def test_by_username_andsecurity_code_wrong_code(self, db_session):
add_user(db_session)
queried_user = UserService.by_user_name_and_security_code(
user_name="username", security_code="wrong_code", db_session=db_session
)
assert queried_user is None
def test_by_username_andsecurity_code_none(self, db_session):
created_user = add_user(db_session)
security_code = created_user.security_code
found = UserService.by_user_name_and_security_code(
user_name=None, security_code=security_code, db_session=db_session
)
assert found is None
def test_by_username_andsecurity_code_existing(self, db_session):
created_user = add_user(db_session)
security_code = created_user.security_code
queried_user = UserService.by_user_name_and_security_code(
user_name="username", security_code=security_code, db_session=db_session
)
assert created_user == queried_user
def by_user_name_and_security_code(cls, user_name, security_code,
db_session=None):
"""
.. deprecated:: 0.8
:param user_name:
:param security_code:
:param db_session:
:return:
"""
db_session = get_db_session(db_session)
return UserService.by_user_name_and_security_code(
user_name=user_name, security_code=security_code,
db_session=db_session)
def by_user_name_and_security_code(cls,
user_name,
security_code,
db_session=None):
"""
.. deprecated:: 0.8
:param user_name:
:param security_code:
:param db_session:
:return:
"""
db_session = get_db_session(db_session)
return UserService.by_user_name_and_security_code(
user_name=user_name,
security_code=security_code,
db_session=db_session)
def lost_password_generate(request):
"""
Shows new password form - perform time check and set new password for user
"""
user = UserService.by_user_name_and_security_code(
request.GET.get("user_name"), request.GET.get("security_code")
)
if user:
delta = datetime.datetime.utcnow() - user.security_code_date
if user and delta.total_seconds() < 600:
form = forms.NewPasswordForm(request.POST, csrf_context=request)
if request.method == "POST" and form.validate():
UserService.set_password(user, form.new_password.data)
request.session.flash(_("You can sign in with your new password."))
return HTTPFound(location=request.route_url("register"))
else:
return {"form": form}
else:
return Response("Security code expired")
