def test_get_user_with_other_jwt(self): user = User( username='******', password='******', email='*****@*****.**', ) role = Roles({'username': user.username, 'roles': user.is_admin}) save_user(user) save_user(role) me = User( username='******', password='******', email='*****@*****.**', ) role_me = Roles({'username': me.username, 'roles': me.is_admin}) save_user(me) save_user(role_me) with self.client: res_login = self.client.post('/v1/login', headers={ 'Content-Type': 'application/json', 'Accept': 'application/json' }, data=json.dumps({ 'username': '******', 'password': '******' })) data_login = json.loads(res_login.data.decode()) response = self.client.get('/v1/users/{}'.format(user.username), headers={ 'Content-Type': 'application/json', 'Accept': 'application/json', 'Authorization': 'Bearer {}'.format( data_login['access_token']) }) data = json.loads(response.data.decode()) self.assertTrue(data['ok'] == True) self.assertTrue( data['msg'] == 'Accessed to {} page.'.format(user.username)) self.assertTrue(data['is_user'] == False) self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 200)
def test_get_all_users_with_unauthorized_jwt(self): user = User( username='******', password='******', email='*****@*****.**', ) role = Roles({'username': user.username, 'roles': user.is_admin}) admin = User( username='******', password='******', email='*****@*****.**', ) admin_r = Roles({'username': admin.username, 'roles': admin.is_admin}) save_user(user) save_user(role) save_user(admin) save_user(admin_r) with self.client: res_login = self.client.post('/v1/login', headers={ 'Content-Type': 'application/json', 'Accept': 'application/json' }, data=json.dumps({ 'username': '******', 'password': '******' })) data_login = json.loads(res_login.data.decode()) response = self.client.get('/v1/users', headers={ 'Content-Type': 'application/json', 'Accept': 'application/json', 'Authorization': 'Bearer {}'.format( data_login['access_token']) }) data = json.loads(response.data.decode()) self.assertTrue(data['ok'] == False) self.assertTrue(data['msg'] == 'Sorry, page not found.') self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 404)
def test_encode_auth_token(self): user = User(first_name='First Name', last_name='Last Name', email='*****@*****.**', password='******') db.session.add(user) db.session.commit() auth_token = user.encode_auth_token(user.id) self.assertTrue(isinstance(auth_token, bytes))
async def post(self, request): user = User(request.json, strict=True) try: user.validate() except BaseError as ex: raise InvalidUsage(f'Error in data: {ex.to_primitive()}') user = await db_api.add_user(user.to_native()) return json(user, status=201)
async def put(self, request, user_id): user_id = UserById({'user_id': user_id}).user_id user = User(request.json, strict=True) try: user.validate() except BaseError as ex: raise InvalidUsage(f'Error in data: {ex.to_primitive()}') user = db_api.update_user_by_id(user_id, user.to_native()) return json(user, status=200)
def load_data(): # load user table db.session.add( User(username='******', email="*****@*****.**", password="******")) db.session.add( User(username='******', email="*****@*****.**", password="******")) db.session.add( User(username='******', email="*****@*****.**", password="******")) db.session.add( User(username='******', email="*****@*****.**", password="******")) db.session.add( User(username='******', name="Jan", surname="Gargas", email="*****@*****.**", password="******", phone="668-760-600")) db.session.add( User(username='******', name="Kinga", surname="Wierchomska", email="*****@*****.**", password="******", phone="668-760-600")) db.session.add( User(username='******', name="Michał", surname="Kurleto", email="Michał@Kurleto.com", password="******", phone="668-760-600")) db.session.add( User(username='******', name="Mateusz", surname="Mastalerczyk", email="*****@*****.**", password="******", phone="668-760-600")) print("user table loaded") db.session.commit()
def register_user(): try: username = request.get_json()['username'] email = request.get_json()['email'] password = request.get_json()['password'] user = User('user_id', username=username, email=email, password=password) new_user = User.insert_user_data(user) print(new_user) return new_user except Exception as e: logging.error(e) return make_response(jsonify({'message': str(e)}), 500)
def test_update_email_by_user(self): user = User( username='******', password='******', email='*****@*****.**' ) user_r = Roles({ 'username': user.username, 'roles': user.is_admin }) save_user(user) save_user(user_r) with self.client: res_login = self.client.post( '/v1/login', headers={ 'Content-Type': 'application/json', 'Accept': 'application/json' }, data=json.dumps({ 'username': '******', 'password': '******' }) ) data_login = json.loads(res_login.data.decode()) response = self.client.put( f'/v1/users/{user.username}', headers={ 'Content-Type': 'application/json', 'Accept': 'application/json', 'Authorization': 'Bearer {}'.format(data_login['access_token']) }, data=json.dumps({ 'username': '******', 'email': '*****@*****.**' }) ) data = json.loads(response.data.decode()) self.assertTrue(data['ok'] == True) self.assertTrue(data['msg'] == 'Updated successfully') self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 200)
def test_post_non_admin_user_with_admin_role(self): user = User( username='******', password='******', email='*****@*****.**', ) user_r = Roles({'username': user.username, 'roles': 'admin'}) save_user(user) save_user(user_r) with self.client: res_login = self.client.post('/v1/login', headers={ 'Content-Type': 'application/json', 'Accept': 'application/json' }, data=json.dumps({ 'username': '******', 'password': '******' })) data_login = json.loads(res_login.data.decode()) response = self.client.post('/v1/users', headers={ 'Content-Type': 'application/json', 'Accept': 'application/json', 'Authorization': 'Bearer {}'.format( data_login['access_token']) }, data=json.dumps({ 'username': '******', 'password': '******', 'email': '*****@*****.**', })) data = json.loads(response.data.decode()) self.assertTrue(data['ok'] == True) self.assertTrue(data['msg'] == 'Registered successfully') self.assertTrue(response.content_type == 'application/json') self.assertTrue(response.status_code == 201)
def test_login(self): user = User(username='******', password='******', email='*****@*****.**') save_user(user) with self.client: response = self.client.post('/v1/login', data=json.dumps({ 'username': '******', 'password': '******' }), content_type='application/json') data = json.loads(response.data.decode()) self.assertTrue(data['ok'] == True) self.assertTrue(data['msg'] == 'Logged in.') self.assertTrue(data['access_token']) self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 200)
def test_login_with_wrong_pwd(self): user = User(username='******', password='******', email='*****@*****.**') save_user(user) with self.client: response = self.client.post('/v1/login', data=json.dumps({ 'username': '******', 'password': '******' }), content_type='application/json') data = json.loads(response.data.decode()) self.assertTrue(data['ok'] == False) self.assertTrue( data['msg'] == 'Incorrect username or password. Please try again.') self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 400)
def test_login_with_unactive_user(self): user = User(username='******', password='******', email='*****@*****.**') save_user(user) update_user(user_obj=user, data={'is_active': False}) with self.client: response = self.client.post('/v1/login', data=json.dumps({ 'username': '******', 'password': '******' }), content_type='application/json') data = json.loads(response.data.decode()) self.assertTrue(data['ok'] == False) self.assertTrue( data['msg'] == 'User is currently banned! Please recover.') self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 403)
def post(self): """ Allows users to create accounts """ args = self.reqparse.parse_args() new_user = User(args['username'], args['email'], args['password'], args['phone']) if args['username'].strip() == "" or len(args['username'].strip()) < 2: return make_response(jsonify({"message": "invalid, Enter name please"}), 400) if re.compile('[!@#$%^&*:;?><.0-9]').match(args['username']): return make_response(jsonify({"message": "Invalid characters not allowed"} ), 400) if not re.match(r"([\w\.-]+)@([\w\.-]+)(\.[\w\.]+$)", args['email']): return make_response(jsonify({"message": "Enter valid email"}), 400) if args['password'].strip() == "": return make_response(jsonify({"message": "Enter password"}), 400) if len(args['password']) < 5: return make_response(jsonify({"message": "Password is too short, < 5"}), 400) if len(args['phone']) < 10: return make_response(jsonify({"message": "Phone number is too short"}), 400) print(new_user) USERS.append(new_user) for user in USERS: print(user.username) # print(USERS) return make_response(jsonify({ 'message': 'User successfull created with id: ' + new_user.get_id() }), 201)
def test_get_admin_users_with_no_jwt(self): user = User( username='******', password='******', email='*****@*****.**', ) role = Roles({'username': user.username, 'roles': user.is_admin}) save_user(user) save_user(role) with self.client: response = self.client.get('/v1/users/admin', headers={ 'Content-Type': 'application/json', 'Accept': 'application/json', }) data = json.loads(response.data.decode()) self.assertTrue(data['ok'] == False) self.assertTrue(data['msg'] == 'Sorry, page not found.') self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 404)
def test_register_with_duplicated_email(self): user = User(username='******', password='******', email='*****@*****.**') save_user(user) with self.client: response = self.client.post('/v1/register', data=json.dumps({ 'username': '******', 'password': '******', 'email': '*****@*****.**' }), content_type='application/json') data = json.loads(response.data.decode()) self.assertTrue(data['ok'] == False) self.assertTrue(data['msg'] == 'User has existed already') self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 400)
def post(self): print("HEREEEEEEEEEEEEEEEEEEE") # DOESN'T PRINT. WHY? # get the post data post_data = request.get_json() # check if user already exists user = User.query.filter_by(email=post_data.get('email')).first() if not user: try: user = User( first_name=post_data.get('first_name'), last_name=post_data.get('last_name'), email=post_data.get('email'), password=post_data.get('password') ) # insert the user db.session.add(user) db.session.commit() # generate the auth token auth_token = user.encode_auth_token(user.id) responseObject = { 'status': 'success', 'message': 'Successfully registered.', 'auth_token': auth_token.decode() } return make_response(jsonify(responseObject)), 201 except Exception as e: responseObject = { 'status': 'fail', 'message': 'Some error occurred. Please try again.' } return make_response(jsonify(responseObject)), 401 else: responseObject = { 'status': 'fail', 'message': 'User already exists. Please Log in.', } return make_response(jsonify(responseObject)), 202
def add_user(username, email, password): user = User(username=username, email=email, password=password) db.session.add(user) db.session.commit() return user
def test_update_invalid_fields_by_admin(self): admin = User( username='******', password='******', email='*****@*****.**' ) admin_r = Roles({ 'username': admin.username, 'roles': admin.is_admin }) save_user(admin) save_user(admin_r) with self.client: res_login = self.client.post( '/v1/login', headers={ 'Content-Type': 'application/json', 'Accept': 'application/json' }, data=json.dumps({ 'username': '******', 'password': '******' }) ) data_login = json.loads(res_login.data.decode()) res_test = self.client.post( '/v1/users', headers={ 'Content-Type': 'application/json', 'Accept': 'application/json', 'Authorization': 'Bearer {}'.format(data_login['access_token']) }, data=json.dumps({ 'username': '******', 'password': '******', 'email': '*****@*****.**' }) ) data_test = json.loads(res_test.data.decode()) response = self.client.put( '/v1/users/test', headers={ 'Content-Type': 'application/json', 'Accept': 'application/json', 'Authorization': 'Bearer {}'.format(data_login['access_token']) }, data=json.dumps({ 'username': '******', 'email': '*****@*****.**', 'is_admin': True }) ) data = json.loads(response.data.decode()) self.assertTrue(data['ok'] == False) self.assertTrue(data['msg']) self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 400)
def test_if_user_class_exists(self): user = User(1, "dian", "*****@*****.**", "Cohort11") self.assertTrue(user)