def create_link(data):
"""Create confirmation link.
:param data: any data-type to be put
:return: an url with external access
"""
token = create_confirmation_token(data)
return url_for("confirm", token=token, _external=True)
def test_confirm_email_expired_confirmation_old_users(
self, email, register_data, client):
"""Confirmation url got by an old confirmed user."""
register_data["email"] = email
token = create_confirmation_token(email)
time.sleep(2)
confirm(token, 1)
assert User.query.filter_by(email=email).first()
def test_confirm_email_confirmed_users(self, email, client):
"""Confirmation url got by an unregistered user."""
token = create_confirmation_token(email)
link = url_for("confirm", token=token, _external=True)
with client:
response: Response = client.get(link,
content_type="html/text",
follow_redirects=True)
assert request.path == url_for("login")
assert ("Ссылка недействительна. Пройдите регистрацию."
not in response.get_data(True))
def retrieve_password(user) -> None:
"""Change stored password by a random one and send a letter with a link for retrieve."""
user.password = get_random_password_hash()
db.session.commit()
token = create_confirmation_token(
(user.email, "retrieve_password", datetime.utcnow().timestamp()))
link = url_for("retrieve", token=token, _external=True)
message = create_message("Восстановление доступа на сайт WebShop",
user.email)
message.html = (
f"Ваш предыдущий пароль был сброшен.<br>"
f"Для создания нового пароля перейдите по <a href={link}>ссылке</a>.<br><br>"
f"Ссылка действительна в течение 5 минут.")
send_message(message)
def test_create_confirmation_token(self, test_app, email, expiry_time):
token = create_confirmation_token(email)
if expiry_time > 1:
stored_email = token_serializer.loads(
token, salt=test_app.config["SECRET_KEY"])
assert stored_email == email
else:
time.sleep(2)
with pytest.raises(SignatureExpired):
token_serializer.loads(
token,
salt=test_app.config["SECRET_KEY"],
max_age=expiry_time,
)
def test_get_retrieve_with_expired_tokens(self, client, email):
"""Test get-retrieve with expired tokens."""
token = create_confirmation_token(
(email, "retrieve_password", datetime.utcnow().timestamp() - 301))
with client:
params = {"token": token}
response: Response = client.get(
url_for("retrieve", **params),
content_type="html/text",
follow_redirects=True,
)
assert "Ссылка недействительна" in response.get_data(True)
assert request.path == url_for("retrieve")
assert "Пароль" not in response.get_data(True)
print(request.__dict__)
def test_confirm_email_expired_confirmation(self, email, register_data,
client):
"""Confirmation url got by a new user too late."""
register_data["email"] = email
token = create_confirmation_token(email)
with client:
with patch("web_shop.views.register_view.send_message"):
client.post(
url_for("register"),
data=register_data,
follow_redirects=True,
)
assert User.query.filter_by(email=email).first()
time.sleep(2)
confirm(token, 1)
assert not User.query.filter_by(email=email).first()
def test_post_retrieve_with_password(self, client, email):
"""Test post-retrieve with good tokens."""
token = create_confirmation_token(
(email, "retrieve_password", datetime.utcnow().timestamp()))
new_password = create_random_password()
with client:
data = dict(password=new_password, password_confirm=new_password)
response: Response = client.post(
url_for("retrieve", token=token),
data=data,
follow_redirects=True,
)
assert "Пароль был успешно изменен." in response.get_data(True)
assert request.path == url_for("login")
data = dict(email=email, password=new_password)
client.post(url_for("login"), data=data, follow_redirects=True)
assert current_user.is_authenticated
def test_confirm_email_new_users(self, email, register_data, client):
"""Confirmation url got by a new user."""
register_data["email"] = email
token = create_confirmation_token(email)
link = url_for("confirm", token=token, _external=True)
with client:
with patch("web_shop.views.register_view.send_message"):
client.post(
url_for("register"),
data=register_data,
follow_redirects=True,
)
response: Response = client.get(link,
content_type="html/text",
follow_redirects=True)
assert request.path == url_for("login")
assert "Учётная запись подтверждена" in response.get_data(True)
user = User.query.filter_by(email=email).first()
assert user.is_active
def test_body_message(self, email):
message = create_message("", email)
token = create_confirmation_token(email)
link = url_for("confirm", token=token, _external=True)
message.body = f"Link in body {link}"
assert link in message.body