def test_forcing_password_reset_with_mismatched_pw_fails():
user_id = db_utils.create_user()
password = '******'
form = Bag(password=password, passcheck='1234567890987')
with pytest.raises(WeasylError) as err:
resetpassword.force(user_id, form)
assert 'passwordMismatch' == err.value.value
def test_forcing_password_reset_with_mismatched_pw_fails():
user_id = db_utils.create_user()
password = '******'
form = Bag(password=password, passcheck='1234567890987')
with pytest.raises(WeasylError) as err:
resetpassword.force(user_id, form)
assert 'passwordMismatch' == err.value.value
def test_forcing_password_reset_with_too_short_length_fails():
# Anything under len(login._PASSWORD) characters triggers this case
user_id = db_utils.create_user()
password = '******'
form = Bag(password=password, passcheck=password)
with pytest.raises(WeasylError) as err:
resetpassword.force(user_id, form)
assert 'passwordInsecure' == err.value.value
def test_verify_success_if_correct_information_provided():
user_name = 'test'
user_id = db_utils.create_user(password='******', username=user_name)
password = '******'
form = Bag(password=password, passcheck=password)
resetpassword.force(user_id, form)
result = login.authenticate_bcrypt(username=user_name, password=password, session=False)
assert result == (user_id, None)
def test_forcing_password_reset_with_too_short_length_fails():
# Anything under len(login._PASSWORD) characters triggers this case
user_id = db_utils.create_user()
password = '******'
form = Bag(password=password, passcheck=password)
with pytest.raises(WeasylError) as err:
resetpassword.force(user_id, form)
assert 'passwordInsecure' == err.value.value
def POST(self):
if define.common_status_check(self.user_id) != "resetpassword":
return define.errorpage(self.user_id, errorcode.permission)
form = web.input(password="", passcheck="")
resetpassword.force(self.user_id, form)
raise web.seeother("/index")
def force_resetpassword_(request):
if define.common_status_check(request.userid) != "resetpassword":
return Response(define.errorpage(request.userid, errorcode.permission))
form = request.web_input(password="", passcheck="")
resetpassword.force(request.userid, form)
raise HTTPSeeOther(location="/", headers=request.response.headers)
def POST(self):
if define.common_status_check(self.user_id) != "resetpassword":
return define.errorpage(self.user_id, errorcode.permission)
form = web.input(password="", passcheck="")
resetpassword.force(self.user_id, form)
raise web.seeother("/index")
def force_resetpassword_(request):
if define.common_status_check(request.userid) != "resetpassword":
return Response(define.errorpage(request.userid, errorcode.permission))
form = request.web_input(password="", passcheck="")
resetpassword.force(request.userid, form)
raise HTTPSeeOther(location="/", headers=request.response.headers)
def test_verify_success_if_correct_information_provided():
user_name = 'test'
user_id = db_utils.create_user(password='******', username=user_name)
password = '******'
form = Bag(password=password, passcheck=password)
resetpassword.force(user_id, form)
result = login.authenticate_bcrypt(username=user_name, password=password, request=None)
assert result == (user_id, None)
def force_resetpassword_(request):
if define.common_status_check(request.userid) != "resetpassword":
return Response(define.errorpage(request.userid, errorcode.permission))
form = request.web_input(password="", passcheck="")
resetpassword.force(request.userid, form)
# Invalidate all other user sessions for this user.
profile.invalidate_other_sessions(request.userid)
raise HTTPSeeOther(location="/", headers=request.response.headers)
def force_resetpassword_(request):
if define.common_status_check(request.userid) != "resetpassword":
return Response(define.errorpage(request.userid, errorcode.permission))
form = request.web_input(password="", passcheck="")
resetpassword.force(request.userid, form)
# Invalidate all other user sessions for this user.
profile.invalidate_other_sessions(request.userid)
raise HTTPSeeOther(location="/", headers=request.response.headers)
def force_resetpassword_(request):
if define.common_status_check(request.userid) != "resetpassword":
raise WeasylError('InsufficientPermissions')
form = request.web_input(password="", passcheck="")
resetpassword.force(request.userid, form)
# Invalidate all other user sessions for this user.
profile.invalidate_other_sessions(request.userid)
raise HTTPSeeOther(location="/", headers=request.response.headers)
