Exemple #1
0
    def post(self):
        old_pass = self.get_argument("old_pass")
        new_pass = self.get_argument("new_pass")

        if self.current_user.password != User.get_hash_for(self.current_user.salt, old_pass):
            self.send_error(status_code=403)
        else:
            self.current_user.salt = None
            self.current_user.password = new_pass
            self.current_user.save()
            self.finish()
Exemple #2
0
    def post(self):
        old_pass = self.get_argument("old_pass")
        new_pass = self.get_argument("new_pass")

        if self.current_user.password != User.get_hash_for(
                self.current_user.salt, old_pass):
            self.send_error(status_code=403)
        else:
            self.current_user.salt = None
            self.current_user.password = new_pass
            self.current_user.save()
            self.finish()
Exemple #3
0
    def test_change_user_password_fails_with_wrong_password(self):
        old_pass = "******"
        old_pass_hash = self.user.password
        old_salt = self.user.salt
        new_pass = "******"
        kwargs = {"old_pass": old_pass, "new_pass": new_pass}

        response = self.post("/user/change-pass/", **kwargs)
        expect(response.code).to_equal(403)
        the_user = User.objects.filter(token=self.user.token).first()
        pass_hash = User.get_hash_for(the_user.salt, new_pass)

        expect(str(the_user.salt)).to_equal(str(old_salt))
        expect(the_user.password).to_equal(old_pass_hash)
Exemple #4
0
    def test_change_user_password_works_with_correct_password(self):
        old_pass = "******"
        old_salt = self.user.salt
        new_pass = "******"
        kwargs = {"old_pass": old_pass, "new_pass": new_pass}

        response = self.post("/user/change-pass/", **kwargs)
        expect(response.code).to_equal(200)
        the_user = User.objects.filter(token=self.user.token).first()

        new_hash = User.get_hash_for(the_user.salt, new_pass)
        expect(the_user.password).to_equal(new_hash)

        expect(old_salt).not_to_equal(the_user.salt)
        expect(old_pass).not_to_equal(the_user.password)
Exemple #5
0
    def test_change_user_password_fails_with_wrong_password(self):
        old_pass = "******"
        old_pass_hash = self.user.password
        old_salt = self.user.salt
        new_pass = "******"
        kwargs = {
            "old_pass": old_pass,
            "new_pass": new_pass
        }

        response = self.post("/user/change-pass/", **kwargs)
        expect(response.code).to_equal(403)
        the_user = User.objects.filter(token=self.user.token).first()
        pass_hash = User.get_hash_for(the_user.salt, new_pass)

        expect(str(the_user.salt)).to_equal(str(old_salt))
        expect(the_user.password).to_equal(old_pass_hash)
Exemple #6
0
    def test_change_user_password_works_with_correct_password(self):
        old_pass = "******"
        old_salt = self.user.salt
        new_pass = "******"
        kwargs = {
            "old_pass": old_pass,
            "new_pass": new_pass
        }

        response = self.post("/user/change-pass/", **kwargs)
        expect(response.code).to_equal(200)
        the_user = User.objects.filter(token=self.user.token).first()

        new_hash = User.get_hash_for(the_user.salt, new_pass)
        expect(the_user.password).to_equal(new_hash)

        expect(old_salt).not_to_equal(the_user.salt)
        expect(old_pass).not_to_equal(the_user.password)