def __init__(self, request): self.request = request self.schema = schemas.ResetPasswordSchema().bind(request=self.request) self.form = deform.Form( schema=self.schema, action=self.request.route_path('reset_password'), buttons=(_('Save'), ))
def test_it_is_invalid_with_password_too_short(self, pyramid_csrf_request): schema = schemas.ResetPasswordSchema().bind( request=pyramid_csrf_request) with pytest.raises(colander.Invalid) as exc: schema.deserialize({"password": "******"}) assert "password" in exc.value.asdict()
def __init__(self, request): self.request = request self.schema = schemas.ResetPasswordSchema().bind(request=self.request) self.form = request.create_form( schema=self.schema, action=self.request.route_path('account_reset'), buttons=(_('Save'), ))
def test_reset_password_adds_user_to_appstruct(config, activation_model, user_model): request = csrf_request(config) schema = schemas.ResetPasswordSchema().bind(request=request) user = user_model.get_by_activation.return_value appstruct = schema.deserialize({ 'user': '******', 'password': '******', }) assert appstruct['user'] == user
def test_ResetPasswordSchema_adds_user_to_appstruct(config, user_model): request = csrf_request(config) request.registry.password_reset_serializer = FakeSerializer() schema = schemas.ResetPasswordSchema().bind(request=request) user = user_model.get_by_username.return_value user.password_updated = 0 appstruct = schema.deserialize({ 'user': '******', 'password': '******', }) assert appstruct['user'] == user
def test_ResetPasswordSchema_with_expired_token(config, user_model): request = csrf_request(config) request.registry.password_reset_serializer = FakeExpiredSerializer() schema = schemas.ResetPasswordSchema().bind(request=request) with pytest.raises(colander.Invalid) as exc: schema.deserialize({ 'user': '******', 'password': '******', }) assert 'user' in exc.value.asdict() assert 'reset code has expired' in exc.value.asdict()['user']
def test_reset_password_no_user_for_activation(config, user_model): request = csrf_request(config) schema = schemas.ResetPasswordSchema().bind(request=request) user_model.get_by_activation.return_value = None with pytest.raises(colander.Invalid) as exc: schema.deserialize({ 'user': '******', 'password': '******', }) assert 'user' in exc.value.asdict() assert 'reset code is not valid' in exc.value.asdict()['user']
def test_it_is_invalid_with_expired_token(self, pyramid_csrf_request): pyramid_csrf_request.registry.password_reset_serializer = ( self.FakeExpiredSerializer()) schema = schemas.ResetPasswordSchema().bind( request=pyramid_csrf_request) with pytest.raises(colander.Invalid) as exc: schema.deserialize({ 'user': '******', 'password': '******', }) assert 'user' in exc.value.asdict() assert 'Reset code has expired.' in exc.value.asdict()['user']
def test_it_returns_user_when_valid(self, pyramid_csrf_request, user_model): pyramid_csrf_request.registry.password_reset_serializer = ( self.FakeSerializer()) schema = schemas.ResetPasswordSchema().bind( request=pyramid_csrf_request) user = user_model.get_by_username.return_value user.password_updated = 0 appstruct = schema.deserialize({ 'user': '******', 'password': '******', }) assert appstruct['user'] == user
def test_ResetPasswordSchema_user_has_already_reset_their_password(config, user_model): request = csrf_request(config) request.registry.password_reset_serializer = FakeSerializer() schema = schemas.ResetPasswordSchema().bind(request=request) user = user_model.get_by_username.return_value user.password_updated = 2 with pytest.raises(colander.Invalid) as exc: schema.deserialize({ 'user': '******', 'password': '******', }) assert 'user' in exc.value.asdict() assert 'already reset your password' in exc.value.asdict()['user']
def test_it_is_invalid_if_user_has_already_reset_their_password( self, pyramid_csrf_request, user_model): pyramid_csrf_request.registry.password_reset_serializer = ( self.FakeSerializer()) schema = schemas.ResetPasswordSchema().bind( request=pyramid_csrf_request) user = user_model.get_by_username.return_value user.password_updated = 2 with pytest.raises(colander.Invalid) as exc: schema.deserialize({ 'user': '******', 'password': '******', }) assert 'user' in exc.value.asdict() assert 'This reset code has already been used.' in exc.value.asdict()['user']
def reset_password(self): """ Handle submission of the reset password form. This function checks that the activation code (i.e. reset token) provided by the form is valid, retrieves the user associated with the activation code, and resets their password. """ schema = schemas.ResetPasswordSchema().bind(request=self.request) form = deform.Form(schema) code = self.request.matchdict.get('code') if code is None: return httpexceptions.HTTPNotFound() activation = Activation.get_by_code(code) if activation is None: return httpexceptions.HTTPNotFound() user = User.get_by_activation(activation) if user is None: return httpexceptions.HTTPNotFound() if self.request.method != 'POST': return httpexceptions.HTTPMethodNotAllowed() err, appstruct = validate_form(form, self.request.POST.items()) if err is not None: return err user.password = appstruct['password'] self.request.db.delete(activation) self.request.session.flash(_('Your password has been reset!'), 'success') self.request.registry.notify(PasswordResetEvent(self.request, user)) return httpexceptions.HTTPFound(location=self.reset_password_redirect)
def test_ResetPasswordSchema_with_password_too_short(config, user_model): schema = schemas.ResetPasswordSchema().bind(request=csrf_request(config)) with pytest.raises(colander.Invalid) as err: schema.deserialize({"password": "******"}) assert "password" in err.value.asdict()