def test_unsuccessful_logout():
"""Trying to logout a user who is already logged out"""
clear()
new_user = gen_auth_register()
token = new_user["token"]
auth.auth_logout(token)
assert auth.auth_logout(token) == {'is_success': False}
def test_hangmne_normal():
"""
Test if hangman can start with correct input
"""
user_infor = auth_register("*****@*****.**", "ccc337992611", "Min",
"Li")
channel_infor = channels_create(user_infor['token'], 'test_one', True)
time_create_date = datetime.datetime.now().replace(microsecond=0)
time_create = time_create_date.timestamp()
message_id = message_send(user_infor['token'], channel_infor['channel_id'],
"/hangman")
assert search(BOT_TOKEN,
"A game of hangman has been started in this channel") == {
"messages": [{
'message_id': message_id["message_id"] + 1,
'u_id': -1,
'message':
"A game of hangman has been started in this channel",
'time_created': time_create,
'reacts': [set_reacts()],
'is_pinned': False
}]
}
auth_logout(BOT_TOKEN)
message_id = message_send(user_infor['token'], channel_infor['channel_id'],
"/guess e")
assert database.get_current_user(BOT_TOKEN) == -1
def test_logout_when_not_logged_in():
dict = auth.auth_register("*****@*****.**", "123456", "Sinha", "Nawa")
token = dict["token"]
auth.auth_logout(token)
assert auth.auth_logout(token) == {
'is_success': False,
}
def test_incorrect_password():
dict = auth.auth_register("*****@*****.**", "123456", "Sinha", "Nawa")
token = dict["token"]
u_id = dict["u_id"]
auth.auth_logout(token)
with pytest.raises(InputError):
auth.auth_login("*****@*****.**", "qwertyuiop")
def test_passwordreset_reset_success():
clear()
user = register_n_users(1)
# Logout, assert that user can login with old password, then logout again
assert auth_logout(user["token"])["is_success"] == True
user_data = auth_get_user_data_from_id(user["u_id"])
u_id = user_data["id"]
email = user_data["email"]
old_password = "******"
token = auth_login(email, old_password)["token"]
assert auth_logout(token)["is_success"] == True
# Reset password
auth_passwordreset_request(email)
reset_code = get_reset_code_from_user_id(u_id)
new_password = "******"
auth_passwordreset_reset(reset_code, new_password)
# Assert user can login with new password
token = auth_login(email, new_password)["token"]
# Ensure user cannot login with old password
auth_logout(token)
with pytest.raises(InputError):
assert auth_login(email, old_password)
def logout(request,
next_page=None,
template_name='registration/logged_out.html',
redirect_field_name=REDIRECT_FIELD_NAME,
current_app=None,
extra_context=None):
"""
Logs out the user and displays 'You are logged out' message.
"""
auth_logout(request)
redirect_to = request.REQUEST.get(redirect_field_name, '')
if redirect_to:
netloc = urlparse.urlparse(redirect_to)[1]
# Security check -- don't allow redirection to a different host.
if not (netloc and netloc != request.get_host()):
return HttpResponseRedirect(redirect_to)
if next_page is None:
current_site = get_current_site(request)
context = {
'site': current_site,
'site_name': current_site.name,
'title': _('Logged out')
}
if extra_context is not None:
context.update(extra_context)
return TemplateResponse(request,
template_name,
context,
current_app=current_app)
else:
# Redirect to this page until the session has been cleared.
return HttpResponseRedirect(next_page or request.path)
def test_passwordreset_reset_success_multiple_users():
clear()
user1, user2 = register_n_users(2)
# User 1 Data
user1_data = auth_get_user_data_from_id(user1["u_id"])
u_id_1 = user1_data["id"]
email_1 = user1_data["email"]
# User 2 Data
user2_data = auth_get_user_data_from_id(user2["u_id"])
u_id_2 = user2_data["id"]
email_2 = user2_data["email"]
# Logout
assert auth_logout(user1["token"])["is_success"] == True
assert auth_logout(user2["token"])["is_success"] == True
# Reset password
auth_passwordreset_request(email_1)
auth_passwordreset_request(email_2)
reset_code_1 = get_reset_code_from_user_id(u_id_1)
reset_code_2 = get_reset_code_from_user_id(u_id_2)
new_password_1 = "NewPassword123"
new_password_2 = "NewPassword124"
auth_passwordreset_reset(reset_code_2, new_password_2)
auth_passwordreset_reset(reset_code_1, new_password_1)
# Assert user can login with new password
assert auth_login(email_1, new_password_1)["token"]
assert auth_login(email_2, new_password_2)["token"]
def test_passwordreset_reset_request_twice():
clear()
user = register_n_users(1)
# Logout, assert that user can login with old password, then logout again
assert auth_logout(user["token"])["is_success"] == True
user_data = auth_get_user_data_from_id(user["u_id"])
u_id = user_data["id"]
email = user_data["email"]
old_password = "******"
token = auth_login(email, old_password)["token"]
assert auth_logout(token)["is_success"] == True
# Ask for a reset code twice
auth_passwordreset_request(email)
reset_code_1 = get_reset_code_from_user_id(u_id)
auth_passwordreset_request(email)
reset_code_2 = get_reset_code_from_user_id(u_id)
# The reset codes should be unique
assert reset_code_1 != reset_code_2
# Assert user cannot login with old reset code
new_password = "******"
with pytest.raises(InputError):
assert auth_passwordreset_reset(reset_code_1, new_password)
# Assert user can reset password with new reset code
auth_passwordreset_reset(reset_code_2, new_password)
# Assert user can login with new password
token = auth_login(email, new_password)["token"]
auth_logout(token)
def test_passwordreset_reset_success_twice():
clear()
user = register_n_users(1)
# Logout, assert that user can login with old password, then logout again
assert auth_logout(user["token"])["is_success"] == True
user_data = auth_get_user_data_from_id(user["u_id"])
u_id = user_data["id"]
email = user_data["email"]
old_password = "******"
token = auth_login(email, old_password)["token"]
assert auth_logout(token)["is_success"] == True
# Reset password
auth_passwordreset_request(email)
reset_code_1 = get_reset_code_from_user_id(u_id)
new_password = "******"
auth_passwordreset_reset(reset_code_1, new_password)
# Assert user can login with new password
token = auth_login(email, new_password)["token"]
auth_logout(token)
# Reset password again and try to login with 2nd new password
auth_passwordreset_request(email)
reset_code_2 = get_reset_code_from_user_id(u_id)
assert reset_code_1 != reset_code_2
new_password_2 = "NewPassword124"
auth_passwordreset_reset(reset_code_2, new_password_2)
token = auth_login(email, new_password_2)["token"]
def flush_standup(channel_id):
'''
Input: channel_id (int)
Returns: Nothing
Purpose: Helper function to concat messages in a standup and send them
at once
'''
with STANDUP_LOCK:
standups = get_standup()
try:
[to_flush
] = list(filter(lambda x: x['channel_id'] == channel_id,
standups))
to_send = '\n'.join(to_flush['messages'])
# message is empty.. do not bother
if not to_send:
standups.remove(to_flush)
return
# get the token given u_id
user_token = get_token(to_flush['u_id'])
if user_token is None:
# generate a temporary token
user_token = generate_token(to_flush['u_id'])
get_tokens()[user_token] = to_flush['u_id']
message_send(user_token, channel_id, to_send)
auth_logout(user_token)
else:
message_send(user_token, channel_id, to_send)
standups.remove(to_flush)
except ValueError:
pass
def test_login():
clear()
# Register then logout then normal login
info = auth_register("*****@*****.**", "sdfage9sgdfff", "France",
"Germany")
auth_logout(info['token'])
assert auth_login("*****@*****.**", "sdfage9sgdfff") == info
# Register then logout then provided an invalid email to log in
info = auth_register("*****@*****.**", "Idontloveyou", "Jonh",
"Sheppard")
auth_logout(info['token'])
with pytest.raises(InputError):
auth_login("iloveyou.gmail.com", "Idontloveyou")
# Register then logout then provided an email which has not been registered
info = auth_register("*****@*****.**", "Idfasdjfksdj0dfd",
"Francoise", "Sheppard")
auth_logout(info['token'])
with pytest.raises(InputError):
auth_login("*****@*****.**", "Idfasdjfksdj0dfd")
# Register then provided an email with a wrong password to login
info = auth_register("*****@*****.**", "Qwerty6", "Evie",
"Dunstone")
auth_logout(info['token'])
with pytest.raises(InputError):
auth_login("*****@*****.**", "Qwerty8")
# Register then logout then login the login again
info = auth_register("*****@*****.**", "fsdfsdfsDS23", "Hello", "Hi")
auth_logout(info['token'])
auth_login("*****@*****.**", "fsdfsdfsDS23")
assert auth_login("*****@*****.**", "fsdfsdfsDS23") == info
def test_auth_logout_2times():
clear()
weiqiang_token = auth_register('*****@*****.**',
'weiqiangpass1', 'Weiqiang1', 'Zhuang1')
auth_login("*****@*****.**", "weiqiangpass1")
auth_logout(weiqiang_token['token'])
assert auth_logout(weiqiang_token['token'])['is_success'] is False
def test_access_other_logged_out_profiles(get_users):
jwang_token, jwang_u_id, kli_token, kli_u_id = get_users
# user kli accessing profile of user jwang
assert user_profile(kli_token, jwang_u_id) == {
"user": {
"u_id": jwang_u_id,
"email": "*****@*****.**",
"name_first": "Joshua",
"name_last": "Wang",
"handle_str": "joshuawang",
"profile_img_url": ""
}
}
auth_logout(kli_token)
assert user_profile(jwang_token, kli_u_id) == {
"user": {
"u_id": kli_u_id,
"email": "*****@*****.**",
"name_first": "Ken",
"name_last": "Li",
"handle_str": "kenli",
"profile_img_url": ""
}
}
def test_users_all_complex():
user1_info = auth.auth_register('a@gmail', 'sadsad', 'aName', 'aLastname')
user2_info = auth.auth_register('b@gmail', 'sadsad', 'bName', 'bLastname')
# User2 logs out
auth.auth_logout(user2_info['token'])
# Giving all the users' profile details
assert other.users_all(user1_info['token']) == {
'users': [
{
'u_id': 1,
'email': 'a@gmail',
'name_first': 'aName',
'name_last': 'aLastname',
'handle_str': 'anamealastname',
},
{
'u_id': 2,
'email': 'b@gmail',
'name_first': 'bName',
'name_last': 'bLastname',
'handle_str': 'bnameblastname',
},
],
}
def test_not_login_before():
clear()
weiqiang_token = auth_register('*****@*****.**',
'weiqiangpass1', 'Weiqiang1', 'Zhuang1')
auth_logout(weiqiang_token['token'])
return_value = auth_login("*****@*****.**", "weiqiangpass1")
assert return_value['token'] == weiqiang_token['token']
def logout(request, next_page=None,
template_name='registration/logged_out.html',
redirect_field_name=REDIRECT_FIELD_NAME,
current_app=None, extra_context=None):
"""
Logs out the user and displays 'You are logged out' message.
"""
auth_logout(request)
redirect_to = request.REQUEST.get(redirect_field_name, '')
if redirect_to:
netloc = urlparse.urlparse(redirect_to)[1]
# Security check -- don't allow redirection to a different host.
if not (netloc and netloc != request.get_host()):
return HttpResponseRedirect(redirect_to)
if next_page is None:
current_site = get_current_site(request)
context = {
'site': current_site,
'site_name': current_site.name,
'title': _('Logged out')
}
if extra_context is not None:
context.update(extra_context)
return TemplateResponse(request, template_name, context,
current_app=current_app)
else:
# Redirect to this page until the session has been cleared.
return HttpResponseRedirect(next_page or request.path)
def test_login_incorrect_password():
""" Check InputError is thrown when an incorrect password is entered. """
user_session = auth.auth_register("*****@*****.**", "password", "Sheev",
"Palpatine")
auth.auth_logout(user_session.get('token'))
with pytest.raises(error.InputError):
auth.auth_login("*****@*****.**", "wrong_password")
def test_search_valid_v():
"""
test if token is bad it should appear a AccessError.
"""
login_infor = message_test.test_message_send()
auth.auth_logout(login_infor['token'])
with pytest.raises(error.AccessError):
other.search(login_infor['token'], 'a' * 99)
def test_logout_basic():
token = jwt.encode({'email': '*****@*****.**'}, 'password', algorithm = 'HS256')
token = token.decode('utf-8')
# logout works
assert auth_logout(token) == {'is_success': True} # Should log out user
assert auth_logout(token) == {'is_success': False} # Should do nothing
assert data['accounts'][0].token == ''
assert auth_logout('Inactive token') == {'is_success': False} # Should do nothing
def test_login_password():
workspace_reset()
user = auth_register('*****@*****.**', 'great_password101', 'Max',
'Smith')
auth_logout(user['token'])
with pytest.raises(InputError):
auth_login('*****@*****.**', 'poor_password')
def test_double_logout():
"""Test to check if double logout fails"""
clear()
new_user = gen_auth_register()
sucess_state = auth.auth_logout(new_user["token"])["is_success"]
assert sucess_state
sucess_state = auth.auth_logout(new_user["token"])["is_success"]
assert not sucess_state
def test_reseting_password():
workspace_reset()
data = get_store()
reg_dict = auth_register('*****@*****.**', 'password123',
'Max', 'Smith')
auth_logout(reg_dict['token'])
data.users.set_password(reg_dict['u_id'], 'wubbalubba')
auth_login('*****@*****.**', 'wubbalubba')
def test_auth_login_two_users():
other.clear()
user1 = auth_register('*****@*****.**', 'abcd1234', 'John', 'Smith')
user2 = auth_register('*****@*****.**', 'abcd1234', 'Will', 'Smith')
auth_logout(user1['token'])
auth_logout(user2['token'])
user2_login = auth_login('*****@*****.**', 'abcd1234')
assert user2_login['u_id'] == 2
def test_login():
workspace_reset()
user = auth_register('*****@*****.**', 'great_password101', 'Max',
'Smith')
auth_logout(user['token'])
user_logging_in = auth_login('*****@*****.**', 'great_password101')
assert user['u_id'] == user_logging_in['u_id']
def test_correct_password():
# if check(email) == True
dict = auth.auth_register("*****@*****.**", "123456", "Sinha", "Nawa")
token = dict["token"]
u_id = dict["u_id"]
auth.auth_logout(token)
with pytest.raises(InputError):
auth.auth_login("*****@*****.**", "123456")
def test_auth_logout_invalid():
'''
test invalid login info
'''
with pytest.raises(AccessError):
auth_logout(-1)
clear()
def test_login_double_login():
clear()
register_new_account()
token1 = auth_login("*****@*****.**", "123abc!@#")["token"]
token2 = auth_login("*****@*****.**", "123abc!@#")["token"]
assert token1 == token2
auth_logout(token1)
# A user shouldn't be logout twice just because they log in twice
assert auth_logout(token2)["is_success"] == False
def test_logout_login():
# if check(email) == True
reset_data()
owner = auth.auth_register("*****@*****.**", "123456", "Sinha", "Nawa")
auth.auth_logout(owner['token'])
auth.auth_login("*****@*****.**", "123456")
assert auth.auth_logout(owner['token']) == {
'is_success': True,
}
def test_auth_logout_valid_token():
clear()
registered = auth_register('*****@*****.**', 'password', 'firstName',
'lastName')
assert registered['token'] is not None
result = auth_logout(registered['token']) # Can't possibly be wrong
assert result['is_success']
secondAttempt = auth_logout(registered['token']) # Should now be invalid
assert not secondAttempt['is_success']
def test_logout_login():
# if check(email) == True
dict = auth.auth_register("*****@*****.**", "123456", "Sinha", "Nawa")
token = dict["token"]
u_id = dict["u_id"]
auth.auth_logout("12345")
auth.auth_login("*****@*****.**", "123456")
assert auth.auth_logout(token) == {
'is_success': True,
}
def test_auth_register_several_users():
clear()
result1 = auth_register('*****@*****.**', '123abc', 'Cosmo', 'Kearns')
result2 = auth_register('*****@*****.**', '123abc!@#', 'A', 'Zhang')
result3 = auth_register(
"*****@*****.**", '123abc!@#',
'BrendenBrendenBrendenBrendenBrendenBrendenBrendena', 'Partridge')
assert auth_logout(result1['token'])
assert auth_logout(result2['token'])
assert auth_logout(result3['token'])
def logout():
auth_logout(g.user)
return redirect(url_for('home'))
