def test_get_user_with_valid_token_wrong_token(self):
user = users_factories.UserFactory()
token_type = TokenType.RESET_PASSWORD
saved_token = Token(from_dict={"userId": user.id, "value": self.token_value, "type": token_type})
repository.save(saved_token)
associated_user = get_user_with_valid_token("wrong-token-value", [token_type])
assert associated_user is None
def test_get_user_with_valid_token_wrong_type(self):
user = users_factories.UserFactory()
token_type = TokenType.RESET_PASSWORD
saved_token = Token(from_dict={"userId": user.id, "value": self.token_value, "type": token_type})
repository.save(saved_token)
assert Token.query.filter_by(value=self.token_value).first() is not None
associated_user = get_user_with_valid_token(self.token_value, ["other_type"])
assert associated_user is None
def generate_and_save_token(
user: User, token_type: TokenType, life_time: Optional[timedelta] = None, token_value: Optional[str] = None
) -> Token:
assert token_type.name in TokenType.__members__, "Only registered token types are allowed"
expiration_date = datetime.now() + life_time if life_time else None
token_value = token_value or secrets.token_urlsafe(32)
token = Token(user=user, value=token_value, type=token_type, expirationDate=expiration_date)
repository.save(token)
return token
def generate_and_save_token(user: User, token_type: TokenType, life_time: Optional[timedelta] = None) -> Token:
expiration_date = datetime.now() + life_time if life_time else None
token_value = create_custom_jwt_token(user.id, token_type.value, expiration_date)
token_with_same_value = Token.query.filter_by(value=token_value).first()
if token_with_same_value:
return token_with_same_value
token = Token(userId=user.id, value=token_value, type=token_type, expirationDate=expiration_date)
repository.save(token)
return token
def test_reset_password_success(app):
new_password = "******"
user = users_factories.UserFactory()
token = Token(from_dict={"userId": user.id, "value": "secret-value", "type": TokenType.RESET_PASSWORD})
repository.save(token)
data = {"reset_password_token": token.value, "new_password": new_password}
response = TestClient(app.test_client()).post("/native/v1/reset_password", json=data)
user = find_user_by_id(user.id)
assert response.status_code == 204
assert user.password == hash_password(new_password)
def when_feature_send_emails_enabled_sends_a_reset_password_email_to_native_app_user(
self, retrieve_data_for_reset_password_native_app_email):
# given
user = create_user(email="*****@*****.**",
first_name="Bobby",
reset_password_token="AZ45KNB99H")
token = Token(value="token-value", expirationDate=datetime.now())
# when
send_reset_password_email_to_native_app_user(user.email, token.value,
token.expirationDate)
# then
retrieve_data_for_reset_password_native_app_email.assert_called_once_with(
user.email, token.value, token.expirationDate)
assert mails_testing.outbox[0].sent_data["MJ-TemplateID"] == 12345
def test_get_user_with_valid_token(self):
user = users_factories.UserFactory()
token_type = TokenType.RESET_PASSWORD
expiration_date = datetime.now() + timedelta(hours=24)
saved_token = Token(
from_dict={
"userId": user.id,
"value": self.token_value,
"type": token_type,
"expirationDate": expiration_date,
}
)
repository.save(saved_token)
associated_user = get_user_with_valid_token(self.token_value, [token_type, "other-allowed-type"])
assert associated_user.id == user.id
def test_get_user_with_valid_token_with_expired_date(self):
user = users_factories.UserFactory()
token_type = TokenType.RESET_PASSWORD
saved_token = Token(
from_dict={
"userId": user.id,
"value": self.token_value,
"type": token_type,
"expirationDate": datetime.now() - timedelta(hours=24),
}
)
repository.save(saved_token)
assert Token.query.filter_by(value=self.token_value).first() is not None
associated_user = get_user_with_valid_token(self.token_value, [token_type])
assert associated_user is None
