def test_auth_password_reset_test(): clear() #resgistering user to test auth_register('*****@*****.**', '123abc!@#', 'Hayden', 'Everest', None) #requesting a password reset auth_passwordreset_request('*****@*****.**') for user in users: if user['u_id'] == 1: reset_code = user['reset_code'] break with pytest.raises(InputError): #raise error if incorrect code auth_passwordreset_reset('12345', 'Agoodpassowrd') #raise error if bad bassword auth_passwordreset_reset(reset_code, 'bad') #raise error if both incorrect auth_passwordreset_reset('12345', 'bad') #test correct inputs change passowrd auth_passwordreset_reset(reset_code, 'Agoodpassowrd') for user in users: if user['u_id'] == 1: assert user['password'] == hashlib.sha256( 'Agoodpassowrd'.encode()).hexdigest() break
def test_auth_passwordreset_reset(): """ password entered is less than 6 characters long """ server_data = Server_data() email = "*****@*****.**" auth_register(server_data, email, "abcde123", "Jay", "Chen") # get the user's full information by email # reset code should be empty user_full = server_data.get_user_by_email(email) old_password = user_full.password assert user_full.reset_code == "" # request to set a new password, will get a reset_code # after request send, user receive a secret reset_code auth_passwordreset_request(server_data, email) reset_code = user_full.reset_code assert reset_code != "" # reset the password by using valid code auth_passwordreset_reset(server_data, reset_code, "1234abc") # check if the password has change to the new one new_password = user_full.password assert new_password != old_password
def test_auth_reset_no_email(): """ use an non registered email to request a password reset """ server_data = Server_data() with pytest.raises(InputError): auth_passwordreset_request(server_data, "*****@*****.**")
def test_auth_reset_invalid_email(): """ use a invalid email to request a password reset """ server_data = Server_data() with pytest.raises(InputError): auth_passwordreset_request(server_data, "jay.chen")
def test_auth_passwordreset_request(): """ After using password request user should get a reset_code """ server_data = Server_data() email = "*****@*****.**" # assert check(email) == True user = auth_register(server_data, email, "abcde123", "Jay", "Chen") user_id = user['u_id'] token = user['token'] # assume the token is generated from using auth_register assert user_profile(server_data, token, user_id) == { 'user': {\ 'u_id': user_id, \ 'email': "*****@*****.**", \ 'name_first': 'Jay', \ 'name_last': 'Chen', \ 'profile_img_url': '', \ 'handle_str': 'jaychen', \ }, } # get the user's full information by email # reset code should be empty user_full = server_data.get_user_by_email(email) assert user_full.reset_code == "" # request to set a new password, will get a reset_code # after request send, user receive a secret reset_code auth_passwordreset_request(server_data, email) assert user_full.reset_code != ""
def test_auth_password_reset_request_invalid_email(): ''' Test that an InputError is raised when an invalid email is given ''' other.clear() auth_register("*****@*****.**", "abcd1081$#", "John", "Smith") with pytest.raises(InputError): auth_passwordreset_request("*****@*****.**")
def send_email(): ''' A route to send a reset code via email to a user ''' payload = request.get_json() if not payload['email']: raise RequestError(description="Missing data in request body") auth_passwordreset_request(payload['email']) return dumps({})
def test_auth_passwordreset_request_unregistered_email_muplitple_users(): clear() auth_register('*****@*****.**', 'password', 'madeline', 'younes') auth_register('*****@*****.**', '238hadJHJ', 'Mira', 'Bankstone') auth_register('*****@*****.**', '82hBKH', 'Thomas', 'Yossef') with pytest.raises(InputError): auth_passwordreset_request('*****@*****.**')
def auth_passwordreset_request(): ''' Route that sends a 16 character alphanumeric reset code to a user who is requesting the password reset. ''' payload = request.get_json() email = payload['email'] auth.auth_passwordreset_request(email) return dumps({})
def test_auth_passwordreset_reset_success(): clear() auth_register('*****@*****.**', 'password', 'Madeline', 'Younes') auth_passwordreset_request('*****@*****.**') for user in data.users: if user.email == '*****@*****.**': reset_code = user.secret_key auth_passwordreset_reset(reset_code, 'New_3dpassword')
def test_exception_auth_passwordreset_request(): clear() user_dict = auth_register("*****@*****.**", "password", "Nate", "Drake") user_token = user_dict["token"] auth_logout(user_token) with pytest.raises(InputError): auth_passwordreset_request("*****@*****.**")
def test_auth_passwordreset_request_pass(): clear() email = '*****@*****.**' auth_register(email, 'weiqiangpass1', 'Weiqiang1', 'Zhuang1') for user in USER_DATA: if user['email'] == email: assert user['reset_code'] == "" auth_passwordreset_request(email) for user in USER_DATA: if user['email'] == email: assert user['reset_code'] != ""
def test_auth_passwordreset_reset_invalid_reset_code(): ''' This is a test to ensure that the test fails due to the user inputting an invalid reset_code. ''' other.clear() auth_register("*****@*****.**", "abcd1081$#", "John", "Smith") auth_passwordreset_request("*****@*****.**") with pytest.raises(InputError): auth_passwordreset_reset(10, "abcd1234$")
def test_incorrect_email_unsuccessful_request(): """ Tests unsuccessful uses of passwordreset_request, focusing on emails that don't have an account registered to them """ user1 = auth.auth_register('*****@*****.**', 'greetings', 'Good', 'Sir') user.user_profile_setemail(user1['token'], '*****@*****.**') auth.auth_logout(user1['token']) with pytest.raises(InputError): assert auth.auth_passwordreset_request('*****@*****.**') == {} assert auth.auth_passwordreset_request('*****@*****.**') == {} other.clear()
def test_auth_passwordreset_request_key_generated(): clear() auth_register('*****@*****.**', 'password', 'madeline', 'younes') for curr_user in data.users: if curr_user.email == '*****@*****.**': break curr_user.secret_key = None auth_passwordreset_request('*****@*****.**') assert curr_user.secret_key is not None
def test_auth_passwordreset_reset_password_not_valid(): clear() email = "*****@*****.**" auth_register(email, 'weiqiangpass1', 'Weiqiang1', 'Zhuang1') auth_passwordreset_request(email) reset_code = '' for user in USER_DATA: if user['email'] == email: reset_code = user['reset_code'] break new_pwd = "123" with pytest.raises(InputError): assert auth_passwordreset_reset(reset_code, new_pwd)
def test_successful_passwordreset_reset(): user1 = auth.auth_register('*****@*****.**', 'thistooksolong', 'one', 'hundred') auth.auth_logout(user1['token']) auth.auth_passwordreset_request('*****@*****.**') time.sleep(2) code = get_code_from_email() assert auth.auth_passwordreset_reset(code, 'new_password') == {} with pytest.raises(InputError): assert auth.auth_login('*****@*****.**', 'thistooksolong') user2 = auth.auth_login('*****@*****.**', 'new_password') assert user1['u_id'] == user2['u_id'] other.clear()
def test_incorrect_code_unsuccessful_reset(): """ Tests unsuccessful uses of passwordreset_reset, focusing on incorrect codes """ user1 = auth.auth_register('*****@*****.**', 'grobin?', 'Whedon', 'Gad') auth.auth_logout(user1['token']) auth.auth_passwordreset_request('*****@*****.**') with pytest.raises(InputError): assert auth.auth_passwordreset_reset('invalid_code', 'plsdontwork') assert auth.auth_passwordreset_reset('another_invalid_code', 'good night') other.clear()
def test_auth_password_request_test(): clear() #resgistering user to test auth_register('*****@*****.**', '123abc!@#', 'Hayden', 'Everest', None) #checking a request assigns the user a reset code auth_passwordreset_request('*****@*****.**') for user in users: if user['u_id'] == 1: assert user['reset_code'] != 0 break
def test_password_reset_invalid_reset_code(): '''reset_code is not a valid reset code''' clear() # Valid information has been summitted to register from the first user auth_register("*****@*****.**", "ihfeh3hgi00d", "Yilang", "W") # Vadid information has been summitted to register from the second user auth_register("*****@*****.**", "VukkFs", "Bill", "Gates") # Vadid information has been summitted to register from the third user auth_register("*****@*****.**", "RFVtgb45678", "M", "Johnson") # User 2 send a password reset request auth_passwordreset_request("*****@*****.**") # User 2 change the password with reset_code that has only 4 digits with pytest.raises(InputError): auth_passwordreset_reset(str(1234), "Qwerty567")
def test_invalid_new_password_unsuccessful_reset(): """ Tests unsuccessful uses of passwordreset_reset, focusing on invalid new passwords """ user1 = auth.auth_register('*****@*****.**', 'password', 'first', 'last') auth.auth_logout(user1['token']) auth.auth_passwordreset_request('*****@*****.**') time.sleep(2) code = get_code_from_email() with pytest.raises(InputError): assert auth.auth_passwordreset_reset(code, '') assert auth.auth_passwordreset_reset(code, '12345') other.clear()
def test_password_reset_wrong_reset_code1(): '''reset_code is not a valid reset code''' clear() # Valid information has been summitted to register from the first user auth_register("*****@*****.**", "ihfeh3hgi00d", "Yilang", "W") # Vadid information has been summitted to register from the second user auth_register("*****@*****.**", "VukkFs", "Bill", "Gates") # Vadid information has been summitted to register from the third user auth_register("*****@*****.**", "RFVtgb45678", "M", "Johnson") # User 2 send a password reset request auth_passwordreset_request("*****@*****.**") # User 2 change the password with wrong reset_code reset_code = data['users'][2]['reset_code'] with pytest.raises(InputError): auth_passwordreset_reset(reset_code, "Qwer7")
def test_password_reset_valid1(): '''Valid password reset by a member of flockr''' clear() # Valid information has been summitted to register from the first user auth_register("*****@*****.**", "ihfeh3hgi00d", "Yilang", "W") # Vadid information has been summitted to register from the second user auth_register("*****@*****.**", "VukkFs", "Bill", "Gates") # Vadid information has been summitted to register from the third user auth_register("*****@*****.**", "RFVtgb45678", "M", "Johnson") # User 2 send a password reset request auth_passwordreset_request("*****@*****.**") # User 2 change the password reset_code = data['users'][2]['reset_code'] auth_passwordreset_reset(reset_code, "Qwerty567") assert data['users'][2]['password'] == password_encode("Qwerty567")
def reset_request(): """ Sends user email using http """ data = request.get_json() email = data['email'] return auth.auth_passwordreset_request(email)
def test_logged_in_unsuccessful_request(): """ Tests unsuccessful uses of passwordreset_request, focusing on accounts that are logged in """ auth.auth_register('*****@*****.**', 'letsgooo', 'Fora', 'Walk') with pytest.raises(InputError): assert auth.auth_passwordreset_request('*****@*****.**') other.clear()
def test_auth_passwordreset_reset_invalid_new_password(): ''' This is a test to ensure that the test fails as a result of the new_password field not meeting the requirements for a valid password. ''' other.clear() test_user = auth_register("*****@*****.**", "abcd1081$#", "John", "Smith") #auth_passwordreset_request("*****@*****.**") # call a function to randomly generate the reset_code auth_passwordreset_request("*****@*****.**") code = '' for reset_code in data.reset_codes: if test_user['u_id'] == reset_code['u_id']: code = reset_code['reset_code'] with pytest.raises(InputError): new_password = "******" auth_passwordreset_reset(code, new_password)
def test_auth_passwordreset_reset_success_case(): ''' This test will be used to check whether or not the user receives the error_code that was sent out. (This test might be redundant). ''' other.clear() test_user = auth_register("*****@*****.**", "abcd1081$#", "John", "Smith") auth_passwordreset_request("*****@*****.**") code = '' for reset_code in data.reset_codes: if test_user['u_id'] == reset_code['u_id']: code = reset_code['reset_code'] auth_passwordreset_reset(code, "wxyz1081$#") auth_logout(test_user['token']) auth_login("*****@*****.**", "wxyz1081$#")
def test_auth_passwordreset_reset_another_user(): ''' Test if another user can also reset their password ''' other.clear() auth_register("*****@*****.**", "abcd1081$#", "John", "Smith") user2 = auth_register("*****@*****.**", "abcd1081$", "Will", "Smith") auth_passwordreset_request("*****@*****.**") auth_passwordreset_request("*****@*****.**") code = '' for reset_code in data.reset_codes: if user2['u_id'] == reset_code['u_id']: code = reset_code['reset_code'] auth_passwordreset_reset(code, "wxyz1081$#") auth_logout(user2['token']) auth_login("*****@*****.**", "wxyz1081$#")
def test_reset_password_short(): """ password entered is less than 6 characters long """ server_data = Server_data() email = "*****@*****.**" auth_register(server_data, email, "abcde123", "Jay", "Chen") # get the user's full information by email # reset code should be empty user_full = server_data.get_user_by_email(email) assert user_full.reset_code == "" # request to set a new password, will get a reset_code # after request send, user receive a secret reset_code auth_passwordreset_request(server_data, email) reset_code = user_full.reset_code assert reset_code != "" with pytest.raises(InputError): auth_passwordreset_reset(server_data, reset_code, "abc")
def test_password_reset(): """ Check if password reset works for valid inputs. """ registered_email = "*****@*****.**" return_1 = auth_passwordreset_request(registered_email) # String sent reset_string = jwt.encode({'email': registered_email}, 'changepassword', algorithm='HS256') new_password = "******" return_2 = auth_passwordreset_reset(reset_string, new_password) assert return_1 == {} and return_2 == {}