def _assert_settings_account_details_POST_bad_request( self, user_id, data, expected_text): response = self._send_settings_account_details_POST_request(data) user = User.objects(id=user_id).first() assert response.status_code == 400 assert expected_text.encode() in response.data assert not user.last_updated
def _assert_verify_GET_ok(self, token, email): response = self._send_verify_GET_request(token) user = User.objects(email=email).first() assert response.status_code == 200 assert b'Personal Boards' in response.data assert user.is_active assert user.last_updated
def _assert_settings_update_password_POST_bad_request( self, auth_id, data, expected_text): response = self._send_settings_update_password_POST_request(data) user = User.objects(auth_id=auth_id).first() assert response.status_code == 400 assert expected_text.encode() in response.data assert not user.last_updated
def _assert_reset_password_POST_ok(self, user_id, auth_id, data): token = self._get_reset_password_token(auth_id=str(auth_id)) response = self._send_reset_password_POST_request(data, token) user = User.objects(id=user_id).first() assert response.status_code == 200 assert b'Your password has been reset' in response.data assert user.auth_id != auth_id assert user.last_updated assert user.verify_password(data['new_password'])
def _assert_reset_password_POST_bad_request(self, auth_id, data, expected_text): token = self._get_reset_password_token(auth_id=str(auth_id)) response = self._send_reset_password_POST_request(data, token) user = User.objects(auth_id=auth_id).first() assert response.status_code == 400 assert expected_text.encode() in response.data assert not user.last_updated assert not user.verify_password(data.get('new_password'))
def validate_on_submit(self): if not super().validate_on_submit(): return False if User.objects(email=self.email.data).first(): self.email.errors.append( 'There is already an account with this email', ) return False return True
def _assert_settings_update_email_POST_bad_request(self, user_id, auth_id, data, expected_text): response = self._send_settings_update_email_POST_request(data) user = User.objects(id=user_id).first() assert response.status_code == 400 assert expected_text.encode() in response.data assert user.is_active assert user.auth_id == auth_id assert user.email != data['email'] assert not user.last_updated
def validate_on_submit(self): if not super().validate_on_submit(): return False self.user = User.objects(email=self.email.data).first() if not self.user: self.email.errors.append('There is no account with this email') return False return True
def reset_password_GET(token): auth_id = deserialize_password_reset_token(token) user = User.objects(auth_id=auth_id).first() if not user: abort(404) return render_template( 'auth/reset-password.html', form=ResetPasswordForm(request.form), )
def _assert_sign_up_POST_ok(self, data, sent_email=True): response = self._send_sign_up_POST_request(data) user = User.objects(email=data['email']).first() assert response.status_code == 200 if sent_email: assert b'A verification email has been sent' in response.data else: assert b'Could not send a verification email' in response.data assert not user.is_active assert user.initials assert user.name == data['name'] assert user.verify_password(data['password'])
def _assert_settings_account_details_POST_ok(self, user_id, data, updated=True): response = self._send_settings_account_details_POST_request(data) user = User.objects(id=user_id).first() assert response.status_code == 200 assert user.initials == data['initials'].upper() assert user.name == data['name'] if updated: assert b'Your account details have been updated' in response.data assert user.last_updated else: assert b'No update needed' in response.data assert not user.last_updated
def validate_on_submit(self): if not super().validate_on_submit(): return False self.user = User.objects(email=self.email.data).first() if not self.user: self.email.errors.append('There is no account with this email') return False if self.user.is_active: self.email.errors.append('This account has already been verified') return False return True
def validate_on_submit(self): if not super().validate_on_submit(): return False if not current_user.verify_password(self.password.data): self.password.errors.append('Incorrect password') return False existing_user = User.objects(email=self.email.data).first() if current_user.email != self.email.data and existing_user: self.email.errors.append( 'There is already an account with this email', ) return False return True
def _assert_settings_update_password_POST_ok(self, user_id, auth_id, data, updated=True): response = self._send_settings_update_password_POST_request(data) user = User.objects(id=user_id).first() assert response.status_code == 200 assert user.verify_password(data['new_password']) if updated: assert b'Your password has been updated' in response.data assert user.auth_id != auth_id assert user.last_updated else: assert b'No update needed' in response.data assert user.auth_id == auth_id assert not user.last_updated
def validate_on_submit(self): if not super().validate_on_submit(): return False self.user = User.objects(email=self.email.data).first() if not self.user or not self.user.verify_password(self.password.data): self.email.errors.append('Incorrect email') self.password.errors.append('Incorrect password') return False if not self.user.is_active: self.email.errors.append( 'Please verify your email before logging in', ) return False return True
def create_board(cls, **kwargs): board = Board() board.created_by = kwargs.get('created_by', cls.user.id) board.name = kwargs.get( 'name', cls.fake.pystr(min_chars=1, max_chars=256), ) board.owner_id = kwargs.get('owner_id', cls.user.id) board.type = kwargs.get('type', BoardType.PERSONAL.id) board.visibility = kwargs.get('visibility', BoardVisibility.PRIVATE.id) saved_board = board.save() user = User.objects(id=saved_board.owner_id).first() if user: user.boards.append(saved_board) user.save() return saved_board
def _assert_settings_update_email_POST_ok(self, user_id, auth_id, data, updated=True): response = self._send_settings_update_email_POST_request(data) user = User.objects(id=user_id).first() assert response.status_code == 200 assert user.email == data['email'] if updated: assert b'A verification email has been sent' in response.data assert not user.is_active assert user.auth_id != auth_id assert user.last_updated else: assert b'No update needed' in response.data assert user.is_active assert user.auth_id == auth_id assert not user.last_updated
def reset_password_POST(token): auth_id = deserialize_password_reset_token(token) user = User.objects(auth_id=auth_id).first() if not user: abort(404) form = ResetPasswordForm(request.form) if not form.validate_on_submit(): return render_template('auth/reset-password.html', form=form), 400 user.password = User.encrypt_password(form.new_password.data) user.auth_id = ObjectId() user.last_updated = datetime.utcnow() user.save() flash('Your password has been reset.', 'success') login_user(user) return redirect(url_for('user.boards_GET'))
def verify_GET(token): auth_id = deserialize_verification_token(token) user = User.objects(auth_id=auth_id).first() if not user: abort(404) user.active = True user.auth_id = ObjectId() user.last_updated = datetime.utcnow() user.save() login_user(user) flash('Your email address has been verified.', 'success') next_target = request.args.get('next') if not is_safe_url(next_target): abort(400) return redirect(next_target or url_for('user.boards_GET'))
def load_user(user_id): return User.objects(auth_id=to_ObjectId(user_id)).first()
def get_owner_from_id(owner_id): return User.objects(id=to_ObjectId(owner_id)).first()
def _assert_verify_GET_not_found(self, token, email): response = self._send_verify_GET_request(token) user = User.objects(email=email).first() assert response.status_code == 404 assert b'Not Found' in response.data assert not user or not user.is_active
def _assert_sign_up_POST_bad_request(self, data, expected_text): response = self._send_sign_up_POST_request(data) user = User.objects(email=data.get('email')).first() assert response.status_code == 400 assert expected_text.encode() in response.data assert not user or user == self.user