Exemple #1
0
def login():
    form = LoginForm(next=request.args.get('next'))

    if form.validate_on_submit():

        u = User.find_by_identity(request.form.get('identity'))

        if u and u.authenticated(password=request.form.get('password')):
            # As you can see remember me is always enabled, this was a design
            # decision I made because more often than not users want this
            # enabled. This allows for a less complicated login form.
            #
            # If however you want them to be able to select whether or not they
            # should remain logged in then perform the following 3 steps:
            # 1) Replace 'True' below with: request.form.get('remember', False)
            # 2) Uncomment the 'remember' field in user/forms.py#LoginForm
            # 3) Add a checkbox to the login form with the id/name 'remember'
            if login_user(u, remember=request.form.get(
                    'remember', False)) and u.is_active():
                u.update_activity_tracking(request.remote_addr)

                # Handle optionally redirecting to the next URL safely.
                next_url = request.form.get('next')
                if next_url:
                    return redirect(safe_next_url(next_url))
                if u.role == 'member':
                    return redirect(url_for('user.view'))
                else:
                    return redirect(url_for('admin.users'))
            else:
                flash('This account has been disabled.', 'error')
        else:
            flash('Identity or password is incorrect.', 'error')

    return render_template('user/login.html', form=form)
Exemple #2
0
    def test_begin_update_credentials_email_change(self):
        """ Update credentials but only the e-mail address. """
        self.login()

        user = {'current_password': '******', 'email': '*****@*****.**'}
        response = self.client.post(url_for('user.update_credentials'),
                                    data=user,
                                    follow_redirects=True)

        assert_status_with_message(200, response,
                                   'Your sign in settings have been updated.')

        old_user = User.find_by_identity('*****@*****.**')
        assert old_user is None

        new_user = User.find_by_identity('*****@*****.**')
        assert new_user is not None
Exemple #3
0
    def test_deliver_password_reset_email(self, token):
        """ Deliver a password reset email. """
        with mail.record_messages() as outbox:
            user = User.find_by_identity('*****@*****.**')
            deliver_password_reset_email(user.id, token)

            assert len(outbox) == 1
            assert token in outbox[0].body
Exemple #4
0
    def test_login_activity(self, users):
        """ Login successfully and update the activity stats. """
        user = User.find_by_identity('*****@*****.**')
        old_sign_in_count = user.sign_in_count

        response = self.login()

        new_sign_in_count = user.sign_in_count

        assert response.status_code == 200
        assert (old_sign_in_count + 1) == new_sign_in_count
Exemple #5
0
    def test_password_reset(self, users, token):
        """ Reset successful. """
        reset = {'password': '******', 'reset_token': token}
        response = self.client.post(url_for('user.password_reset'),
                                    data=reset,
                                    follow_redirects=True)

        assert_status_with_message(200, response,
                                   'Your password has been reset.')

        admin = User.find_by_identity('*****@*****.**')
        assert admin.password != 'newpassword'
Exemple #6
0
def input():
    form = BudgetForm()
    from track.blueprints.user.models import User

    if form.validate_on_submit():
        budget_year = request.form.get('budget_year')
        username = request.form.get('username')
        input_type = request.form.get('input_type')
        acct_num = request.form.get('acct_num')
        amount = request.form.get('amount')
        description = request.form.get('description')

        u = User.find_by_identity(username)

        if input_type == 'allocated':
            a = amount,
            e = 0.0,
            i = 0.0
            u.update_allocated_total(amount)
        if input_type == 'expenses':
            e = amount,
            a = 0.0,
            i = 0.0
            u.update_expenses_total(amount)
        if input_type == 'income':
            i = amount,
            a = 0.0,
            e = 0.0
            u.update_income_total(amount)

        params = {
            'user_id': username,
            'budget_year': budget_year,
            'input_type': input_type,
            'acct_num': acct_num,
            'description': description,
            'allocated_amount': a,
            'expenses_amount': e,
            'income_amount': i
        }

        b = Budget(**params)

        if None in params:
            flash('Area missing.', 'error')
        else:
            b.save()
            flash('Your budget has been saved.', 'success')
            return redirect(url_for('admin.users'))

    return render_template('budget/input.html', form=form)
Exemple #7
0
    def test_welcome_with_existing_username(self, users):
        """ Create username failure due to username already existing. """
        self.login()

        u = User.find_by_identity('*****@*****.**')
        u.username = '******'
        u.save()

        user = {'username': '******'}
        response = self.client.post(url_for('user.welcome'),
                                    data=user,
                                    follow_redirects=True)

        assert_status_with_message(200, response,
                                   'You already picked a username.')
Exemple #8
0
def seed():
    """
    Seed the database with an initial user.

    :return: User instance
    """
    if User.find_by_identity(app.config['SEED_ADMIN_EMAIL']) is not None:
        return None

    params = {
        'role': 'admin',
        'email': app.config['SEED_ADMIN_EMAIL'],
        'password': app.config['SEED_ADMIN_PASSWORD']
    }

    return User(**params).save()
Exemple #9
0
    def test_signup(self, users):
        """ Signup successfully. """
        old_user_count = User.query.count()

        user = {'email': '*****@*****.**', 'password': '******'}
        response = self.client.post(url_for('user.signup'),
                                    data=user,
                                    follow_redirects=True)

        assert_status_with_message(200, response,
                                   'Awesome, thanks for signing up!')

        new_user_count = User.query.count()
        assert (old_user_count + 1) == new_user_count

        new_user = User.find_by_identity('*****@*****.**')
        assert new_user.password != 'password'