def test_activate_ok(self):
with self.client:
add_user('existing', '*****@*****.**', 'existingexisting', active=False)
add_user('test', '*****@*****.**', 'testtest', cbl_member=True)
token = encode_url_token('invite', '*****@*****.**')
url = 'auth/activate?id={}'.format(token)
response = self.client.post(
url,
data=json.dumps(dict(
email='*****@*****.**',
username='******',
password='******'
)),
content_type='application/json'
)
data = json.loads(response.data.decode())
self.assertTrue(data['msg'] == 'Account activated')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 200)
access_csrf, refresh_csrf, access_token = login_user(self.client, '*****@*****.**', 'testtest')
response = self.client.post('/sanity/protected', headers={'X-CSRF-TOKEN': access_csrf})
data = json.loads(response.data.decode())
self.assertTrue(data['msg'] == 'success')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 200)
def test_activate_duplicate_username(self):
with self.client:
add_user('existing', '*****@*****.**', 'existingexisting', active=False)
add_user('test', '*****@*****.**', 'testtest', cbl_member=True)
token = encode_url_token('invite', '*****@*****.**')
url = 'auth/activate?id={}'.format(token)
response = self.client.post(
url,
data=json.dumps(dict(
email='*****@*****.**',
username='******',
password='******'
)),
content_type='application/json'
)
data = json.loads(response.data.decode())
self.assertTrue(data['msg'] == 'Username already in use')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 400)
def test_reset_password_change(self):
with self.client:
user = add_user('test', '*****@*****.**', 'testtest')
token = encode_url_token('password', user.email)
url = 'auth/resetpassword?id={}'.format(token)
response = self.client.post(
url,
data=json.dumps(dict(
email='*****@*****.**',
password='******'
)),
content_type='application/json'
)
data = json.loads(response.data.decode())
self.assertTrue(data['msg'] == 'Password changed successfully')
response = self.client.post(
'/auth/login',
data=json.dumps(dict(
email='*****@*****.**',
password='******'
)),
content_type='application/json'
)
data = json.loads(response.data.decode())
self.assertTrue(data['login'])
def create_invite():
data = request.get_json()
email = data.get('email', None)
name = data.get('name', None)
message = data.get('message', None)
suppress_email = data.get('suppress_email', None)
if not email or not name:
return jsonify({'msg': 'Invalid Data'}), 400
token = encode_url_token('invite', email)
active, disabled = register_invite(invited_by=current_user.id, email=email)
if disabled:
return jsonify({'msg': 'User banned!'}), 403
if active:
return jsonify({'msg': 'User already exists'}), 409
if not suppress_email:
send_invite(invited_by_username=current_user.username,
invited_by_email=current_user.email,
email=email,
name=name,
message=message if message else '',
token=token)
return jsonify({'msg': 'Invite sent'}), 200
def test_reset_password_get(self):
with self.client:
user = add_user('test', '*****@*****.**', 'testtest')
token = encode_url_token('password', user.email)
url = 'auth/resetpassword?id={}'.format(token)
response = self.client.get(url)
data = json.loads(response.data.decode())
self.assertTrue(data['token'] == token)
def forgot_password():
data = request.get_json()
email = data.get('email', None)
if not email:
return jsonify({'msg': 'Invalid Data'}), 400
user = get_active_by_email(email)
if user:
token = encode_url_token('password', email)
send_password_reset(email, user.username, token)
return jsonify({
'msg':
'If it was recognised, an email was sent to the address provided'
}), 200
def test_reset_password_email_mismatch(self):
with self.client:
user = add_user('test', '*****@*****.**', 'testtest')
token = encode_url_token('password', user.email)
url = 'auth/resetpassword?id={}'.format(token)
response = self.client.post(
url,
data=json.dumps(dict(
email='*****@*****.**',
password='******'
)),
content_type='application/json'
)
data = json.loads(response.data.decode())
self.assertTrue(data['msg'] == 'email mismatch')