async def test_user_with_wrong_creds_doesnt_receive_token(
self,
app: FastAPI,
client: AsyncClient,
test_user: UserInDB,
credential: str,
wrong_value: str,
status_code: int,
) -> None:
client.headers["content-type"] = "application/x-www-form-urlencoded"
user_data = test_user.dict()
user_data[
"password"] = "******" # insert user's plaintext password
user_data[credential] = wrong_value
login_data = {
"username": user_data["email"],
"password":
user_data["password"], # insert password from parameters
}
res = await client.post(
app.url_path_for("users:login-email-and-password"),
data=login_data)
assert res.status_code == status_code
assert "access_token" not in res.json()
async def populate_user(self, *, user: UserInDB) -> UserInDB:
return UserPublic(
# unpack the user in db instance,
**user.dict(),
# fetch the user's profile from the profiles_repo
profile=await
self.profiles_repo.get_profile_by_user_id(user_id=user.id),
)
async def populate_user(self, *, user: UserInDB) -> UserInDB:
return UserPublic(
# unpack the user in db dict into the UserPublic model
# which will remove "password" and "salt"
**user.dict(),
# fetch the user's profile from the profiles repo
profile=await
self.profiles_repo.get_profile_by_user_id(user_id=user.id))
async def populate_user(self, *, user: UserInDB) -> UserPublic:
"""
Unpacks the user in db dict into the UserPublic model
which will remove "password" and "salt".
It also fetches the user's profile from the profiles repo and attaches it to the user.
"""
return UserPublic(**user.dict(),
profile=await
self.profiles_repo.get_profile_by_user_id(
user_id=user.id))
def insert_or_update_user(user: UserInDB):
if (hasattr(user, "id")):
delattr(user, "id")
finded = db.user.find_one({"username": user.username, "disabled": False})
if finded is None:
user.date_insert = datetime.utcnow()
ret = db.user.insert_one(user.dict(by_alias=True))
else:
if (hasattr(user, "date_insert")):
delattr(user, "date_insert")
user.date_update = datetime.utcnow()
ret = db.user.find_one_and_update({"username": user.username, "disabled": False}, {"$set": user.dict(by_alias=True)}, return_document=ReturnDocument.AFTER )
print (ret)
return ret
def update_user_me(
*,
password: str = Body(None),
full_name: str = Body(None),
email: EmailStr = Body(None),
current_user: UserInDB = Depends(get_current_active_user),
):
"""
Update own user.
"""
user_in = UserUpdate(**current_user.dict())
if password is not None:
user_in.password = password
if full_name is not None:
user_in.full_name = full_name
if email is not None:
user_in.email = email
bucket = get_default_bucket()
user = crud.user.update(bucket, username=current_user.username, user_in=user_in)
return user
def route_users_me_put(
*,
password: str = Body(None),
full_name: str = Body(None),
email: EmailStr = Body(None),
current_user: UserInDB = Depends(get_current_user),
):
"""
Update own user
"""
if not check_if_user_is_active(current_user):
raise HTTPException(status_code=400, detail="Inactive user")
user_in = UserInUpdate(**current_user.dict())
if password is not None:
user_in.password = password
if full_name is not None:
user_in.full_name = full_name
if email is not None:
user_in.email = email
bucket = get_default_bucket()
user = update_user(bucket, user_in)
return user
async def test_user_with_wrong_creds_doesnt_receive_token(
self,
app: FastAPI,
client: AsyncClient,
test_user: UserInDB,
credential: str,
wrong_value: str,
status_code: int,
) -> None:
client.headers['content-type'] = 'application/x-www-form-urlencoded'
user_data = test_user.dict()
user_data[
'password'] = '******' # insert user's plaintext password
user_data[credential] = wrong_value
login_data = {
'username': user_data['email'],
'password':
user_data['password'], # insert password from parameters
}
res = await client.post(
app.url_path_for('users:login-email-and-password'),
data=login_data)
assert res.status_code == status_code
assert 'access_token' not in res.json()
async def populate_user(self, *, user: UserInDB) -> UserInDB:
return UserPublic(**user.dict(),
profile=await
self.profiles_repo.get_profile_by_user_id(
user_id=user.id))
