def test_passwordreset_reset_request_twice():
clear()
user = register_n_users(1)
# Logout, assert that user can login with old password, then logout again
assert auth_logout(user["token"])["is_success"] == True
user_data = auth_get_user_data_from_id(user["u_id"])
u_id = user_data["id"]
email = user_data["email"]
old_password = "******"
token = auth_login(email, old_password)["token"]
assert auth_logout(token)["is_success"] == True
# Ask for a reset code twice
auth_passwordreset_request(email)
reset_code_1 = get_reset_code_from_user_id(u_id)
auth_passwordreset_request(email)
reset_code_2 = get_reset_code_from_user_id(u_id)
# The reset codes should be unique
assert reset_code_1 != reset_code_2
# Assert user cannot login with old reset code
new_password = "******"
with pytest.raises(InputError):
assert auth_passwordreset_reset(reset_code_1, new_password)
# Assert user can reset password with new reset code
auth_passwordreset_reset(reset_code_2, new_password)
# Assert user can login with new password
token = auth_login(email, new_password)["token"]
auth_logout(token)
def test_passwordreset_reset_success():
clear()
user = register_n_users(1)
# Logout, assert that user can login with old password, then logout again
assert auth_logout(user["token"])["is_success"] == True
user_data = auth_get_user_data_from_id(user["u_id"])
u_id = user_data["id"]
email = user_data["email"]
old_password = "******"
token = auth_login(email, old_password)["token"]
assert auth_logout(token)["is_success"] == True
# Reset password
auth_passwordreset_request(email)
reset_code = get_reset_code_from_user_id(u_id)
new_password = "******"
auth_passwordreset_reset(reset_code, new_password)
# Assert user can login with new password
token = auth_login(email, new_password)["token"]
# Ensure user cannot login with old password
auth_logout(token)
with pytest.raises(InputError):
assert auth_login(email, old_password)
def test_passwordreset_reset_success_multiple_users():
clear()
user1, user2 = register_n_users(2)
# User 1 Data
user1_data = auth_get_user_data_from_id(user1["u_id"])
u_id_1 = user1_data["id"]
email_1 = user1_data["email"]
# User 2 Data
user2_data = auth_get_user_data_from_id(user2["u_id"])
u_id_2 = user2_data["id"]
email_2 = user2_data["email"]
# Logout
assert auth_logout(user1["token"])["is_success"] == True
assert auth_logout(user2["token"])["is_success"] == True
# Reset password
auth_passwordreset_request(email_1)
auth_passwordreset_request(email_2)
reset_code_1 = get_reset_code_from_user_id(u_id_1)
reset_code_2 = get_reset_code_from_user_id(u_id_2)
new_password_1 = "NewPassword123"
new_password_2 = "NewPassword124"
auth_passwordreset_reset(reset_code_2, new_password_2)
auth_passwordreset_reset(reset_code_1, new_password_1)
# Assert user can login with new password
assert auth_login(email_1, new_password_1)["token"]
assert auth_login(email_2, new_password_2)["token"]
def test_passwordreset_reset_success_twice():
clear()
user = register_n_users(1)
# Logout, assert that user can login with old password, then logout again
assert auth_logout(user["token"])["is_success"] == True
user_data = auth_get_user_data_from_id(user["u_id"])
u_id = user_data["id"]
email = user_data["email"]
old_password = "******"
token = auth_login(email, old_password)["token"]
assert auth_logout(token)["is_success"] == True
# Reset password
auth_passwordreset_request(email)
reset_code_1 = get_reset_code_from_user_id(u_id)
new_password = "******"
auth_passwordreset_reset(reset_code_1, new_password)
# Assert user can login with new password
token = auth_login(email, new_password)["token"]
auth_logout(token)
# Reset password again and try to login with 2nd new password
auth_passwordreset_request(email)
reset_code_2 = get_reset_code_from_user_id(u_id)
assert reset_code_1 != reset_code_2
new_password_2 = "NewPassword124"
auth_passwordreset_reset(reset_code_2, new_password_2)
token = auth_login(email, new_password_2)["token"]
def test_passwordreset_reset_invalid_reset_code():
clear()
user = register_n_users(1)
u_id = user["u_id"]
user = auth_get_user_data_from_id(u_id)
auth_passwordreset_request(user["email"])
invalid_reset_code = "1234567890"
valid_password = "******"
with pytest.raises(InputError):
auth_passwordreset_reset(invalid_reset_code, valid_password)
def test_passwordreset_reset_invalid_password():
clear()
user = register_n_users(1)
u_id = user["u_id"]
user = auth_get_user_data_from_id(u_id)
auth_passwordreset_request(user["email"])
valid_reset_code = get_reset_code_from_user_id(u_id)
invalid_password = "******"
with pytest.raises(InputError):
auth_passwordreset_reset(valid_reset_code, invalid_password)
def reset_password_reset():
data = request.get_json()
return dumps(
auth_passwordreset_reset(data["reset_code"], data["new_password"]))