def user_update(request):
"""Update a stored user on the system.
:returns: The updated user dict.
"""
log = get_log("user_update")
username = request.matchdict['username'].strip().lower()
log.debug("updating user <{!r}>".format(username))
user_data = request.json_body
# un-obuscate the new password, not ideal!
if "new_password" in user_data:
try:
decoded = user_data["new_password"].decode("base64")
user_data["new_password"] = decoded
except Exception as e:
raise ValueError("The new_password not Base64 encoded: %s" % e)
result = user.update(**user_data)
log.debug("user <{!r}> updated ok.".format(result['username']))
return result
def testExtraField(logger, mongodb):
"""Test the arbitrary dic that can be used to store useful fields
per user.
"""
username = '******'
plain_pw = '1234567890'
assert user.count() == 0
assert user.find(username=username) == []
user_dict = dict(
username=username,
password=plain_pw,
display_name='Bob Sprocket',
email='*****@*****.**',
phone='9876543210'
)
item1 = user.add(**user_dict)
# Make sure I cannot add the same username again:
with pytest.raises(user.UserPresentError):
user.add(**user_dict)
assert user.find(username=username) == [item1]
assert user.has(username) is True
assert user.count() == 1
item2 = user.get(username)
assert item2['username'] == user_dict['username']
assert item2['display_name'] == user_dict['display_name']
is_validate = pwtools.validate_password(
plain_pw, item1['password_hash']
)
assert is_validate is True
is_validate = pwtools.validate_password(
"not the right one", item1['password_hash']
)
assert is_validate is False
assert item2['email'] == user_dict['email']
assert item2['phone'] == user_dict['phone']
# Now update all the user fields that can be changed
# and add some extra data to the arbitrary fields:
#
oauth_tokens = dict(
# Some pretend googleservice oauth data:
googleauth=dict(
request_token="1234567890",
)
)
user_dict = dict(
username=username,
# change the password. new_password will be hashed and
# its has stored as password_hash:
new_password="******",
display_name='Bobby',
email='*****@*****.**',
phone='12121212',
oauth_tokens=oauth_tokens,
cats='big',
teatime=1,
)
user.update(**user_dict)
item2 = user.get(username)
assert item2['username'] == user_dict['username']
assert item2['display_name'] == user_dict['display_name']
is_validate = pwtools.validate_password(
"ifidexmemwb", item2['password_hash']
)
assert is_validate is True
is_validate = pwtools.validate_password(
plain_pw, item2['password_hash']
)
assert is_validate is False
is_validate = pwtools.validate_password(
"not the right one", item1['password_hash']
)
assert is_validate is False
assert item2['email'] == user_dict['email']
assert item2['phone'] == user_dict['phone']
assert item2['oauth_tokens'] == oauth_tokens
assert item2['cats'] == 'big'
assert item2['teatime'] == 1
