def test_reset_password(self):
response = self.client.post(url_for('auth.forget_password'),
data=dict(email='*****@*****.**', ),
follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('Password reset email sent, check your inbox.', data)
user = User.query.filter_by(email='*****@*****.**').first()
self.assertTrue(user.validate_password('123'))
token = generate_token(user=user, operation=Operations.RESET_PASSWORD)
response = self.client.post(url_for('auth.reset_password',
token=token),
data=dict(email='*****@*****.**',
password='******',
password2='new-password'),
follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('Password updated.', data)
self.assertTrue(user.validate_password('new-password'))
self.assertFalse(user.validate_password('123'))
# bad token
response = self.client.post(url_for('auth.reset_password',
token='bad token'),
data=dict(email='*****@*****.**',
password='******',
password2='new-password'),
follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('Invalid or expired link.', data)
self.assertNotIn('Password updated.', data)
def resend_confirm_email():
if current_user.confirmed:
return redirect(url_for('main.index'))
token = generate_token(user=current_user, operation=Operations.CONFIRM)
send_confirm_email(user=current_user, token=token)
flash('New email sent, check your inbox.', 'info')
return redirect(url_for('main.index'))
def test_confirm_account(self):
user = User.query.filter_by(email='*****@*****.**').first()
self.assertFalse(user.confirmed)
token = generate_token(user=user, operation='confirm')
self.login(email='*****@*****.**', password='******')
response = self.client.get(url_for('auth.confirm', token=token),
follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('Account confirmed.', data)
self.assertTrue(user.confirmed)
def change_email_request():
form = ChangeEmailForm()
if form.validate_on_submit():
token = generate_token(user=current_user,
operation=Operations.CHANGE_EMAIL,
new_email=form.email.data.lower())
send_change_email_email(to=form.email.data,
user=current_user,
token=token)
flash('Confirm email sent, check your inbox.', 'info')
return redirect(url_for('.index', username=current_user.username))
return render_template('user/settings/change_email.html', form=form)
def forget_password():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = ForgetPasswordForm()
if form.validate_on_submit():
user = User.query.filter_by(email=form.email.data.lower()).first()
if user:
token = generate_token(user=user,
operation=Operations.RESET_PASSWORD)
send_reset_password_email(user=user, token=token)
flash('Password reset email sent, check your inbox.', 'info')
return redirect(url_for('.login'))
flash('Invalid email.', 'warning')
return redirect(url_for('.forget_password'))
return render_template('auth/reset_password.html', form=form)
def test_change_email(self):
user = User.query.get(2)
self.assertEqual(user.email, '*****@*****.**')
token = generate_token(user=user,
operation=Operations.CHANGE_EMAIL,
new_email='*****@*****.**')
self.login()
response = self.client.get(url_for('user.change_email', token=token),
follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('Email updated.', data)
self.assertEqual(user.email, '*****@*****.**')
response = self.client.get(url_for('user.change_email', token='bad'),
follow_redirects=True)
data = response.get_data(as_text=True)
self.assertIn('Invalid or expired token.', data)
def register():
if current_user.is_authenticated:
return redirect(url_for('main.index'))
form = RegisterForm()
if form.validate_on_submit():
name = form.name.data
email = form.email.data.lower()
username = form.username.data
password = form.password.data
user = User(name=name, email=email, username=username)
user.set_password(password)
db.session.add(user)
db.session.commit()
token = generate_token(user=user, operation='confirm')
send_confirm_email(user=user, token=token)
flash('Confirm email sent, check your inbox.', 'info')
return redirect(url_for('.login'))
return render_template('auth/register.html', form=form)