get_user_name(invalid_username)
assert invalid_username != create_user.username
assert user is None
def test_delete_user(db, create_user):
"""
GIVEN a UserOp model and an existing User
WHEN the User is deleted
THEN check the user doesn't exist
"""
user_id = create_user.id
UserOp().delete_user(create_user)
assert User.query.get(user_id) is None
def delete():
form = DeleteForm()
if request.method == 'POST':
if form.validate_on_submit():
user_id = current_user.id
# logout
logout_user()
# get the user by current_user.id
user = UserOp().get_user_id(user_id)
if user is None:
flash('Please login again.', 'danger')
return redirect(url_for('auth.login'))
UserOp().delete_user(user)
flash('Your account has been deleted.', 'success')
return redirect(url_for('auth.register'))
return render_template('auth/delete.html', form=form)
def test_add_user(db):
"""
GIVEN a UserOp model
WHEN a new User is created
THEN check the user are stored correctly
"""
UserOp().add_user(username, email, password)
# get a user by email
user = User.query.filter_by(email=email).first()
assert user.id == 1
assert user.username == username
assert user.email == email
assert user.password != password
assert user.is_correct_password(password)
def change():
form = ChangeForm()
if request.method == 'POST':
if form.validate_on_submit():
# get the user by current_user.id
user = UserOp().get_user_id(current_user.id)
if user is None:
flash('Please login again.', 'danger')
return redirect(url_for('auth.login'))
elif not user.is_correct_password(form.password.data):
flash('Incorrect password.', 'danger')
else:
# set new hashed password
user.set_password(form.new_password.data)
UserOp().update_user(user)
flash('Your password has been changed!', 'success')
return render_template('auth/change.html', form=form)