def test_get_user_with_other_jwt(self):
user = User(
username='******',
password='******',
email='*****@*****.**',
)
role = Roles({'username': user.username, 'roles': user.is_admin})
save_user(user)
save_user(role)
me = User(
username='******',
password='******',
email='*****@*****.**',
)
role_me = Roles({'username': me.username, 'roles': me.is_admin})
save_user(me)
save_user(role_me)
with self.client:
res_login = self.client.post('/v1/login',
headers={
'Content-Type':
'application/json',
'Accept': 'application/json'
},
data=json.dumps({
'username': '******',
'password': '******'
}))
data_login = json.loads(res_login.data.decode())
response = self.client.get('/v1/users/{}'.format(user.username),
headers={
'Content-Type':
'application/json',
'Accept':
'application/json',
'Authorization':
'Bearer {}'.format(
data_login['access_token'])
})
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == True)
self.assertTrue(
data['msg'] == 'Accessed to {} page.'.format(user.username))
self.assertTrue(data['is_user'] == False)
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 200)
def test_get_all_users_with_unauthorized_jwt(self):
user = User(
username='******',
password='******',
email='*****@*****.**',
)
role = Roles({'username': user.username, 'roles': user.is_admin})
admin = User(
username='******',
password='******',
email='*****@*****.**',
)
admin_r = Roles({'username': admin.username, 'roles': admin.is_admin})
save_user(user)
save_user(role)
save_user(admin)
save_user(admin_r)
with self.client:
res_login = self.client.post('/v1/login',
headers={
'Content-Type':
'application/json',
'Accept': 'application/json'
},
data=json.dumps({
'username': '******',
'password': '******'
}))
data_login = json.loads(res_login.data.decode())
response = self.client.get('/v1/users',
headers={
'Content-Type':
'application/json',
'Accept':
'application/json',
'Authorization':
'Bearer {}'.format(
data_login['access_token'])
})
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == False)
self.assertTrue(data['msg'] == 'Sorry, page not found.')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 404)
def test_encode_auth_token(self):
user = User(first_name='First Name',
last_name='Last Name',
email='*****@*****.**',
password='******')
db.session.add(user)
db.session.commit()
auth_token = user.encode_auth_token(user.id)
self.assertTrue(isinstance(auth_token, bytes))
async def post(self, request):
user = User(request.json, strict=True)
try:
user.validate()
except BaseError as ex:
raise InvalidUsage(f'Error in data: {ex.to_primitive()}')
user = await db_api.add_user(user.to_native())
return json(user, status=201)
async def put(self, request, user_id):
user_id = UserById({'user_id': user_id}).user_id
user = User(request.json, strict=True)
try:
user.validate()
except BaseError as ex:
raise InvalidUsage(f'Error in data: {ex.to_primitive()}')
user = db_api.update_user_by_id(user_id, user.to_native())
return json(user, status=200)
def load_data():
# load user table
db.session.add(
User(username='******', email="*****@*****.**", password="******"))
db.session.add(
User(username='******',
email="*****@*****.**",
password="******"))
db.session.add(
User(username='******',
email="*****@*****.**",
password="******"))
db.session.add(
User(username='******', email="*****@*****.**", password="******"))
db.session.add(
User(username='******',
name="Jan",
surname="Gargas",
email="*****@*****.**",
password="******",
phone="668-760-600"))
db.session.add(
User(username='******',
name="Kinga",
surname="Wierchomska",
email="*****@*****.**",
password="******",
phone="668-760-600"))
db.session.add(
User(username='******',
name="Michał",
surname="Kurleto",
email="Michał@Kurleto.com",
password="******",
phone="668-760-600"))
db.session.add(
User(username='******',
name="Mateusz",
surname="Mastalerczyk",
email="*****@*****.**",
password="******",
phone="668-760-600"))
print("user table loaded")
db.session.commit()
def register_user():
try:
username = request.get_json()['username']
email = request.get_json()['email']
password = request.get_json()['password']
user = User('user_id',
username=username,
email=email,
password=password)
new_user = User.insert_user_data(user)
print(new_user)
return new_user
except Exception as e:
logging.error(e)
return make_response(jsonify({'message': str(e)}), 500)
def test_update_email_by_user(self):
user = User(
username='******',
password='******',
email='*****@*****.**'
)
user_r = Roles({
'username': user.username,
'roles': user.is_admin
})
save_user(user)
save_user(user_r)
with self.client:
res_login = self.client.post(
'/v1/login',
headers={
'Content-Type': 'application/json',
'Accept': 'application/json'
},
data=json.dumps({
'username': '******',
'password': '******'
})
)
data_login = json.loads(res_login.data.decode())
response = self.client.put(
f'/v1/users/{user.username}',
headers={
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Bearer {}'.format(data_login['access_token'])
},
data=json.dumps({
'username': '******',
'email': '*****@*****.**'
})
)
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == True)
self.assertTrue(data['msg'] == 'Updated successfully')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 200)
def test_post_non_admin_user_with_admin_role(self):
user = User(
username='******',
password='******',
email='*****@*****.**',
)
user_r = Roles({'username': user.username, 'roles': 'admin'})
save_user(user)
save_user(user_r)
with self.client:
res_login = self.client.post('/v1/login',
headers={
'Content-Type':
'application/json',
'Accept': 'application/json'
},
data=json.dumps({
'username': '******',
'password': '******'
}))
data_login = json.loads(res_login.data.decode())
response = self.client.post('/v1/users',
headers={
'Content-Type':
'application/json',
'Accept':
'application/json',
'Authorization':
'Bearer {}'.format(
data_login['access_token'])
},
data=json.dumps({
'username':
'******',
'password':
'******',
'email':
'*****@*****.**',
}))
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == True)
self.assertTrue(data['msg'] == 'Registered successfully')
self.assertTrue(response.content_type == 'application/json')
self.assertTrue(response.status_code == 201)
def test_login(self):
user = User(username='******', password='******', email='*****@*****.**')
save_user(user)
with self.client:
response = self.client.post('/v1/login',
data=json.dumps({
'username': '******',
'password': '******'
}),
content_type='application/json')
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == True)
self.assertTrue(data['msg'] == 'Logged in.')
self.assertTrue(data['access_token'])
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 200)
def test_login_with_wrong_pwd(self):
user = User(username='******', password='******', email='*****@*****.**')
save_user(user)
with self.client:
response = self.client.post('/v1/login',
data=json.dumps({
'username': '******',
'password': '******'
}),
content_type='application/json')
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == False)
self.assertTrue(
data['msg'] ==
'Incorrect username or password. Please try again.')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 400)
def test_login_with_unactive_user(self):
user = User(username='******', password='******', email='*****@*****.**')
save_user(user)
update_user(user_obj=user, data={'is_active': False})
with self.client:
response = self.client.post('/v1/login',
data=json.dumps({
'username': '******',
'password': '******'
}),
content_type='application/json')
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == False)
self.assertTrue(
data['msg'] == 'User is currently banned! Please recover.')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 403)
def post(self):
"""
Allows users to create accounts
"""
args = self.reqparse.parse_args()
new_user = User(args['username'], args['email'],
args['password'], args['phone'])
if args['username'].strip() == "" or len(args['username'].strip()) < 2:
return make_response(jsonify({"message":
"invalid, Enter name please"}), 400)
if re.compile('[!@#$%^&*:;?><.0-9]').match(args['username']):
return make_response(jsonify({"message":
"Invalid characters not allowed"}
), 400)
if not re.match(r"([\w\.-]+)@([\w\.-]+)(\.[\w\.]+$)", args['email']):
return make_response(jsonify({"message":
"Enter valid email"}), 400)
if args['password'].strip() == "":
return make_response(jsonify({"message": "Enter password"}), 400)
if len(args['password']) < 5:
return make_response(jsonify({"message":
"Password is too short, < 5"}), 400)
if len(args['phone']) < 10:
return make_response(jsonify({"message":
"Phone number is too short"}), 400)
print(new_user)
USERS.append(new_user)
for user in USERS:
print(user.username)
# print(USERS)
return make_response(jsonify({
'message': 'User successfull created with id: ' + new_user.get_id()
}), 201)
def test_get_admin_users_with_no_jwt(self):
user = User(
username='******',
password='******',
email='*****@*****.**',
)
role = Roles({'username': user.username, 'roles': user.is_admin})
save_user(user)
save_user(role)
with self.client:
response = self.client.get('/v1/users/admin',
headers={
'Content-Type': 'application/json',
'Accept': 'application/json',
})
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == False)
self.assertTrue(data['msg'] == 'Sorry, page not found.')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 404)
def test_register_with_duplicated_email(self):
user = User(username='******', password='******', email='*****@*****.**')
save_user(user)
with self.client:
response = self.client.post('/v1/register',
data=json.dumps({
'username':
'******',
'password':
'******',
'email':
'*****@*****.**'
}),
content_type='application/json')
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == False)
self.assertTrue(data['msg'] == 'User has existed already')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 400)
def post(self):
print("HEREEEEEEEEEEEEEEEEEEE") # DOESN'T PRINT. WHY?
# get the post data
post_data = request.get_json()
# check if user already exists
user = User.query.filter_by(email=post_data.get('email')).first()
if not user:
try:
user = User(
first_name=post_data.get('first_name'),
last_name=post_data.get('last_name'),
email=post_data.get('email'),
password=post_data.get('password')
)
# insert the user
db.session.add(user)
db.session.commit()
# generate the auth token
auth_token = user.encode_auth_token(user.id)
responseObject = {
'status': 'success',
'message': 'Successfully registered.',
'auth_token': auth_token.decode()
}
return make_response(jsonify(responseObject)), 201
except Exception as e:
responseObject = {
'status': 'fail',
'message': 'Some error occurred. Please try again.'
}
return make_response(jsonify(responseObject)), 401
else:
responseObject = {
'status': 'fail',
'message': 'User already exists. Please Log in.',
}
return make_response(jsonify(responseObject)), 202
def add_user(username, email, password):
user = User(username=username, email=email, password=password)
db.session.add(user)
db.session.commit()
return user
def test_update_invalid_fields_by_admin(self):
admin = User(
username='******',
password='******',
email='*****@*****.**'
)
admin_r = Roles({
'username': admin.username,
'roles': admin.is_admin
})
save_user(admin)
save_user(admin_r)
with self.client:
res_login = self.client.post(
'/v1/login',
headers={
'Content-Type': 'application/json',
'Accept': 'application/json'
},
data=json.dumps({
'username': '******',
'password': '******'
})
)
data_login = json.loads(res_login.data.decode())
res_test = self.client.post(
'/v1/users',
headers={
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Bearer {}'.format(data_login['access_token'])
},
data=json.dumps({
'username': '******',
'password': '******',
'email': '*****@*****.**'
})
)
data_test = json.loads(res_test.data.decode())
response = self.client.put(
'/v1/users/test',
headers={
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Bearer {}'.format(data_login['access_token'])
},
data=json.dumps({
'username': '******',
'email': '*****@*****.**',
'is_admin': True
})
)
data = json.loads(response.data.decode())
self.assertTrue(data['ok'] == False)
self.assertTrue(data['msg'])
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 400)
def test_if_user_class_exists(self):
user = User(1, "dian", "*****@*****.**", "Cohort11")
self.assertTrue(user)
