def test_creating_user(test_ctx, fake_datetime): with fake_datetime('1969-02-12'): result = test_ctx.api.post( test_ctx.context_factory( input={ 'name': 'chewie1', 'email': '*****@*****.**', 'password': '******', }, user=test_ctx.user_factory(rank='regular_user'))) assert result == { 'user': { 'avatarStyle': 'gravatar', 'avatarUrl': 'http://gravatar.com/avatar/' + '6f370c8c7109534c3d5c394123a477d7?d=retro&s=200', 'creationTime': datetime.datetime(1969, 2, 12), 'lastLoginTime': None, 'name': 'chewie1', 'rank': 'admin', 'rankName': 'Unknown', } } user = get_user('chewie1') assert user.name == 'chewie1' assert user.email == '*****@*****.**' assert user.rank == 'admin' assert auth.is_valid_password(user, 'oks') is True assert auth.is_valid_password(user, 'invalid') is False
def test_creating_user(test_ctx, fake_datetime): with fake_datetime('1969-02-12'): result = test_ctx.api.post( test_ctx.context_factory( input={ 'name': 'chewie1', 'email': '*****@*****.**', 'password': '******', }, user=test_ctx.user_factory(rank=db.User.RANK_REGULAR))) assert result == { 'user': { 'avatarStyle': 'gravatar', 'avatarUrl': 'http://gravatar.com/avatar/' + '6f370c8c7109534c3d5c394123a477d7?d=retro&s=200', 'creationTime': datetime.datetime(1969, 2, 12), 'lastLoginTime': None, 'name': 'chewie1', 'rank': 'administrator', 'email': '*****@*****.**', } } user = users.get_user_by_name('chewie1') assert user.name == 'chewie1' assert user.email == '*****@*****.**' assert user.rank == db.User.RANK_ADMINISTRATOR assert auth.is_valid_password(user, 'oks') is True assert auth.is_valid_password(user, 'invalid') is False
def test_updating_user(test_ctx): user = test_ctx.user_factory(name='u1', rank=db.User.RANK_ADMINISTRATOR) db.session.add(user) result = test_ctx.api.put( test_ctx.context_factory(input={ 'name': 'chewie', 'email': '*****@*****.**', 'password': '******', 'rank': 'moderator', 'avatarStyle': 'gravatar', }, user=user), 'u1') assert result == { 'user': { 'avatarStyle': 'gravatar', 'avatarUrl': 'http://gravatar.com/avatar/' + '6f370c8c7109534c3d5c394123a477d7?d=retro&s=200', 'creationTime': datetime.datetime(1997, 1, 1), 'lastLoginTime': None, 'email': '*****@*****.**', 'name': 'chewie', 'rank': 'moderator', } } user = users.get_user_by_name('chewie') assert user.name == 'chewie' assert user.email == '*****@*****.**' assert user.rank == db.User.RANK_MODERATOR assert user.avatar_style == user.AVATAR_GRAVATAR assert auth.is_valid_password(user, 'oks') is True assert auth.is_valid_password(user, 'invalid') is False
def test_updating_user(test_ctx): user = test_ctx.user_factory(name='u1', rank=db.User.RANK_ADMINISTRATOR) db.session.add(user) result = test_ctx.api.put( test_ctx.context_factory( input={ 'name': 'chewie', 'email': '*****@*****.**', 'password': '******', 'rank': 'moderator', 'avatarStyle': 'gravatar', }, user=user), 'u1') assert result == { 'user': { 'avatarStyle': 'gravatar', 'avatarUrl': 'http://gravatar.com/avatar/' + '6f370c8c7109534c3d5c394123a477d7?d=retro&s=200', 'creationTime': datetime.datetime(1997, 1, 1), 'lastLoginTime': None, 'email': '*****@*****.**', 'name': 'chewie', 'rank': 'moderator', } } user = users.get_user_by_name('chewie') assert user.name == 'chewie' assert user.email == '*****@*****.**' assert user.rank == db.User.RANK_MODERATOR assert user.avatar_style == user.AVATAR_GRAVATAR assert auth.is_valid_password(user, 'oks') is True assert auth.is_valid_password(user, 'invalid') is False
def _authenticate(self, username, password): ''' Try to authenticate user. Throw AuthError for invalid users. ''' user = users.get_user_by_name(username) if not user: raise errors.AuthError('No such user.') if not auth.is_valid_password(user, password): raise errors.AuthError('Invalid password.') return user
def test_is_valid_password_auto_upgrades_user_password_hash(user_factory): salt, password = ('testSalt', 'pass') hash, revision = auth.get_sha256_legacy_password_hash(salt, password) user = user_factory(password_salt=salt, password_hash=hash) result = auth.is_valid_password(user, password) assert result is True assert user.password_hash != hash assert user.password_revision > revision
def test_confirming_with_good_token( password_reset_api, context_factory, user_factory): user = user_factory( name='u1', rank='regular_user', email='*****@*****.**') old_hash = user.password_hash db.session.add(user) context = context_factory( input={'token': '4ac0be176fb364f13ee6b634c43220e2'}) result = password_reset_api.post(context, 'u1') assert user.password_hash != old_hash assert auth.is_valid_password(user, result['password']) is True
def test_confirming_with_good_token( password_reset_api, context_factory, user_factory): user = user_factory( name='u1', rank=db.User.RANK_REGULAR, email='*****@*****.**') old_hash = user.password_hash db.session.add(user) context = context_factory( input={'token': '4ac0be176fb364f13ee6b634c43220e2'}) result = password_reset_api.post(context, 'u1') assert user.password_hash != old_hash assert auth.is_valid_password(user, result['password']) is True
def test_confirming_with_good_token(context_factory, user_factory): user = user_factory( name='u1', rank=db.User.RANK_REGULAR, email='*****@*****.**') old_hash = user.password_hash db.session.add(user) db.session.flush() context = context_factory( params={'token': '4ac0be176fb364f13ee6b634c43220e2'}) result = api.password_reset_api.finish_password_reset( context, {'user_name': 'u1'}) assert user.password_hash != old_hash assert auth.is_valid_password(user, result['password']) is True
def test_confirming_with_good_token(context_factory, user_factory): user = user_factory( name='u1', rank=model.User.RANK_REGULAR, email='*****@*****.**') old_hash = user.password_hash db.session.add(user) db.session.flush() context = context_factory( params={'token': '4ac0be176fb364f13ee6b634c43220e2'}) result = api.password_reset_api.finish_password_reset( context, {'user_name': 'u1'}) assert user.password_hash != old_hash assert auth.is_valid_password(user, result['password']) is True
def test_confirming_with_good_token(context_factory, user_factory): user = user_factory(name="u1", rank=model.User.RANK_REGULAR, email="*****@*****.**") old_hash = user.password_hash db.session.add(user) db.session.flush() context = context_factory( params={"token": "4ac0be176fb364f13ee6b634c43220e2"}) result = api.password_reset_api.finish_password_reset( context, {"user_name": "u1"}) assert user.password_hash != old_hash assert auth.is_valid_password(user, result["password"]) is True
def _authenticate(username: str, password: str) -> model.User: ''' Try to authenticate user. Throw AuthError for invalid users. ''' user = users.get_user_by_name(username) if not auth.is_valid_password(user, password): raise errors.AuthError('Invalid password.') return user
def _authenticate_basic_auth(username: str, password: str) -> model.User: ''' Try to authenticate user. Throw AuthError for invalid users. ''' user = users.get_user_by_name(username) if not auth.is_valid_password(user, password): raise errors.AuthError('Invalid password.') return user
def _authenticate_basic_auth(username: str, password: str) -> model.User: """ Try to authenticate user. Throw AuthError for invalid users. """ user = users.get_user_by_name(username) if not auth.is_valid_password(user, password): raise errors.AuthError("Invalid password.") return user