def test_change_password(test_app):
"""Test changing password correctly and incorrectly"""
test_user = fixture_add_user(password=u'toast')
test_app.post(
'/auth/login/', {
'username': u'chris',
'password': u'toast'})
# test that the password can be changed
res = test_app.post(
'/edit/password/', {
'old_password': '******',
'new_password': '******',
})
res.follow()
# Did we redirect to the correct page?
assert urlparse.urlsplit(res.location)[2] == '/edit/account/'
# test_user has to be fetched again in order to have the current values
test_user = User.query.filter_by(username=u'chris').first()
assert auth_tools.bcrypt_check_password('123456', test_user.pw_hash)
# test that the password cannot be changed if the given
# old_password is wrong
template.clear_test_template_context()
test_app.post(
'/edit/password/', {
'old_password': '******',
'new_password': '******',
})
test_user = User.query.filter_by(username=u'chris').first()
assert not auth_tools.bcrypt_check_password('098765', test_user.pw_hash)
def test_change_password(test_app):
"""Test changing password correctly and incorrectly"""
test_user = fixture_add_user(password=u'toast', privileges=[u'active'])
test_app.post('/auth/login/', {'username': u'chris', 'password': u'toast'})
# test that the password can be changed
res = test_app.post('/edit/password/', {
'old_password': '******',
'new_password': '******',
})
res.follow()
# Did we redirect to the correct page?
assert urlparse.urlsplit(res.location)[2] == '/edit/account/'
# test_user has to be fetched again in order to have the current values
test_user = User.query.filter_by(username=u'chris').first()
assert auth_tools.bcrypt_check_password('123456', test_user.pw_hash)
# test that the password cannot be changed if the given
# old_password is wrong
template.clear_test_template_context()
test_app.post('/edit/password/', {
'old_password': '******',
'new_password': '******',
})
test_user = User.query.filter_by(username=u'chris').first()
assert not auth_tools.bcrypt_check_password('098765', test_user.pw_hash)
def test_bcrypt_gen_password_hash():
pw = "youwillneverguessthis"
# Normal password hash generation, and check on that hash
hashed_pw = auth_tools.bcrypt_gen_password_hash(pw)
assert auth_tools.bcrypt_check_password(pw, hashed_pw)
assert not auth_tools.bcrypt_check_password("notthepassword", hashed_pw)
# Same thing, extra salt.
hashed_pw = auth_tools.bcrypt_gen_password_hash(pw, "3><7R45417")
assert auth_tools.bcrypt_check_password(pw, hashed_pw, "3><7R45417")
assert not auth_tools.bcrypt_check_password("notthepassword", hashed_pw, "3><7R45417")
def test_bcrypt_gen_password_hash():
pw = 'youwillneverguessthis'
# Normal password hash generation, and check on that hash
hashed_pw = auth_tools.bcrypt_gen_password_hash(pw)
assert auth_tools.bcrypt_check_password(pw, hashed_pw)
assert not auth_tools.bcrypt_check_password('notthepassword', hashed_pw)
# Same thing, extra salt.
hashed_pw = auth_tools.bcrypt_gen_password_hash(pw, '3><7R45417')
assert auth_tools.bcrypt_check_password(pw, hashed_pw, '3><7R45417')
assert not auth_tools.bcrypt_check_password('notthepassword', hashed_pw,
'3><7R45417')
def test_bcrypt_check_password():
# Check known 'lollerskates' password against check function
assert auth_tools.bcrypt_check_password(
"lollerskates", "$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO"
)
assert not auth_tools.bcrypt_check_password(
"notthepassword", "$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO"
)
# Same thing, but with extra fake salt.
assert not auth_tools.bcrypt_check_password(
"notthepassword", "$2a$12$ELVlnw3z1FMu6CEGs/L8XO8vl0BuWSlUHgh0rUrry9DUXGMUNWwl6", "3><7R45417"
)
def test_bcrypt_check_password():
# Check known 'lollerskates' password against check function
assert auth_tools.bcrypt_check_password(
'lollerskates',
'$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO')
assert not auth_tools.bcrypt_check_password(
'notthepassword',
'$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO')
# Same thing, but with extra fake salt.
assert not auth_tools.bcrypt_check_password(
'notthepassword',
'$2a$12$ELVlnw3z1FMu6CEGs/L8XO8vl0BuWSlUHgh0rUrry9DUXGMUNWwl6',
'3><7R45417')
def change_pass(request):
form = forms.ChangePassForm(request.form)
user = request.user
if request.method == 'POST' and form.validate():
if not tools.bcrypt_check_password(
form.old_password.data, user.pw_hash):
form.old_password.errors.append(
_('Wrong password'))
return render_to_response(
request,
'mediagoblin/plugins/basic_auth/change_pass.html',
{'form': form,
'user': user})
# Password matches
user.pw_hash = tools.bcrypt_gen_password_hash(
form.new_password.data)
user.save()
messages.add_message(
request, messages.SUCCESS,
_('Your password was changed successfully'))
return redirect(request, 'mediagoblin.edit.account')
return render_to_response(
request,
'mediagoblin/plugins/basic_auth/change_pass.html',
{'form': form,
'user': user})
def change_pass(request):
form = forms.ChangePassForm(request.form)
user = request.user
if request.method == 'POST' and form.validate():
if not tools.bcrypt_check_password(form.old_password.data,
user.pw_hash):
form.old_password.errors.append(_('Wrong password'))
return render_to_response(
request, 'mediagoblin/plugins/basic_auth/change_pass.html', {
'form': form,
'user': user
})
# Password matches
user.pw_hash = tools.bcrypt_gen_password_hash(form.new_password.data)
user.save()
messages.add_message(request, messages.SUCCESS,
_('Your password was changed successfully'))
return redirect(request, 'mediagoblin.edit.account')
return render_to_response(
request, 'mediagoblin/plugins/basic_auth/change_pass.html', {
'form': form,
'user': user
})
def test_change_password(test_app):
"""Test changing password correctly and incorrectly"""
test_user = fixture_add_user(password=u"toast", privileges=[u"active"])
test_app.post("/auth/login/", {"username": u"chris", "password": u"toast"})
# test that the password can be changed
res = test_app.post("/edit/password/", {"old_password": "******", "new_password": "******"})
res.follow()
# Did we redirect to the correct page?
assert urlparse.urlsplit(res.location)[2] == "/edit/account/"
# test_user has to be fetched again in order to have the current values
test_user = User.query.filter_by(username=u"chris").first()
assert auth_tools.bcrypt_check_password("123456", test_user.pw_hash)
# test that the password cannot be changed if the given
# old_password is wrong
template.clear_test_template_context()
test_app.post("/edit/password/", {"old_password": "******", "new_password": "******"})
test_user = User.query.filter_by(username=u"chris").first()
assert not auth_tools.bcrypt_check_password("098765", test_user.pw_hash)
def check_password(raw_pass, stored_hash, extra_salt=None):
if stored_hash:
return auth_tools.bcrypt_check_password(raw_pass,
stored_hash, extra_salt)
return None
def check_password(raw_pass, stored_hash, extra_salt=None):
if stored_hash:
return auth_tools.bcrypt_check_password(raw_pass,
stored_hash, extra_salt)
return None
