def create():
"""
Create a new user.
"""
username = get_username()
email = get_email()
password = get_password()
confirmed_password = get_confirmed_password()
if not password == confirmed_password:
sys.exit("Passwords don't match!")
if len(password) < 4:
sys.exit("The password is too short")
is_admin = get_is_admin()
is_superuser = get_is_superuser()
is_active = get_is_active()
user = BaseUser(
username=username,
password=password,
admin=is_admin,
email=email,
active=is_active,
superuser=is_superuser,
)
user.save().run_sync()
print(f"Created User {user.id}")
def create_user_and_session(self):
user = BaseUser(**self.credentials,
active=True,
admin=True,
superuser=True)
user.save().run_sync()
SessionsBase.create_session_sync(user_id=user.id)
def test_update_password(self):
username = "******"
password = "******"
email = "*****@*****.**"
user = BaseUser(username=username, password=password, email=email)
user.save().run_sync()
authenticated = BaseUser.login_sync(username, password)
self.assertTrue(authenticated is not None)
# Test success
new_password = "******"
BaseUser.update_password_sync(username, new_password)
authenticated = BaseUser.login_sync(username, new_password)
self.assertTrue(authenticated is not None)
# Test ultra long password
malicious_password = secrets.token_urlsafe(1000)
with self.assertRaises(ValueError) as manager:
BaseUser.update_password_sync(username, malicious_password)
self.assertEqual(
manager.exception.__str__(),
"The password is too long.",
)
def test_login(self, logger: MagicMock):
username = "******"
password = "******"
email = "*****@*****.**"
user = BaseUser(username=username, password=password, email=email)
user.save().run_sync()
# Test correct password
authenticated = BaseUser.login_sync(username, password)
self.assertTrue(authenticated == user.id)
# Test incorrect password
authenticated = BaseUser.login_sync(username, "blablabla")
self.assertTrue(authenticated is None)
# Test ultra long password
malicious_password = secrets.token_urlsafe(1000)
authenticated = BaseUser.login_sync(username, malicious_password)
self.assertTrue(authenticated is None)
self.assertEqual(
logger.method_calls,
[call.warning("Excessively long password provided.")],
)
# Test ulta long username
logger.reset_mock()
malicious_username = secrets.token_urlsafe(1000)
authenticated = BaseUser.login_sync(malicious_username, password)
self.assertTrue(authenticated is None)
self.assertEqual(
logger.method_calls,
[call.warning("Excessively long username provided.")],
)
def test_login_success(self):
user = BaseUser(**self.credentials)
user.save().run_sync()
client = TestClient(APP)
response = client.post("/", json=self.credentials)
self.assertTrue(response.status_code == 200)
self.assertTrue("token" in response.json())
def test_secret(self):
"""
Make sure that secret fields are omitted from the response when
requested.
"""
user = BaseUser(username="******", password="******")
user.save().run_sync()
user_dict = BaseUser.select(exclude_secrets=True).first().run_sync()
self.assertTrue("password" not in user_dict.keys())
def test_create(self, *args, **kwargs):
user = BaseUser(username="******", password="******")
user.save().run_sync()
change_password()
self.assertTrue(
BaseUser.login_sync(username="******", password="******")
is not None
)
def test_login_success(self):
user = BaseUser(**self.credentials)
user.save().run_sync()
token = TokenAuth.create_token_sync(user_id=user.id)
client = TestClient(APP)
response = client.post("/", json=self.credentials)
self.assertTrue(response.status_code == 200)
self.assertTrue(response.json()["token"] == token)
def test_sucess(self):
provider = PiccoloTokenAuthProvider()
user = BaseUser(**self.credentials)
user.save().run_sync()
token = TokenAuth.create_token_sync(user_id=user.id)
queried_user = run_sync(provider.get_user(token))
self.assertEqual(user.username, queried_user.user["username"])
def test_login_failure(self):
user = BaseUser(**self.credentials)
user.save().run_sync()
client = TestClient(APP)
with self.assertRaises(HTTPException):
response = client.post("/",
json={
"username": "******",
"password": "******"
})
self.assertTrue(response.status_code == 401)
def test_update_password(self):
username = "******"
password = "******"
email = "*****@*****.**"
user = BaseUser(username=username, password=password, email=email)
user.save().run_sync()
authenticated = BaseUser.login_sync(username, password)
self.assertTrue(authenticated is not None)
new_password = "******"
BaseUser.update_password_sync(username, new_password)
authenticated = BaseUser.login_sync(username, new_password)
self.assertTrue(authenticated is not None)
def test_login(self):
username = "******"
password = "******"
email = "*****@*****.**"
user = BaseUser(username=username, password=password, email=email)
save_query = user.save()
save_query.run_sync()
authenticated = asyncio.run(BaseUser.login(username, password))
self.assertTrue(authenticated is not None)
authenticated = asyncio.run(BaseUser.login(username, "blablabla"))
self.assertTrue(not authenticated)