def test_password(self): login = '******' passwd = 'test_password' ucontr = UserController() user = ucontr.create(login=login, password=passwd) self.assertNotEqual(passwd, user.password) self.assertEqual(user, ucontr.check_password(login, passwd)) self.assertIsNone(ucontr.check_password(login, passwd * 2)) passwd *= 2 ucontr.update({'id': user.id}, {'password': passwd}) user = ucontr.get(id=user.id) self.assertNotEqual(passwd, user.password) self.assertEqual(user, ucontr.check_password(login, passwd)) self.assertIsNone(ucontr.check_password(login, passwd * 2))
def process_ids(cls, social_id, username, email): # pragma: no cover labels = {"method": "get", "uri": "/oauth/callback/" + cls.provider} if social_id is None: SERVER.labels(result="4XX", **labels).inc() raise UnprocessableEntity('No social id, authentication failed') ucontr = UserController() try: user = ucontr.get(**{'%s_identity' % cls.provider: social_id}) except NotFound: user = None if not user and not conf.oauth.allow_signup: SERVER.labels(result="4XX", **labels).inc() raise BadRequest('Account creation is not allowed through OAuth.') if not user: if username and not ucontr.read(login=username).count(): login = username else: login = '******' % (cls.provider, username or social_id) user = ucontr.create( **{ '%s_identity' % cls.provider: social_id, 'login': login, 'email': email }) ucontr.update({"id": user.id}, { "last_connection": utc_now(), "renew_password_token": "" }) jwt_ext = current_app.extensions['jwt'] access_token = jwt_ext.jwt_encode_callback(user).decode('utf8') SERVER.labels(result="2XX", **labels).inc() return { "access_token": "%s %s" % (conf.auth.jwt_header_prefix, access_token) }, 200