def test_user_provider_id(db_with_user):
user = db_with_user.query(User).filter(User.email == text_type('*****@*****.**')).one()
# Provider does not exists yet
assert not user.provider_id('email')
provider = AuthenticationProvider()
provider.provider = text_type('email')
provider.provider_id = user.email
user.providers.append(provider)
db_with_user.commit()
user = db_with_user.query(User).filter(User.email == text_type('*****@*****.**')).one()
# Provider does not exists yet
assert user.provider_id('email')
def test_user_provider_id(db_session, user):
"""User provider_id returns proper provider identification."""
user = db_session.merge(user)
email = user.email
# Provider does not exists yet
assert not user.provider_id("email")
provider = AuthenticationProvider()
provider.provider = "email"
provider.provider_id = email
user.providers.append(provider)
transaction.commit()
user = db_session.query(User).filter(User.email == email).one()
# Provider exists
assert user.provider_id("email") == email
def facebook_user(active_user, db_session):
"""Facebook user."""
active_user = db_session.merge(active_user)
active_user.providers.append(
AuthenticationProvider(provider='facebook', provider_id='1234'))
transaction.commit()
return db_session.merge(active_user)
def set_provider(self, user, provider_name, user_provider_id):
"""
Set authentication provider on user.
This method will connect given provider with given user,
unless provider_id has already been used on another user.
:param pyramid_fullauth.user.User user: user object
:param str provider_name: provider name
:param str user_provider_id: user id delivered by given provider
:returns: whether user got/was connected or the connection was made with another user.
:rtype: bool
"""
if user.id:
try:
provider_auth = pyramid_basemodel.Session.query(
AuthenticationProvider).filter(
AuthenticationProvider.user_id == user.id,
AuthenticationProvider.provider ==
provider_name).one()
if provider_auth.provider_id != user_provider_id:
return False
return True
except NoResultFound:
pass
provider_auth = AuthenticationProvider(provider=provider_name,
provider_id=user_provider_id)
user.providers.append(provider_auth)
pyramid_basemodel.Session.flush()
return True
def test_user_provider_id(db_session, user):
"""User provider_id returns proper provider identification."""
user = db_session.merge(user)
email = user.email
# Provider does not exists yet
assert not user.provider_id('email')
provider = AuthenticationProvider()
provider.provider = text_type('email')
provider.provider_id = email
user.providers.append(provider)
transaction.commit()
user = db_session.query(User).filter(User.email == email).one()
# Provider exists
assert user.provider_id('email') == email
def set_provider(user, provider_name, user_provider_id):
'''
Method sets the provider authentication method for user.
'''
if user.id:
try:
provider_auth = Session.query(
AuthenticationProvider).filter(AuthenticationProvider.user_id == user.id,
AuthenticationProvider.provider == provider_name).one()
if provider_auth.provider_id != user_provider_id:
return False
return True
except NoResultFound:
pass
provider_auth = AuthenticationProvider()
provider_auth.provider = provider_name
provider_auth.provider_id = user_provider_id
user.providers.append(provider_auth)
return True
def _fillin_user(self, response, user):
"""
Fill new user object in, with sent data.
:param dict response: response to return from register view
:param pyramid_fullauth.models.User user: new user object
:returns: response
:rtype: dict
"""
email = self.request.POST.get('email', text_type(''))
# here if e-mail is already in database
if pyramid_basemodel.Session.query(User).filter(
User.email == email).count() != 0:
response['errors']['email'] = self.request._(
'User with given e-mail already exists!',
domain='pyramid_fullauth')
try:
try:
user.email = email
except ValidateError as e:
# do not overwrite existing error
if 'email' not in response['errors']:
response['errors']['email'] = text_type(e)
if self.config.register.password.require:
try:
tools.validate_passsword(
self.request,
self.request.POST.get('password', text_type('')), user)
except ValidateError as e:
response['errors']['password'] = text_type(e)
else:
user.password = tools.password_generator(
self.config.register.password.length_min)
self.request.registry.notify(
BeforeRegister(self.request, user, response['errors']))
if not response['errors']:
pyramid_basemodel.Session.add(user)
pyramid_basemodel.Session.flush()
# lets add AuthenticationProvider as email!
user.providers.append(
AuthenticationProvider(provider=text_type('email'),
provider_id=user.id))
else:
return response
except AttributeError as e:
response['errors']['msg'] = text_type(e)
return response
def post(self):
"""Validate and possibly accept new email."""
user = self.request.matchdict.get("user")
password = self.request.POST.get("password", None)
password_confirm = self.request.POST.get("confirm_password", None)
if password == password_confirm:
try:
self.request.registry.notify(BeforeReset(self.request, user))
validate_passsword(self.request, password, user)
user.reset_key = None
try:
pyramid_basemodel.Session.query(
AuthenticationProvider).filter(
AuthenticationProvider.user_id == user.id,
AuthenticationProvider.provider == "email",
).one()
except NoResultFound:
user.providers.append(
AuthenticationProvider(provider="email",
provider_id=user.id))
pyramid_basemodel.Session.flush()
except (ValidateError, AttributeError) as ex:
return {
"status": False,
"msg": str(ex),
"csrf_token": self.request.session.get_csrf_token(),
}
try:
self.request.registry.notify(AfterReset(self.request, user))
except HTTPRedirection as redirect:
return redirect
else:
return {
"status":
False,
"msg":
self.request._(
"password-mismatch",
default="Password doesn't match",
domain="pyramid_fullauth",
),
"csrf_token":
self.request.session.get_csrf_token(),
}
return self.get()
def post(self):
"""Validate and possibly accept new email."""
user = self.request.matchdict.get('user')
password = self.request.POST.get('password', None)
password_confirm = self.request.POST.get('confirm_password', None)
if password == password_confirm:
try:
self.request.registry.notify(BeforeReset(self.request, user))
validate_passsword(self.request, password, user)
user.reset_key = None
try:
pyramid_basemodel.Session.query(
AuthenticationProvider).filter(
AuthenticationProvider.user_id == user.id,
AuthenticationProvider.provider == text_type(
'email')).one()
except NoResultFound:
user.providers.append(
AuthenticationProvider(provider=text_type('email'),
provider_id=user.id))
pyramid_basemodel.Session.flush()
except (ValidateError, AttributeError) as e:
return {
'status': False,
'msg': text_type(e),
'csrf_token': self.request.session.get_csrf_token()
}
try:
self.request.registry.notify(AfterReset(self.request, user))
except HTTPRedirection as redirect:
return redirect
else:
return {
'status':
False,
'msg':
self.request._('password-mismatch',
default='Password doesn\'t match',
domain='pyramid_fullauth'),
'csrf_token':
self.request.session.get_csrf_token()
}
return self.get()
def _fillin_user(self, response, user):
"""
Fill new user object in, with sent data.
:param dict response: response to return from register view
:param pyramid_fullauth.models.User user: new user object
:returns: response
:rtype: dict
"""
email = self.request.POST.get('email', text_type(''))
password = self.request.POST.get('password', text_type(''))
# here if e-mail is already in database
email_error = self._set_email(email, user)
if email_error:
response['errors']['email'] = email_error
password_error = self._set_password(password, user)
if password_error:
response['errors']['password'] = password_error
try:
self.request.registry.notify(
BeforeRegister(self.request, user, response['errors']))
if not response['errors']:
pyramid_basemodel.Session.add(user)
pyramid_basemodel.Session.flush()
# lets add AuthenticationProvider as email!
user.providers.append(
AuthenticationProvider(provider=text_type('email'),
provider_id=user.id))
else:
return response
except AttributeError as e:
response['errors']['msg'] = text_type(e)
return response
