def register():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = RegistrationForm()
if form.validate_on_submit():
user = User(username=form.username.data, email=form.email.data)
user.set_password(form.password.data)
db.session.add(user)
db.session.commit()
flash(_('Congratulations, you are now a registered user!'))
return redirect(url_for('auth.login'))
return render_template('auth/register.html',
title=_('Register'),
form=form)
def setUpClass(cls):
from tutorial.models.meta import Base
from tutorial.models import (
User,
Page,
get_tm_session,
)
from tutorial import main
settings = {
'sqlalchemy.url': 'sqlite://',
'auth.secret': 'seekrit',
}
app = main({}, **settings)
cls.testapp = webtest.TestApp(app)
session_factory = app.registry['dbsession_factory']
cls.engine = session_factory.kw['bind']
Base.metadata.create_all(bind=cls.engine)
with transaction.manager:
dbsession = get_tm_session(session_factory, transaction.manager)
editor = User(name='editor', role='editor')
editor.set_password('editor')
basic = User(name='basic', role='basic')
basic.set_password('basic')
page1 = Page(name='FrontPage', data='This is the front page')
page1.creator = editor
page2 = Page(name='BackPage', data='This is the back page')
page2.creator = basic
dbsession.add_all([basic, editor, page1, page2])
def create_user():
data = request.get_json() or {}
if 'username' not in data or 'email' not in data or 'password' not in data:
return bad_request('must include username, email and password fields')
if User.query.filter_by(username=data['username']).first():
return bad_request('please use a different username')
if User.query.filter_by(email=data['email']).first():
return bad_request('please use a different email address')
user = User()
user.from_dict(data, new_user=True)
db.session.add(user)
db.session.commit()
response = jsonify(user.to_dict())
response.status_code = 201
response.headers['Location'] = url_for('api.get_user', id=user.id)
return response
def test_authenticated_user(self):
from tutorial.models import User
request = DummyRequest()
request.user = User()
request.user.id = 'foo'
from tutorial.security import MyAuthenticationPolicy
policy = MyAuthenticationPolicy(None)
self.assertEqual(policy.authenticated_userid(request), 'foo')
def get_followed(id):
user = User.query.get_or_404(id)
page = request.args.get('page', 1, type=int)
per_page = min(request.args.get('per_page', 10, type=int), 100)
data = User.to_collection_dict(user.followed,
page,
per_page,
'api.get_followed',
id=id)
return jsonify(data)
def register():
if current_user.is_authenticated:
return redirect(url_for('main.home'))
form = RegistrationForm()
if form.validate_on_submit():
hashed_pw = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
user = User(username=form.username.data, email=form.email.data, password=hashed_pw)
db.session.add(user)
db.session.commit()
flash('Your account has been created! You are now able to log in', 'success')
return redirect(url_for('users.login'))
return render_template('register.html', title='Register', form=form)
def setUpClass(cls):
from tutorial.models.meta import Base
from tutorial.models import (
User,
Page,
get_tm_session,
)
from tutorial import main
settings = {
'sqlalchemy.url': 'sqlite://',
'auth.secret': 'seekrit',
}
app = main({}, **settings)
cls.testapp = TestApp(app)
session_factory = app.registry['dbsession_factory']
cls.engine = session_factory.kw['bind']
Base.metadata.create_all(bind=cls.engine)
with transaction.manager:
dbsession = get_tm_session(session_factory, transaction.manager)
editor = User(name='editor', role='editor')
editor.set_password('editor')
basic = User(name='basic', role='basic')
basic.set_password('basic')
page1 = Page(name='FrontPage', data='This is the front page')
page1.creator = editor
page2 = Page(name='BackPage', data='This is the back page')
page2.creator = basic
dbsession.add_all([basic, editor, page1, page2])
def reset_password(token):
if current_user.is_authenticated:
return redirect(url_for('main.index'))
user = User.verify_reset_password_token(token)
if not user:
return redirect(url_for('main.index'))
form = ResetPasswordForm()
if form.validate_on_submit():
user.set_password(form.password.data)
db.session.commit()
flash(_('Your password has been reset.'))
return redirect(url_for('auth.login'))
return render_template('auth/reset_password.html', form=form)
def register():
isActive = 0
if current_user.is_authenticated:
isActive = 1
success = 0
form = forms.SignUp()
if request.method == 'POST':
form = forms.SignUp(request.form)
user = User(username=request.form['username'],
email=request.form['email'])
user.set_password(request.form['password'])
db.session.add(user)
db.session.commit()
success = 1
title = "Registration"
description = "This is the registration page"
return render_template("register.html",
title=title,
description=description,
form=form,
success=success,
isActive=isActive)
def test_follow(self):
u1 = User(username='******', email='*****@*****.**')
u2 = User(username='******', email='*****@*****.**')
db.session.add(u1)
db.session.add(u2)
db.session.commit()
self.assertEqual(u1.followed.all(), [])
self.assertEqual(u1.followers.all(), [])
u1.follow(u2)
db.session.commit()
self.assertTrue(u1.is_following(u2))
self.assertEqual(u1.followed.count(), 1)
self.assertEqual(u1.followed.first().username, 'susan')
self.assertEqual(u2.followers.count(), 1)
self.assertEqual(u2.followers.first().username, 'john')
u1.unfollow(u2)
db.session.commit()
self.assertFalse(u1.is_following(u2))
self.assertEqual(u1.followed.count(), 0)
self.assertEqual(u2.followers.count(), 0)
def reset_token(token):
if current_user.is_authenticated:
return redirect(url_for('main.home'))
user = User.verify_reset_token(token)
if user is None:
flash('That is an invalid or expired token', 'warning')
return redirect(url_for('users.reset_request'))
form = ResetPasswordForm()
if form.validate_on_submit():
hashed_pw = bcrypt.generate_password_hash(form.password.data).decode('utf-8')
user.password = hashed_pw
db.session.commit()
flash('Your password has been updated! You are now able to log in', 'success')
return redirect(url_for('users.login'))
return render_template('reset_token.html', title='Reset Password', form=form)
def after_login(resp):
if resp.email is None or resp.email == "":
flash('Invalid login. Please try again.')
return redirect(url_for('login'))
user = User.query.filter_by(email=resp.email).first()
if user is None:
nickname = resp.nickname
if nickname is None or nickname == "":
nickname = resp.email.split("@")[0]
user = User(nickname=nickname, email=resp.email)
db.session.add(user)
db.session.commit()
remember_me = False
if 'remember_me' in session:
remember_me = session['remember_me']
session.pop('remember_me', None)
login_user(user, remember=remember_me)
return redirect(request.args.get('next') or url_for('index'))
def main(argv=sys.argv):
if len(argv) != 2:
usage(argv)
config_uri = argv[1]
setup_logging(config_uri)
settings = get_appsettings(config_uri)
engine = engine_from_config(settings, 'sqlalchemy.')
Session.configure(bind=engine)
Base.metadata.create_all(engine)
try:
session = Session()
user1 = User('as', 'sasas', '564545', 'deewe', 'genericuser',
'basic123', 'sd')
group1 = Groups('basic')
group2 = Groups('secured')
session.add(group1)
session.add(group2)
user1.mygroups.append(group2)
session.add(user1)
transaction.commit()
except IntegrityError:
pass
def test_follow_posts(self):
# create four users
u1 = User(username='******', email='*****@*****.**')
u2 = User(username='******', email='*****@*****.**')
u3 = User(username='******', email='*****@*****.**')
u4 = User(username='******', email='*****@*****.**')
db.session.add_all([u1, u2, u3, u4])
# create four posts
now = datetime.utcnow()
p1 = Post(body="post from john", author=u1,
timestamp=now + timedelta(seconds=1))
p2 = Post(body="post from susan", author=u2,
timestamp=now + timedelta(seconds=4))
p3 = Post(body="post from mary", author=u3,
timestamp=now + timedelta(seconds=3))
p4 = Post(body="post from david", author=u4,
timestamp=now + timedelta(seconds=2))
db.session.add_all([p1, p2, p3, p4])
db.session.commit()
# setup the followers
u1.follow(u2) # john follows susan
u1.follow(u4) # john follows david
u2.follow(u3) # susan follows mary
u3.follow(u4) # mary follows david
db.session.commit()
# check the followed posts of each user
f1 = u1.followed_posts().all()
f2 = u2.followed_posts().all()
f3 = u3.followed_posts().all()
f4 = u4.followed_posts().all()
self.assertEqual(f1, [p2, p4, p1])
self.assertEqual(f2, [p2, p3])
self.assertEqual(f3, [p3, p4])
self.assertEqual(f4, [p4])
def verify_token(token):
g.current_user = User.check_token(token) if token else None
return g.current_user is not None
def get_users():
page = request.args.get('page', 1, type=int)
per_page = min(request.args.get('per_page', 10, type=int), 100)
data = User.to_collection_dict(User.query, page, per_page, 'api.get_users')
return jsonify(data)
def test_password_hashing(self):
u = User(username='******')
u.set_password('cat')
self.assertFalse(u.check_password('dog'))
self.assertTrue(u.check_password('cat'))
def test_avatar(self):
u = User(username='******', email='*****@*****.**')
self.assertEqual(u.avatar(128), ('https://www.gravatar.com/avatar/'
'd4c74594d841139328695756648b6bd6'
'?d=identicon&s=128'))
def makeUser(self, name, role, password='******'):
from tutorial.models import User
user = User(name=name, role=role)
user.set_password(password)
return user
def makeUser(self, name, role):
from tutorial.models import User
return User(name=name, role=role)
