def register(): # TODO: Send confirmation link if request.method == 'POST': email = request.form['email'] password = request.form['password'] password_re = request.form['password_re'] error = None user_db = UserDB() if not email: error = 'Eine E-Mail Adresse wird benötigt.' elif not check_valid_email(email): error = 'Die E-Mail Adresse scheint nicht korrekt zu sein.' elif not password: error = 'Ein Passwort wird benötigt.' elif password != password_re: error = 'Passwörter stimmen nicht überein.' elif user_db.select_user(email=email) is not None: error = 'Die E-Mail Adresse {} ist schon registriert.'.format( email) if error is None: user_db.add_user(email, generate_password_hash(password)) return redirect(url_for('auth.login')) log.info('Invalid registration with email %s', email) flash(error) return render_template('auth/register.html')
def load_logged_in_user(): """Load the user data into g.""" user_id = session.get('user_id') if user_id is None: g.user = None else: user_db = UserDB() g.user = user_db.select_user(user_id=user_id)
def test_select_user(app): with app.app_context(): user_db = UserDB() user_id = user_db.select_user(user_id=2) email = user_db.select_user(email='*****@*****.**') no_entry = user_db.select_user(email='*****@*****.**') assert user_id['email'] == '*****@*****.**' assert email['id'] == 2 assert no_entry is None
def test_add_user(app, MonkeyEmail): with app.app_context(): user_db = UserDB() email = '*****@*****.**' password = '******' user_db.add_user(email=email, encrypted_password=password) user_id = user_db.select_user(email='*****@*****.**') assert user_id is not None assert MonkeyEmail.called assert MonkeyEmail.recipient == email assert MonkeyEmail.subject == 'Registrierung für die GEclass' assert 'registriert haben' in MonkeyEmail.content
def change_pwd_command(email, new_password): """Create CLI to change the password of a user. Sometime a user may loose their password. It can be set to a given value by calling :: $ flask change-pwd [email protected] new_password """ user_db = UserDB() user = user_db.select_user(email=email) log.info('Force password change for user %s with email %s', user['id'], user['email']) user_db.change_password(user_id=user['id'], new_password=generate_password_hash(new_password))
def add_course(self, user_id, fields): """Add a new course to the database. Args: user_id (int): The id of the owner of the course. course_name (str): Some name for the course. It does not need to be unique. >>> get_courses(user_id=1) >>> for course in courses: ... print(course['name']) 'uni_potsdam_biochem_2018' 'uni_potsdam_phys_2018' >>> add_course(user_id=1, name='a_new_name') >>> get_courses(user_id=1) >>> for course in courses: ... print(course['name']) 'uni_potsdam_biochem_2018' 'uni_potsdam_phys_2018' 'a_new_name' """ log.info('Added new course %s for user %s', fields['name'], user_id) columns = ['user_id', 'identifier'] values = [str(user_id), self.generate_identifier()] for key in fields: columns.append(key) values.append(fields[key]) course_name = fields["name"] pre_start_date = fields["start_date_pre"] pre_start_date = date.fromtimestamp(int(fields['start_date_pre'])) user_db = UserDB() email = user_db.get_email(user_id) geclass.send_email.SendEmail( email, 'Kurs Registrierung GEclass', """Vielen Dank, dass Sie den Kurs {} bei der GEclass registriert haben. Die ID des Kurses lautet: {}. Die Prä-Befragung startet am {}. Sie werden an diesem Tag auch eine Erinnerungsemail erhalten. Vielen Dank für die Teilnahme an diesem Projekt.""".format( course_name, values[1], pre_start_date.isoformat()), ) self.add(table='course', columns=columns, values=values)
def test_register(client, app, MonkeyEmail): username = '******' # register is available assert client.get('/auth/register').status_code == 200 response = client.post( '/auth/register', data={'email': username, 'password': '******', 'password_re': 'a'} ) # after successful register reroute to login assert response.headers['Location'] == 'http://localhost/auth/login' with app.app_context(): user_db = UserDB() assert user_db.select_user(email=username) is not None assert MonkeyEmail.called assert MonkeyEmail.recipient == username assert MonkeyEmail.subject == 'Registrierung für die GEclass' assert 'registriert haben' in MonkeyEmail.content
def login(): if request.method == 'POST': email = request.form['email'] password = request.form['password'] error = None user_db = UserDB() user = user_db.select_user(email=email) if user is None: error = 'E-Mail Adresse oder Passwort sind falsch.' elif not check_password_hash(user['password'], password): error = 'E-Mail Adresse oder Passwort sind falsch.' log.info('Incorrect password entry by user %s', user['id']) if error is None: session.clear() session['user_id'] = user['id'] log.info('User %s logged in', user['id']) return redirect(url_for('index')) flash(error) return render_template('auth/login.html')
def test_change_email(client, app, auth): # non logged in user redirected to log in response = client.get('/auth/change_data') assert response.headers['Location'] == 'http://localhost/auth/login' auth.login() # need to change something response = client.post( '/auth/change_data', data={'email': '', 'password': ''}) assert b'Entweder eine neue E-Mail Adresse oder ein ' in response.data # cannot change both response = client.post( '/auth/change_data', data={'email': '*****@*****.**', 'password': '******'}) assert b'Die E-Mail Adresse und das Passwort k\xc3\xb6nn' in response.data # can change email response = client.post( '/auth/change_data', data={'email': '*****@*****.**', 'password': ''}) assert response.headers['Location'] == 'http://localhost/' with app.app_context(): user_db = UserDB() assert user_db.select_user(email="*****@*****.**") is not None # can change password response = client.post( '/auth/change_data', data={'email': '', 'password': '******'}) assert response.headers['Location'] == 'http://localhost/' with app.app_context(): user_db = UserDB() assert check_password_hash( user_db.select_user(email="*****@*****.**")['password'], 'abc')
def change_data(): if request.method == 'POST': # TODO: Reenter password email = request.form['email'] password = request.form['password'] error = None if not (email or password): error = 'Entweder eine neue E-Mail Adresse oder ein neues ' + \ 'Passwort müssen geetzt werden.' elif email and password: error = 'Die E-Mail Adresse und das Passwort können nicht ' + \ 'zur selben Zeit geändert werden.' elif email: if not check_valid_email(email): error = 'Die E-Mail Adresse scheint nicht korrekt zu sein.' if error is None: user_db = UserDB() if email: user_db.change_email(user_id=session['user_id'], new_email=email) else: user_db.change_password( user_id=session['user_id'], new_password=generate_password_hash(password)) return redirect(url_for('index')) flash(error) return render_template('auth/change_data.html')
def test_change_password(app): with app.app_context(): user_db = UserDB() new_password = '******' user = user_db.select_user(user_id=2) assert user['password'] != new_password user_db.change_password(user_id=2, new_password=new_password) user = user_db.select_user(user_id=2) assert user['password'] == new_password
def test_change_email(app): with app.app_context(): user_db = UserDB() new_email = '*****@*****.**' user = user_db.select_user(user_id=2) assert user['email'] != new_email user_db.change_email(user_id=2, new_email=new_email) user = user_db.select_user(user_id=2) assert user['email'] == new_email
def test_get_email(app): with app.app_context(): user_db = UserDB() user_id = 2 email = user_db.get_email(user_id) assert email == '*****@*****.**'