def test_cant_change_password_for_firebase_user(): user = User('*****@*****.**', 'pa$$word', 'John Doe', '1111', 'NULL', True, True, True) old_hash = user.hash with pytest.raises(CantChangePasswordForFirebaseUser): user.change_password('password')
def test_change_password_successfully(): user = User('*****@*****.**', 'pa$$word', 'John Doe', '1111', 'NULL', False, True, True) old_hash = user.hash user.change_password('password') assert not user.hash == old_hash
def test_save_existent_user(postgresql_db): session = postgresql_db.session create_all(session) saved_user = User('*****@*****.**', 'bbb', 'Jane Doe', '111-1111', None, False, False, False) sut = UserPersistence(postgresql_db) sut.save(saved_user) with pytest.raises(UserAlreadyRegisteredException): user_to_save = User('*****@*****.**', 'aaa', 'John Doe', '555-5555', None, False, False, False) sut.save(user_to_save)
def test_serialize_user_successfully(): user = User('*****@*****.**', 'secreto', 'Test', '1234', 'test.jpg', False, False, False) serialized_user = user.serialize() assert serialized_user == { 'email': '*****@*****.**', 'full name': 'Test', 'phone number': '1234', 'profile picture': 'test.jpg' }
def test_forgot_password_with_new_reset_password_successful(client): with patch( 'auth_server.decorators.app_server_token_required_decorator.is_valid_token_from_app_server' ) as mock_is_valid_token_from_app_server: mock_is_valid_token_from_app_server.return_value = True with patch.object(UserPersistence, 'get_user_by_email') as get_user: get_user.return_value = User('*****@*****.**', 'test', 'test', '123', 'test', False, False, False) with patch.object(ResetPasswordPersistence, 'get_reset_password_by_email', new=raise_reset_password_not_found_exception ) as reset_password_not_found_mock: with patch.object(ResetPasswordPersistence, 'save') as save_reset_password: user_email = '*****@*****.**' response = client.post( '/api/users/' + user_email + '/reset_password_token', json={}, headers={ 'authorization': 'FAKETOKEN', APP_SERVER_TOKEN_HEADER: 'FAKETOKEN' }, follow_redirects=False) assert json.loads(response.data) == { "Forgot password": "******".format(user_email) }
def test_forgot_password_fails_user_is_firebase_user(client): with patch( 'auth_server.decorators.app_server_token_required_decorator.is_valid_token_from_app_server' ) as mock_is_valid_token_from_app_server: mock_is_valid_token_from_app_server.return_value = True with patch.object(UserPersistence, 'get_user_by_email') as get_user: get_user.return_value = User('test', 'test', 'test', '123', 'test', True, False, False) user_email = '*****@*****.**' response = client.post('/api/users/' + user_email + '/reset_password_token', json={}, headers={ 'authorization': 'FAKETOKEN', APP_SERVER_TOKEN_HEADER: 'FAKETOKEN' }, follow_redirects=False) assert json.loads(response.data) == { "Error": "user {0} is a firebase user".format(user_email) }
def test_get_user_profile_successfully(client): with patch( 'auth_server.decorators.app_server_token_required_decorator.is_valid_token_from_app_server' ) as mock: mock.return_value = True with patch.object(UserPersistence, 'get_user_by_email') as get_user_mock: get_user_mock.return_value = User('*****@*****.**', 'secreto', 'Test', '1234', 'test.jpg', False, False, False) user_email = '*****@*****.**' hed = {'AppServerToken': 'FAKETOKEN'} response = client.get('/api/users/' + user_email, headers=hed, follow_redirects=False) value_expected = { 'email': '*****@*****.**', 'full_name': 'Test', 'phone_number': '1234', 'profile_picture': 'test.jpg' } assert mock.called assert json.loads(response.data) == value_expected
def parse_regular_user(body): email = body['email'] full_name = body['full name'] phone_number = body['phone number'] profile_picture = body['profile picture'] password = body['password'] return User(email, password, full_name, phone_number, profile_picture, False, False, False)
def test_returns_user_with_token_successfully(): user = User('*****@*****.**', 'fake_falopa', 'John Doe', '1111', 'NULL', True, False, False) generated_token = auth_server.token_functions.generate_auth_token(user) user_obtained = auth_server.token_functions.get_user_with_token( generated_token) assert user_obtained == user.email
def _login_user_using_firebase(): try: id_token = request.headers.get('authorization', None) claims = firebase_admin.auth.verify_id_token(id_token) if not claims or not claims.get('email'): logger.debug('Response from auth server login is 401') result = {'Login': '******'} status_code = 401 return result, status_code user_persistence = UserPersistence(current_app.db) user = None try: user = user_persistence.get_user_by_email(claims.get('email')) except UserNotFoundException: user = User(claims.get('email'), None, claims.get('name'), 'NULL', claims.get('picture'), True, False, False) user_persistence.save(user) if user.is_blocked_user(): logger.debug('This user is BLOCKED') result = {'Login': '******'} status_code = 401 elif user.is_firebase_user(): logger.debug('Usuario logueado con exito') token = generate_auth_token(user) logger.debug('This is the token {0}'.format(token)) result = {'Token': token, 'claims': claims} status_code = HTTPStatus.OK else: logger.debug('User not registered with Firebase') result = {'Login': '******'} status_code = 401 return result, status_code except ValueError as exc: result = {'Login': '******'} status_code = 401 logger.error(exc) return result, status_code except firebase_admin._auth_utils.InvalidIdTokenError as invalid_token_error: result = {'Register': str(invalid_token_error)} status_code = 401 logger.error(invalid_token_error) return result, status_code
def test_valid_token(): user = User('*****@*****.**', 'fake_falopa', 'John Doe', '1111', 'NULL', True, False, False) generated_token = auth_server.token_functions.generate_auth_token(user) result, status_code = auth_server.token_functions.validate_token( generated_token) assert status_code == 200 assert result == { 'Message': 'token valido para user {0}'.format(user.email) }
def test_is_firebase(): user_firebase = User('*****@*****.**', 'pa$$word', 'John Doe', '1111', 'NULL', True, False, False) user_not_firebase = User('*****@*****.**', 'pa$$word', 'John Doe', '1111', 'NULL', False, False, False) assert user_firebase.is_firebase_user() assert not user_not_firebase.is_firebase_user()
def test_save_password_user(postgresql_db): session = postgresql_db.session create_all(session) assert query_first_user(session) is None user_to_save = User('*****@*****.**', 'aaa', 'John Doe', '555-5555', None, False, False, False) sut = UserPersistence(postgresql_db) sut.save(user_to_save) row = query_first_user(session) assert row is not None assert row[0] == '*****@*****.**' assert row[1] == 'John Doe' assert row[2] == '555-5555'
def test_forgot_password_with_existent_reset_password_and_expired_token_user_not_found_in_users_should_never_happen( client): with patch( 'auth_server.decorators.app_server_token_required_decorator.is_valid_token_from_app_server' ) as mock_is_valid_token_from_app_server: mock_is_valid_token_from_app_server.return_value = True with patch.object(UserPersistence, 'get_user_by_email') as get_user: get_user.return_value = User('*****@*****.**', 'test', 'test', '123', 'test', False, False, False) with patch.object( ResetPasswordPersistence, 'get_reset_password_by_email') as reset_password_mock: with patch.object(ResetPassword, 'is_token_expired') as is_token_expired_mock: is_token_expired_mock.return_value = True with patch.object(ResetPasswordPersistence, 'delete') as delete_mock: with patch.object( ResetPasswordPersistence, 'save', new= raise_reset_password_for_non_existent_user_exception ) as reset_password_not_found_mock: user_email = '*****@*****.**' response = client.post('/api/users/' + user_email + '/reset_password_token', json={}, headers={ 'authorization': 'FAKETOKEN', APP_SERVER_TOKEN_HEADER: 'FAKETOKEN' }, follow_redirects=False) assert json.loads(response.data) == { "Error": "user {0} doesnt exist in table users".format( user_email) }
def test_succesful_login_with_firebase_user_already_registered(client): with patch( 'auth_server.decorators.app_server_token_required_decorator.is_valid_token_from_app_server' ) as mock_is_valid_token_from_app_server: mock_is_valid_token_from_app_server.return_value = True with patch.object(UserPersistence, 'get_user_by_email') as user_persistence_mock: with patch('firebase_admin.auth.verify_id_token') as firebase_mock: firebase_mock.return_value = {'email': '*****@*****.**'} user_persistence_mock.return_value = User( '*****@*****.**', '', 'Tito', '', '', True, False, False) response = client.post('/api/login_with_firebase/', json={}, headers={ 'authorization': 'FAKETOKEN', APP_SERVER_TOKEN_HEADER: 'FAKETOKEN' }, follow_redirects=False) assert json.loads(response.data).get('Token')
def test_login_user_succesful(client): with patch('auth_server.authentication.get_user') as mock_get_user: result = {} status_code = 200 user = ('*****@*****.**') mock_get_user.return_value = result, status_code, user with patch( 'auth_server.authentication.validar_usuario') as mock_validar: with patch.object(UserPersistence, 'get_user_by_email') as user_persistence_mock: user_persistence_mock.return_value = User( user, 'fake_falopa', 'John Doe', '1111', 'NULL', True, False, False) with patch('auth_server.authentication.generate_auth_token' ) as mock_token_generation: mock_token_generation.return_value = 'THISISAFAKETOKEN' user_information = { 'email': '*****@*****.**', 'password': '******' } response = client.post('/api/login/', json=user_information, follow_redirects=False) value_expected = {'Token': 'THISISAFAKETOKEN'} mock_validar.return_value = True assert mock_get_user.called assert mock_validar.called assert user_persistence_mock.called assert mock_token_generation.called assert json.loads(response.data) == value_expected
def test_is_blocked_user(): user = User('*****@*****.**', 'pa$$word', 'John Doe', '1111', 'NULL', False, True, True) assert user.is_blocked_user()
def test_is_not_admin_user(): user = User('*****@*****.**', 'pa$$word', 'John Doe', '1111', 'NULL', True, False, False) assert not user.is_admin_user()