def test_returning_user_with_remember_me(self, mocked): # get a valid login link/provider providers = OAuthProvider() valid_providers = providers.get_slugs() self.assertTrue(valid_providers) # create a mock object for Authomatic.login() mocked.return_value = MockAuthomatic() # create user and token user = User(email='*****@*****.**') user.remember_me_token = user.get_token() db.session.add(user) db.session.commit() # create cookies self.app.set_cookie('localhost', 'user_id', '1') self.app.set_cookie('localhost', 'remember_me', user.get_hash()) # assert user is logged in resp = self.app.get('/') self.assertIn('href="/logout"', resp.data) self.assertNotIn('href="/login', resp.data) # clean cookis for next sessions self.app.delete_cookie('localhost', 'user_id') self.app.delete_cookie('localhost', 'remember_me')
def test_valid_email(self): fake = Factory.create() valid_emails = [ '*****@*****.**', '*****@*****.**', '*****@*****.**' ] invalid_emails = [ 'user@example,com', 'user_at_foo.org', 'user.name@example.', 'foo@bar_baz.com', 'foo@bar+baz.com' ] should_be_valid_emails = [fake.email() for i in range(42)] johndoe = User() for email in valid_emails: johndoe.email = email self.assertTrue(johndoe.valid_email()) for email in invalid_emails: johndoe.email = email self.assertFalse(johndoe.valid_email()) for email in should_be_valid_emails: johndoe.email = email self.assertTrue(johndoe.valid_email())
def test_valid_email(self): fake = Factory.create() valid_emails = ['*****@*****.**', '*****@*****.**', '*****@*****.**'] invalid_emails = ['user@example,com', 'user_at_foo.org', 'user.name@example.', 'foo@bar_baz.com', 'foo@bar+baz.com'] should_be_valid_emails = [fake.email() for i in range(42)] johndoe = User() for email in valid_emails: johndoe.email = email self.assertTrue(johndoe.valid_email()) for email in invalid_emails: johndoe.email = email self.assertFalse(johndoe.valid_email()) for email in should_be_valid_emails: johndoe.email = email self.assertTrue(johndoe.valid_email())
def login(provider): # after login url next_page = 'site.index' # check if provider is valid providers = OAuthProvider() if provider not in providers.get_slugs(): abort(404) # create authomatic and response objects authomatic = Authomatic(providers.credentials, app.config['SECRET_KEY'], report_errors=True) oauth_response = make_response() # try login provider_name = providers.get_name(provider) adapter = WerkzeugAdapter(request, oauth_response) result = authomatic.login(adapter, provider_name) if result: # flash error message if any if result.error and app.debug: session['remember_me'] = False session['provider'] = None msg = BeautifulSoup(result.error.message).findAll(text=True) flash({'type': 'alert', 'text': ' '.join(msg)}) # if success redir_resp = make_response(redirect(url_for(next_page))) if result.user: result.user.update() # check if api sent email address if not result.user.email: msg = '{} is refusing to send us your email address. ' msg += 'Please, try another log in provider.' flash({'type': 'error', 'text': msg.format(provider_name)}) next_page = 'site.login_options' # manage user data in db else: # convert all emails to lowercase (avoids duplicity in db) result.user.email = result.user.email.lower() # if existing user user = User.query.filter_by(email=result.user.email).first() if user: if provider != user.created_with: return redirect('/login/{}'.format(user.created_with)) user.last_seen = datetime.now() db.session.add(user) db.session.commit() # if new user else: now = datetime.now() roles = Group() if result.user.email in app.config['ADMIN']: role = roles.default('admin') else: role = roles.default() new_user = User(email=result.user.email, name=result.user.name, created_with=provider, created_at=now, last_seen=now, group=role) # check if email address is valid if not new_user.valid_email(): msg = 'The address “{}” provided by {} is not a valid ' msg += 'email. Please, try another log in provider.' flash({ 'type': 'error', 'text': msg.format(new_user.email, provider_name) }) next_page = 'site.login_options' # save user to db else: db.session.add(new_user) db.session.commit() new_query = User.query.filter_by(email=new_user.email) user = new_query.first() # login user if user and user.valid_email(): login_user(user) flash({ 'type': 'success', 'text': 'Welcome, {}'.format(result.user.name) }) # remember me remember_me = session.get('remember_me', False) if remember_me: session_provider = session.get('provider', False) if provider == session_provider: session['remember_me'] = False session['provider'] = None user.remember_me_token = user.get_token() db.session.add(user) db.session.commit() max_age = 60 * 60 * 24 * 30 redir_resp.set_cookie('remember_me', user.get_hash(), max_age=max_age) redir_resp.set_cookie('user_id', str(user.id), max_age=max_age) return redir_resp return oauth_response
def login(provider): # after login url next_page = 'site.index' # check if provider is valid providers = OAuthProvider() if provider not in providers.get_slugs(): abort(404) # create authomatic and response objects authomatic = Authomatic(providers.credentials, app.config['SECRET_KEY'], report_errors=True) oauth_response = make_response() # try login provider_name = providers.get_name(provider) adapter = WerkzeugAdapter(request, oauth_response) result = authomatic.login(adapter, provider_name) if result: # flash error message if any if result.error and app.debug: session['remember_me'] = False session['provider'] = None msg = BeautifulSoup(result.error.message).findAll(text=True) flash({'type': 'alert', 'text': ' '.join(msg)}) # if success redir_resp = make_response(redirect(url_for(next_page))) if result.user: result.user.update() # check if api sent email address if not result.user.email: msg = '{} is refusing to send us your email address. ' msg += 'Please, try another log in provider.' flash({'type': 'error', 'text': msg.format(provider_name)}) next_page = 'site.login_options' # manage user data in db else: # convert all emails to lowercase (avoids duplicity in db) result.user.email = result.user.email.lower() # if existing user user = User.query.filter_by(email=result.user.email).first() if user: if provider != user.created_with: return redirect('/login/{}'.format(user.created_with)) user.last_seen = datetime.now() db.session.add(user) db.session.commit() # if new user else: now = datetime.now() roles = Group() if result.user.email in app.config['ADMIN']: role = roles.default('admin') else: role = roles.default() new_user = User(email=result.user.email, name=result.user.name, created_with=provider, created_at=now, last_seen=now, group=role) # check if email address is valid if not new_user.valid_email(): msg = 'The address “{}” provided by {} is not a valid ' msg += 'email. Please, try another log in provider.' flash({'type': 'error', 'text': msg.format(new_user.email, provider_name)}) next_page = 'site.login_options' # save user to db else: db.session.add(new_user) db.session.commit() new_query = User.query.filter_by(email=new_user.email) user = new_query.first() # login user if user and user.valid_email(): login_user(user) flash({'type': 'success', 'text': 'Welcome, {}'.format(result.user.name)}) # remember me remember_me = session.get('remember_me', False) if remember_me: session_provider = session.get('provider', False) if provider == session_provider: session['remember_me'] = False session['provider'] = None user.remember_me_token = user.get_token() db.session.add(user) db.session.commit() max_age = 60 * 60 * 24 * 30 redir_resp.set_cookie('remember_me', user.get_hash(), max_age=max_age) redir_resp.set_cookie('user_id', str(user.id), max_age=max_age) return redir_resp return oauth_response
def test_token_and_hash(self): user = User() user.remember_me_token = user.get_token() self.assertTrue(user.check_hash(user.get_hash())) self.assertFalse(user.check_hash(''))