def setUp(self): self.app = create_app('test') self.app_context = self.app.app_context() self.app_context.push() self.client = self.app.test_client() from main.orm.db import engine self.engine = engine Base.metadata.create_all(engine) u = DBUser(username='******', email='*****@*****.**', password='******') u.save()
def test_password_setter(self): u = User(username='******', email='*****@*****.**', password='******') u.save() user = User.query().filter_by(username='******').first() with self.assertRaises(AttributeError): user.password self.assertTrue(user.verify_password('pwd')) user.password = '******' self.assertTrue(user.verify_password('new_pwd'))
def setUp(self): app = create_app('test') self.app_context = app.app_context() self.app_context.push() self.client = app.test_client() from main.orm.db import engine self.engine = engine Base.metadata.create_all(self.engine) # set up user for authentication without admin user = User(username=admin['username'], email=admin['email'], password=admin['password']) user.save()
def load_logged_in_user(): user_id = session.get('user_id') if user_id is None: g.user = None else: g.user = User.query().filter_by(id=user_id).first()
def get_user_by_token(token) -> bool: """Validate token for each visit.""" nonlocal s try: data = s.loads(token) except SignatureExpired: return None except BadSignature: return None user = User.get(data['id']) return user
def verify_user(username, password, email=None): """Check if verify password is correct by username and password.""" user = User.query() \ .filter_by(username=username) if email is not None: user = user.filter_by(email=email) user = user.first() if user is None or not user.verify_password(password): return False g.user = user return True
def check_status_code_with_admin(self, path, method='GET', **kwargs): user = User.query() \ .filter_by(username=admin['username']) \ .first() if method == 'GET': req = self.client.get target_code = 200 elif method == 'POST': req = partial(self.client.post, data=kwargs) target_code = 302 elif method == 'PUT': req = partial(self.client.put, data=kwargs) target_code = 302 # redirect without login response = req(path) self.assertEqual(response.status_code, 302) # permission denied if not admin self.login() response = req(path) self.assertEqual(response.status_code, 403) self.logout() # can access with admin user.is_admin = True user.save() self.login() response = req(path) self.assertEqual(response.status_code, target_code) self.logout() user.is_admin = False user.save() return response
def logout(self): user = User.query().filter_by(username=admin['username']).first() if user.is_admin: user.is_admin = False user.save() self.client.get('/logout')
def auth_login(self): user = User.query().filter_by(username=admin['username']).first() user.is_admin = True user.save() self.login()
def __call__(self): return User(username=fake.user_name(), email=fake.email(), password=fake.password(), is_admin=True)
def __call__(self): return User(username=fake.user_name, email=fake.email(), password=fake.password())