Example #1
0
 def create_user(cls, **kwargs):
     user = User()
     user.active = kwargs.get('active', True)
     user.email = kwargs.get('email', cls.fake.email())
     user.initials = kwargs.get(
         'initials',
         cls.fake.pystr(min_chars=1, max_chars=4).upper(),
     ).upper()
     user.name = kwargs.get('name', cls.fake.name())
     user.password = User.encrypt_password(
         kwargs.get('password', cls.fake.password()), )
     return user.save()
Example #2
0
 def _assert_settings_account_details_POST_bad_request(
         self, user_id, data, expected_text):
     response = self._send_settings_account_details_POST_request(data)
     user = User.objects(id=user_id).first()
     assert response.status_code == 400
     assert expected_text.encode() in response.data
     assert not user.last_updated
Example #3
0
 def _assert_verify_GET_ok(self, token, email):
     response = self._send_verify_GET_request(token)
     user = User.objects(email=email).first()
     assert response.status_code == 200
     assert b'Personal Boards' in response.data
     assert user.is_active
     assert user.last_updated
Example #4
0
 def _assert_settings_update_password_POST_bad_request(
         self, auth_id, data, expected_text):
     response = self._send_settings_update_password_POST_request(data)
     user = User.objects(auth_id=auth_id).first()
     assert response.status_code == 400
     assert expected_text.encode() in response.data
     assert not user.last_updated
Example #5
0
 def _assert_reset_password_POST_bad_request(self, auth_id, data,
                                             expected_text):
     token = self._get_reset_password_token(auth_id=str(auth_id))
     response = self._send_reset_password_POST_request(data, token)
     user = User.objects(auth_id=auth_id).first()
     assert response.status_code == 400
     assert expected_text.encode() in response.data
     assert not user.last_updated
     assert not user.verify_password(data.get('new_password'))
Example #6
0
 def _assert_reset_password_POST_ok(self, user_id, auth_id, data):
     token = self._get_reset_password_token(auth_id=str(auth_id))
     response = self._send_reset_password_POST_request(data, token)
     user = User.objects(id=user_id).first()
     assert response.status_code == 200
     assert b'Your password has been reset' in response.data
     assert user.auth_id != auth_id
     assert user.last_updated
     assert user.verify_password(data['new_password'])
Example #7
0
    def validate_on_submit(self):
        if not super().validate_on_submit():
            return False

        if User.objects(email=self.email.data).first():
            self.email.errors.append(
                'There is already an account with this email', )
            return False

        return True
Example #8
0
 def _assert_settings_update_email_POST_bad_request(self, user_id, auth_id,
                                                    data, expected_text):
     response = self._send_settings_update_email_POST_request(data)
     user = User.objects(id=user_id).first()
     assert response.status_code == 400
     assert expected_text.encode() in response.data
     assert user.is_active
     assert user.auth_id == auth_id
     assert user.email != data['email']
     assert not user.last_updated
Example #9
0
    def validate_on_submit(self):
        if not super().validate_on_submit():
            return False

        self.user = User.objects(email=self.email.data).first()

        if not self.user:
            self.email.errors.append('There is no account with this email')
            return False

        return True
Example #10
0
def reset_password_GET(token):
    auth_id = deserialize_password_reset_token(token)
    user = User.objects(auth_id=auth_id).first()

    if not user:
        abort(404)

    return render_template(
        'auth/reset-password.html',
        form=ResetPasswordForm(request.form),
    )
Example #11
0
 def _assert_sign_up_POST_ok(self, data, sent_email=True):
     response = self._send_sign_up_POST_request(data)
     user = User.objects(email=data['email']).first()
     assert response.status_code == 200
     if sent_email:
         assert b'A verification email has been sent' in response.data
     else:
         assert b'Could not send a verification email' in response.data
     assert not user.is_active
     assert user.initials
     assert user.name == data['name']
     assert user.verify_password(data['password'])
Example #12
0
def reset_password_POST(token):
    auth_id = deserialize_password_reset_token(token)
    user = User.objects(auth_id=auth_id).first()

    if not user:
        abort(404)

    form = ResetPasswordForm(request.form)

    if not form.validate_on_submit():
        return render_template('auth/reset-password.html', form=form), 400

    user.password = User.encrypt_password(form.new_password.data)
    user.auth_id = ObjectId()
    user.last_updated = datetime.utcnow()
    user.save()

    flash('Your password has been reset.', 'success')

    login_user(user)

    return redirect(url_for('user.boards_GET'))
Example #13
0
def sign_up_POST():
    form = SignUpForm(request.form)

    if not form.validate_on_submit():
        return render_template('auth/sign-up.html', form=form), 400

    user = User()
    form.populate_obj(user)
    user.initials = User.create_initials(user.name)
    user.password = User.encrypt_password(form.password.data)
    user.save()

    send_verification_email(user)

    return redirect(url_for('auth.verify_resend_GET', email=form.email.data))
Example #14
0
 def _assert_settings_account_details_POST_ok(self,
                                              user_id,
                                              data,
                                              updated=True):
     response = self._send_settings_account_details_POST_request(data)
     user = User.objects(id=user_id).first()
     assert response.status_code == 200
     assert user.initials == data['initials'].upper()
     assert user.name == data['name']
     if updated:
         assert b'Your account details have been updated' in response.data
         assert user.last_updated
     else:
         assert b'No update needed' in response.data
         assert not user.last_updated
Example #15
0
    def validate_on_submit(self):
        if not super().validate_on_submit():
            return False

        self.user = User.objects(email=self.email.data).first()

        if not self.user:
            self.email.errors.append('There is no account with this email')
            return False

        if self.user.is_active:
            self.email.errors.append('This account has already been verified')
            return False

        return True
Example #16
0
    def validate_on_submit(self):
        if not super().validate_on_submit():
            return False

        if not current_user.verify_password(self.password.data):
            self.password.errors.append('Incorrect password')
            return False

        existing_user = User.objects(email=self.email.data).first()

        if current_user.email != self.email.data and existing_user:
            self.email.errors.append(
                'There is already an account with this email', )
            return False

        return True
Example #17
0
    def validate_on_submit(self):
        if not super().validate_on_submit():
            return False

        self.user = User.objects(email=self.email.data).first()

        if not self.user or not self.user.verify_password(self.password.data):
            self.email.errors.append('Incorrect email')
            self.password.errors.append('Incorrect password')
            return False

        if not self.user.is_active:
            self.email.errors.append(
                'Please verify your email before logging in', )
            return False

        return True
Example #18
0
 def _assert_settings_update_password_POST_ok(self,
                                              user_id,
                                              auth_id,
                                              data,
                                              updated=True):
     response = self._send_settings_update_password_POST_request(data)
     user = User.objects(id=user_id).first()
     assert response.status_code == 200
     assert user.verify_password(data['new_password'])
     if updated:
         assert b'Your password has been updated' in response.data
         assert user.auth_id != auth_id
         assert user.last_updated
     else:
         assert b'No update needed' in response.data
         assert user.auth_id == auth_id
         assert not user.last_updated
Example #19
0
    def create_board(cls, **kwargs):
        board = Board()
        board.created_by = kwargs.get('created_by', cls.user.id)
        board.name = kwargs.get(
            'name',
            cls.fake.pystr(min_chars=1, max_chars=256),
        )
        board.owner_id = kwargs.get('owner_id', cls.user.id)
        board.type = kwargs.get('type', BoardType.PERSONAL.id)
        board.visibility = kwargs.get('visibility', BoardVisibility.PRIVATE.id)
        saved_board = board.save()

        user = User.objects(id=saved_board.owner_id).first()
        if user:
            user.boards.append(saved_board)
            user.save()

        return saved_board
Example #20
0
 def _assert_settings_update_email_POST_ok(self,
                                           user_id,
                                           auth_id,
                                           data,
                                           updated=True):
     response = self._send_settings_update_email_POST_request(data)
     user = User.objects(id=user_id).first()
     assert response.status_code == 200
     assert user.email == data['email']
     if updated:
         assert b'A verification email has been sent' in response.data
         assert not user.is_active
         assert user.auth_id != auth_id
         assert user.last_updated
     else:
         assert b'No update needed' in response.data
         assert user.is_active
         assert user.auth_id == auth_id
         assert not user.last_updated
Example #21
0
def verify_GET(token):
    auth_id = deserialize_verification_token(token)
    user = User.objects(auth_id=auth_id).first()

    if not user:
        abort(404)

    user.active = True
    user.auth_id = ObjectId()
    user.last_updated = datetime.utcnow()
    user.save()

    login_user(user)

    flash('Your email address has been verified.', 'success')

    next_target = request.args.get('next')

    if not is_safe_url(next_target):
        abort(400)

    return redirect(next_target or url_for('user.boards_GET'))
Example #22
0
def settings_update_password_POST():
    form = UpdatePasswordForm(request.form)

    if not form.validate_on_submit():
        return render_template(
            'user/settings-update-password.html',
            form=form,
        ), 400

    if not form.update_needed():
        flash('No update needed.', 'info')
        return redirect(url_for('user.settings_update_password_POST'))

    current_user.password = User.encrypt_password(form.new_password.data)
    current_user.auth_id = ObjectId()
    current_user.last_updated = datetime.utcnow()
    current_user.save()

    flash('Your password has been updated.', 'success')

    login_user(current_user)

    return redirect(url_for('user.settings_update_password_POST'))
Example #23
0
def get_owner_from_id(owner_id):
    return User.objects(id=to_ObjectId(owner_id)).first()
Example #24
0
def load_user(user_id):
    return User.objects(auth_id=to_ObjectId(user_id)).first()
Example #25
0
 def _assert_sign_up_POST_bad_request(self, data, expected_text):
     response = self._send_sign_up_POST_request(data)
     user = User.objects(email=data.get('email')).first()
     assert response.status_code == 400
     assert expected_text.encode() in response.data
     assert not user or user == self.user
Example #26
0
 def _assert_verify_GET_not_found(self, token, email):
     response = self._send_verify_GET_request(token)
     user = User.objects(email=email).first()
     assert response.status_code == 404
     assert b'Not Found' in response.data
     assert not user or not user.is_active