def test_login_bad_username(config):
config.include(models)
request = csrf_request(config)
schema = schemas.LoginSchema().bind(request=request)
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({'username': '******', 'password': '******'})
assert 'username' in exc.value.asdict()
def __init__(self, request):
self.request = request
self.schema = schemas.LoginSchema().bind(request=self.request)
self.form = deform.Form(self.schema)
self.login_redirect = self.request.route_url('stream')
self.logout_redirect = self.request.route_url('index')
def test_invalid_with_bad_csrf(self, pyramid_request, user_service):
schema = schemas.LoginSchema().bind(request=pyramid_request)
with pytest.raises(BadCSRFToken):
schema.deserialize({
'username': '******',
'password': '******',
})
def test_login_good(config):
config.registry.settings.update({'horus.require_activation': False})
config.include(models)
request = csrf_request(config)
schema = schemas.LoginSchema().bind(request=request)
assert 'user' in schema.deserialize({
'username': valid_username,
'password': valid_password,
})
def test_it_is_invalid_with_bad_csrf(self, pyramid_request, user_model):
schema = schemas.LoginSchema().bind(request=pyramid_request)
user = user_model.get_by_username.return_value
user.is_activated = True
with pytest.raises(BadCSRFToken):
schema.deserialize({
'username': '******',
'password': '******',
})
def test_login_good():
settings = {'horus.require_activation': False}
with testConfig(settings=settings) as config:
config.include(models)
request = csrf_request(config)
schema = schemas.LoginSchema().bind(request=request)
assert 'user' in schema.deserialize({
'username': valid_username,
'password': valid_password,
})
def test_it_returns_user_when_valid(self, pyramid_csrf_request,
user_model):
user = user_model.get_by_username.return_value
user.is_activated = True
schema = schemas.LoginSchema().bind(request=pyramid_csrf_request)
assert 'user' in schema.deserialize({
'username': '******',
'password': '******',
})
def test_login_inactive(config):
config.registry.settings.update({
'horus.allow_inactive_login': False,
'horus.require_activation': True,
})
config.include(models)
request = csrf_request(config)
schema = schemas.LoginSchema().bind(request=request)
with pytest.raises(colander.Invalid) as exc:
schema.deserialize(valid_user)
assert 'not active' in exc.value.msg
def test_login_bad_csrf(config, user_model):
request = DummyRequest()
schema = schemas.LoginSchema().bind(request=request)
user = user_model.get_by_username.return_value
user.is_activated = True
with pytest.raises(BadCSRFToken):
schema.deserialize({
'username': '******',
'password': '******',
})
def test_login_email(config, user_model):
request = csrf_request(config)
schema = schemas.LoginSchema().bind(request=request)
user_model.get_by_username.return_value = None
user = user_model.get_by_email.return_value
user.is_activated = True
assert 'user' in schema.deserialize({
'username': '******',
'password': '******',
})
def test_LoginSchema_with_email_instead_of_username(config, user_model):
"""If get_by_username() returns None it should try get_by_email()."""
request = csrf_request(config)
schema = schemas.LoginSchema().bind(request=request)
user_model.get_by_username.return_value = None
user = user_model.get_by_email.return_value
user.is_activated = True
assert 'user' in schema.deserialize({
'username': '******',
'password': '******',
})
def test_it_returns_user_when_valid(self, factories, pyramid_csrf_request,
user_service):
user = factories.User.build(username='******')
user_service.fetch_for_login.return_value = user
schema = schemas.LoginSchema().bind(request=pyramid_csrf_request)
result = schema.deserialize({
'username': '******',
'password': '******',
})
assert result['user'] is user
def test_login_bad_password(config, user_model):
request = csrf_request(config)
schema = schemas.LoginSchema().bind(request=request)
user_model.validate_user.return_value = False
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'username': '******',
'password': '******',
})
assert 'password' in exc.value.asdict()
def __init__(self, request):
form_footer = '<a class="link" href="{href}">{text}</a>'.format(
href=request.route_path('forgot_password'),
text=_('Forgot your password?'))
self.request = request
self.schema = schemas.LoginSchema().bind(request=self.request)
self.form = request.create_form(self.schema,
buttons=(_('Log in'),),
footer=form_footer)
self.logout_redirect = self.request.route_url('index')
def test_LoginSchema_with_bad_username(config, user_model):
request = csrf_request(config)
schema = schemas.LoginSchema().bind(request=request)
user_model.get_by_username.return_value = None
user_model.get_by_email.return_value = None
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'username': '******',
'password': '******',
})
assert 'username' in exc.value.asdict()
def test_passes_username_and_password_to_user_service(
self, factories, pyramid_csrf_request, user_service):
user = factories.User(username='******')
user_service.login.return_value = user
schema = schemas.LoginSchema().bind(request=pyramid_csrf_request)
schema.deserialize({
'username': '******',
'password': '******',
})
user_service.login.assert_called_once_with(username_or_email='jeannie',
password='******')
def test_login_inactive(config, user_model):
request = csrf_request(config)
user = user_model.get_by_username.return_value
user.is_activated = False
schema = schemas.LoginSchema().bind(request=request)
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'username': '******',
'password': '******',
})
assert 'not active' in exc.value.msg
def test_it_is_invalid_with_bad_password(self, pyramid_csrf_request,
user_model):
schema = schemas.LoginSchema().bind(request=pyramid_csrf_request)
user = user_model.get_by_username.return_value
user.check_password.return_value = False
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'username': '******',
'password': '******',
})
assert 'password' in exc.value.asdict()
def __init__(self, request):
form_footer = '<a href="{href}">{text}</a>'.format(
href=request.route_path('forgot_password'),
text=_('Forgot your password?'))
self.request = request
self.schema = schemas.LoginSchema().bind(request=self.request)
self.form = deform.Form(self.schema,
buttons=(_('Sign in'), ),
footer=form_footer)
self.login_redirect = self.request.params.get(
'next', self.request.route_url('stream'))
self.logout_redirect = self.request.route_url('index')
def test_LoginSchema_with_inactive_user_account(config, user_model):
request = csrf_request(config)
user = user_model.get_by_username.return_value
user.is_activated = False
schema = schemas.LoginSchema().bind(request=request)
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'username': '******',
'password': '******',
})
assert ("You haven't activated your account yet" in
exc.value.asdict().get('username', ''))
def test_invalid_with_inactive_user(self, pyramid_csrf_request,
user_service):
schema = schemas.LoginSchema().bind(request=pyramid_csrf_request)
user_service.fetch_for_login.side_effect = UserNotActivated()
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'username': '******',
'password': '******',
})
errors = exc.value.asdict()
assert 'username' in errors
assert 'activate your account' in errors['username']
def test_invalid_with_bad_password(self, pyramid_csrf_request,
user_service):
user_service.login.return_value = None
schema = schemas.LoginSchema().bind(request=pyramid_csrf_request)
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'username': '******',
'password': '******',
})
errors = exc.value.asdict()
assert 'password' in errors
assert 'Wrong password' in errors['password']
def test_invalid_with_unknown_user(self, pyramid_csrf_request,
user_service):
schema = schemas.LoginSchema().bind(request=pyramid_csrf_request)
user_service.fetch_for_login.return_value = None
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'username': '******',
'password': '******',
})
errors = exc.value.asdict()
assert 'username' in errors
assert 'does not exist' in errors['username']
def test_passes_password_to_user_password_service(self, factories,
pyramid_csrf_request,
user_service,
user_password_service):
user = factories.User.build(username='******')
user_service.fetch_for_login.return_value = user
schema = schemas.LoginSchema().bind(request=pyramid_csrf_request)
schema.deserialize({
'username': '******',
'password': '******',
})
user_password_service.check_password.assert_called_once_with(
user, 'cake')
def __init__(self, request):
form_footer = '<a class="link" href="{href}">{text}</a>'.format(
href=request.route_path('forgot_password'),
text=_('Mot de passe oublie ?'))
self.request = request
self.schema = schemas.LoginSchema().bind(request=self.request)
show_cancel_button = bool(request.params.get('for_oauth', False))
self.form = request.create_form(self.schema,
buttons=(_('Se connecter'),),
footer=form_footer,
show_cancel_button=show_cancel_button)
self.logout_redirect = self.request.route_url('index')
def test_invalid_with_bad_password(self, factories, pyramid_csrf_request,
user_service, user_password_service):
user = factories.User.build(username='******')
user_service.fetch_for_login.return_value = user
user_password_service.check_password.return_value = False
schema = schemas.LoginSchema().bind(request=pyramid_csrf_request)
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'username': '******',
'password': '******',
})
errors = exc.value.asdict()
assert 'password' in errors
assert 'Wrong password' in errors['password']
def test_it_is_invalid_with_inactive_user_account(self,
pyramid_csrf_request,
user_model):
user = user_model.get_by_username.return_value
user.is_activated = False
schema = schemas.LoginSchema().bind(request=pyramid_csrf_request)
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'username': '******',
'password': '******',
})
assert (
"Please check your email and open the link to activate your account."
in exc.value.asdict().get('username', ''))
def auth_controller_init_patch(self, request):
"""
Replace the constructor of the h's h.account.views AuthController class - in order to skip the stream loading that
is not used in the annotran
:param request: the current request
:return: None
"""
form_footer = '<a href="{href}">{text}</a>'.format(
href=request.route_path('forgot_password'),
text=_('Forgot your password?'))
self.request = request
self.schema = schemas.LoginSchema().bind(request=self.request)
self.form = deform.Form(self.schema,
buttons=(_('Sign in'), ),
footer=form_footer)
self.login_redirect = self.request.route_url('index')
self.logout_redirect = self.request.route_url('index')
def test_login_bad_csrf(config):
request = DummyRequest(registry=config.registry)
schema = schemas.LoginSchema().bind(request=request)
with pytest.raises(BadCSRFToken):
schema.deserialize(valid_user)
def __init__(self, request):
self.request = request
self.schema = schemas.LoginSchema().bind(request=self.request)
self.form = deform.Form(self.schema)