def _validate_and_log_user(form):
if form.validate_on_submit():
mongo_user = mongo.db.users.find_one({'email': form.email.data})
if mongo_user and bcrypt.check_password_hash(mongo_user['password'], form.password.data):
login_user(User(mongo_user), remember=form.remember_me.data)
else:
flash('Utilisateur ou mot de passe non valide.')
def post(self):
# get the post data
post_data = request.get_json()
try:
# fetch the user data
user = User.query.filter_by(email=post_data.get('email')).first()
if user and bcrypt.check_password_hash(user.password,
post_data.get('password')):
refresh_token = user.encode_refresh_token(user.id)
if refresh_token:
responseObject = {
'status':
'success',
'message':
'Successfully logged in.',
'refresh_token':
refresh_token.decode(),
'access_token':
(User.encode_access_token(user.id)).decode()
}
return make_response(jsonify(responseObject)), 200
else:
responseObject = {
'status': 'fail',
'message': 'User does not exist.'
}
return make_response(jsonify(responseObject)), 404
except Exception as e:
print(e)
responseObject = {'status': 'fail', 'message': 'Try again'}
return make_response(jsonify(responseObject)), 500
def test_change_password(self):
self.client.post('/',
data=dict(email='*****@*****.**', password='******'))
response = self.client.post('/profil/',
data=dict(nickname='james',
email='*****@*****.**',
actual_password='******',
new_password='******',
confirm_new_password='******'))
self.assert200(response)
self.assertTemplateUsed('profil/index.html')
self.assertEqual({
'email': '*****@*****.**',
'nickname': 'james'
},
mongo.db.users.find_one({'email': '*****@*****.**'}, {
'password': 0,
'_id': 0
}))
self.assertTrue(
bcrypt.check_password_hash(
mongo.db.users.find_one({'email': '*****@*****.**'},
{'password': 1})['password'],
'secret'))
def validate_actual_password(self, field):
if self.new_password.data and not field.data:
raise ValidationError(field.gettext(u'Ce champs est requis.'))
if field.data:
user = mongo.db.users.find_one({'_id': ObjectId(current_user.get_id())})
if not bcrypt.check_password_hash(user['password'], field.data):
raise ValidationError(field.gettext(u'Le mot de passe n\'est pas correct.'))
def test_change_password(self):
self.client.post('/', data=dict(email='*****@*****.**', password='******'))
response = self.client.post('/profil/', data=dict(nickname='james', email='*****@*****.**', actual_password='******', new_password='******', confirm_new_password='******'))
self.assert200(response)
self.assertTemplateUsed('profil/index.html')
self.assertEqual({'email': '*****@*****.**', 'nickname': 'james'},
mongo.db.users.find_one({'email': '*****@*****.**'}, {'password': 0, '_id': 0}))
self.assertTrue(bcrypt.check_password_hash(mongo.db.users.find_one({'email': '*****@*****.**'}, {'password': 1})['password'], 'secret'))
def test_change_all_values(self):
self.client.post('/', data=dict(email='*****@*****.**', password='******'))
response = self.client.post('/profil/', data=dict(nickname='tony', email='*****@*****.**', actual_password='******', new_password='******', confirm_new_password='******'))
self.assert200(response)
self.assertTemplateUsed('profil/index.html')
self.assertEqual({'email': '*****@*****.**', 'nickname': 'tony'},
mongo.db.users.find_one({'email': '*****@*****.**'}, {'password': 0, '_id': 0}))
self.assertTrue(bcrypt.check_password_hash(mongo.db.users.find_one({'email': '*****@*****.**'}, {'password': 1})['password'], 'secret'))
self.assertEqual([{'url': 'http://www.bar.com', 'user': {'_id': ObjectId('5495f2a88766017d44130bb6'), 'email': '*****@*****.**', 'nickname': 'tony'}},
{'url': 'http://www.foo.com', 'user': {'_id': ObjectId('5495f2a88766017d44130bb6'), 'email': '*****@*****.**', 'nickname': 'tony'}}],
list(mongo.db.bookmarks.find({'user._id': ObjectId('5495f2a88766017d44130bb6')}, {'published': 0, '_id': 0}).sort('url')))
def test_change_all_values(self):
self.client.post('/',
data=dict(email='*****@*****.**', password='******'))
response = self.client.post('/profil/',
data=dict(nickname='tony',
email='*****@*****.**',
actual_password='******',
new_password='******',
confirm_new_password='******'))
self.assert200(response)
self.assertTemplateUsed('profil/index.html')
self.assertEqual({
'email': '*****@*****.**',
'nickname': 'tony'
},
mongo.db.users.find_one({'email': '*****@*****.**'}, {
'password': 0,
'_id': 0
}))
self.assertTrue(
bcrypt.check_password_hash(
mongo.db.users.find_one({'email': '*****@*****.**'},
{'password': 1})['password'],
'secret'))
self.assertEqual(
[{
'url': 'http://www.bar.com',
'user': {
'_id': ObjectId('5495f2a88766017d44130bb6'),
'email': '*****@*****.**',
'nickname': 'tony'
}
}, {
'url': 'http://www.foo.com',
'user': {
'_id': ObjectId('5495f2a88766017d44130bb6'),
'email': '*****@*****.**',
'nickname': 'tony'
}
}],
list(
mongo.db.bookmarks.find(
{
'user._id': ObjectId('5495f2a88766017d44130bb6')
}, {
'published': 0,
'_id': 0
}).sort('url')))