def test_update_password(self):
user_1 = self.create_from_factory(UserFactory)
new_password = "******"
self.assertFalse(check_user_password(new_password, user_1['password']))
url = self.url_for_admin(USER_URL, user_id=user_1['_id'])
response = self.post_json(url, data={'password': new_password})
self.assertEqual(200, response.status_code)
stored_user = get_user(user_1['_id'])
self.assertTrue(
check_user_password(new_password, stored_user['password']))
def login():
username = request.json.get('username', None)
password = request.json.get('password', None)
user = get_user(username)
if not user or not check_user_password(password, user.get('password')):
return jsonify({
'login': False,
'reason': 'INVALID_CREDENTIALS'
}), 401
company = get_company_by_admin_user(user['_id'])
if user['type'] == UserType.HIRING_MANAGER \
and not company.get('enabled', False):
return jsonify({'login': False, 'reason': 'COMPANY_DISABLED'}), 401
# Create the tokens we will be sending back to the user
identity = _create_identity_object(user, company)
access_token = create_access_token(identity=identity)
refresh_token = create_refresh_token(identity=identity)
# Set the JWTs and the CSRF double submit protection cookies
# in this response
resp = {
'accessToken': access_token,
'refreshToken': refresh_token,
}
resp.update(identity)
# set_access_cookies(resp, access_token)
# set_refresh_cookies(resp, refresh_token)
return jsonify(resp), 200
def test_set_password(self):
user = self.create_from_factory(UserFactory)
new_password = "******"
update_user_password(user_id=user['_id'], new_password=new_password)
stored_user = get_user(username=user['_id'])
self.assertTrue(check_user_password(new_password,
stored_user['password']))
def test_create(self):
stored_user = self.create_from_factory(
UserFactory,
username=self.username, password=self.password,
title=self.title, first_name=self.first_name,
last_name=self.last_name, user_type=self.user_type)
self.assertTrue(check_user_password(self.password,
stored_user.pop('password')))
self.assertEquals({
'_id': self.username,
'type': self.user_type,
'first_name': self.first_name,
'last_name': self.last_name,
'title': self.title
}, stored_user)
def test_password_encryption_decryption(self):
password = '******'
hashed_password = encrypt_user_password(password)
self.assertTrue(
check_user_password(password=password, hashed=hashed_password))