Exemple #1
0
def create_user(name, email, password: str):
    if User.autenticate(email) is not None:
        return errors.bad_request({"email": "Email is already exists."})
    try:
        new_user = User.create(name, email, password)
        new_user.save()
    except SaveError as err:
        return errors.internal_error(err.messages)

    return new_user, 201
Exemple #2
0
def register(name: str, email: str, password: str):
    user = User.autenticate(email)
    if user is not None:
        return errors.bad_request(
            "User with this email is already in the system. Are you trying to logged in?"
        )

    user = User.create(name, email, password)
    user.save()

    return jwt_utils.response_with_tokens(user), 201
Exemple #3
0
def login(email: str, password: str):
    user = User.autenticate(email)

    # TODO: if email is missing, using brute force to get existing users
    #       Consider limit number of tries or show 401 error Bad email or password
    #       Add dummy password to run verify password function to prevent timing attack
    if user is None:
        return errors.not_found("Couldn't find an account with this email.")

    if not user.verify_passw(password, user.password):
        return errors.unauthorized(
            "The email and password did not match our records.")

    return jwt_utils.response_with_tokens(user), 200
Exemple #4
0
def test_user_autentication_fails(app):
    user = User.autenticate(_SOME_NON_EXISTING_EMAIL)

    assert user is None
Exemple #5
0
def test_user_authentication(app):
    user = User.autenticate(_SOME_USER_EMAIL)

    assert user is not None
    assert user.id == _SOME_USER_ID
    assert user.email == _SOME_USER_EMAIL