Example #1
0
 def reset(self):
     "Reset password"
     # Get email
     email = request.POST.get("email")
     # Try to load the person
     person = Session.query(model.Person).filter(model.Person.email == email).first()
     # If the email is not in our database,
     if not person:
         return dict(isOk=0)
     # Reset account
     c.password = store.makeRandomAlphaNumericString(parameter.PASSWORD_LENGTH_AVERAGE)
     return changePerson(
         dict(
             username=person.username,
             password=c.password,
             nickname=person.nickname,
             email=person.email,
             email_sms=person.email_sms,
         ),
         "reset",
         "/people/confirm.mako",
         person,
     )
Example #2
0
 def test_update(self):
     """
     Make sure that updating credentials works
     Make sure the update page only appears when the user is logged in
     Make sure the update form is filled with the user's credentials
     Make sure that update_ only works when the user is logged in
     Make sure that update confirmation works
     """
     # Assert that we are redirected to the login page if the person is not logged in
     response = self.app.get(url('person_update'))
     self.assertEqual(urlparse.urlparse(response.response.location).path, url('person_login', targetURL=h.encodeURL('/')))
     # Assert that we get rejected if we try to post without logging in
     self.assertEqual(simplejson.dumps({'isOk': 0}), self.app.post(url('person_update_')).body)
     # Add person
     meta.Session.add(model.Person(username, model.hashString(password), nickname, email, email_sms))
     meta.Session.commit()
     # Log in
     self.app.post(url('person_login_'), dict(username=username, password=password))
     # Assert that the update form is filled with the user's credentials
     responseBody = self.app.get(url('person_update')).body
     self.assert_(username in responseBody)
     self.assert_(nickname in responseBody)
     self.assert_(email in responseBody)
     self.assert_(email_sms in responseBody)
     # Update credentials
     newUsername = store.makeRandomString(16)
     newPassword = store.makeRandomAlphaNumericString(parameter.PASSWORD_LENGTH_AVERAGE)
     newNickname = unicode(store.makeRandomString(16))
     newEmail = re.sub(r'.*@', store.makeRandomString(16) + '@', email)
     newEmailSMS = re.sub(r'.*@', store.makeRandomString(16) + '@', email)
     self.assertEqual(simplejson.dumps({'isOk': 1}), self.app.post(url('person_update_'), dict(username=newUsername, password=newPassword, nickname=newNickname, email=newEmail, email_sms=newEmailSMS)).body)
     # Make sure the credentials have not changed yet
     self.assertEqual(meta.Session.query(model.Person).filter_by(username=newUsername, password_hash=model.hashString(newPassword), nickname=newNickname, email=newEmail, email_sms=newEmailSMS).count(), 0)
     # Activate candidate
     self.app.get(url('person_confirm', ticket=meta.Session.query(model.PersonCandidate.ticket).filter_by(username=newUsername).first()[0]))
     # Make sure the credentials have changed
     self.assertEqual(meta.Session.query(model.Person).filter_by(username=newUsername, password_hash=model.hashString(newPassword), nickname=newNickname, email=newEmail, email_sms=newEmailSMS).count(), 1)