def test_registration_form_unique_email(self): """ Test that ``RegistrationFormUniqueEmail`` validates uniqueness of email addresses. """ # Create a user so we can verify that duplicate addresses # aren't permitted. User.create_user('alice', '*****@*****.**', 'secret') form = forms.RegistrationFormUniqueEmail( data={ 'username': '******', 'email': '*****@*****.**', 'password1': 'foo', 'password2': 'foo', }) self.failIf(form.is_valid()) self.assertEqual(form.errors['email'], [ u'''\ This email address is already in use. Please supply a different email address.'''.replace('\n', ' ') ]) form = forms.RegistrationFormUniqueEmail( data={ 'username': '******', 'email': '*****@*****.**', 'password1': 'foo', 'password2': 'foo', }) self.failUnless(form.is_valid())
def test_create_user(self): u = User.create_user(u'testuser', '*****@*****.**', 'testpw') self.assertTrue(u.has_usable_password()) self.assertFalse(u.check_password('bad')) self.assertTrue(u.check_password('testpw')) u.set_unusable_password() u.first_name = u' ¡' u.last_name = u'π ' self.session.commit() self.assertFalse(u.check_password('testpw')) self.assertTrue(u.is_active) self.assertFalse(u.is_anonymous()) self.assertTrue(u.is_authenticated()) self.assertFalse(u.is_staff) self.assertFalse(u.is_superuser) self.assertEqual(unicode(u), u'testuser') self.assertEqual(u.get_full_name(), u'¡ π') u2 = User.create_user(u'testuser2', '*****@*****.**', session=self.session) self.assertFalse(u2.has_usable_password()) uu = User.create_user(u'testμser', '*****@*****.**', session=self.session) self.assertEqual(uu.get_absolute_url(), '/users/test%CE%BCser/')
def test_password_algorithm(self): settings.AUTH_DIGEST_ALGORITHM = 'sha256' user = User.create_user('testalgo', '*****@*****.**', 'testpw', session=self.session) self.assertIn('$', user.password) algo = user.password.split('$')[0] self.assertEqual(algo, settings.AUTH_DIGEST_ALGORITHM) self.assertTrue(user.check_password('testpw')) user.set_password('testpw224', algo='sha224') self.session.commit() self.assertIn('$', user.password) algo = user.password.split('$')[0] self.assertEqual(algo, 'sha224') self.assertTrue(user.check_password('testpw224')) settings.AUTH_DIGEST_ALGORITHM = 'sha512' user2 = User.create_user('testalgo2', '*****@*****.**', 'testpw2', session=self.session) self.assertIn('$', user2.password) algo = user2.password.split('$')[0] self.assertEqual(algo, settings.AUTH_DIGEST_ALGORITHM) self.assertTrue(user2.check_password('testpw2'))
def test_registration_form_unique_email(self): """ Test that ``RegistrationFormUniqueEmail`` validates uniqueness of email addresses. """ # Create a user so we can verify that duplicate addresses # aren't permitted. User.create_user('alice', '*****@*****.**', 'secret') form = forms.RegistrationFormUniqueEmail(data={ 'username': '******', 'email': '*****@*****.**', 'password1': 'foo', 'password2': 'foo', }) self.failIf(form.is_valid()) self.assertEqual(form.errors['email'], [u'''\ This email address is already in use. Please supply a different email address.'''.replace('\n', ' ')]) form = forms.RegistrationFormUniqueEmail(data={ 'username': '******', 'email': '*****@*****.**', 'password1': 'foo', 'password2': 'foo', }) self.failUnless(form.is_valid())
def test_create_superuser(self): su = User.create_superuser(u'super', '*****@*****.**', 'super', session=self.session) self.assertTrue(su.is_superuser) self.assertTrue(su.is_active) self.assertTrue(su.is_staff) su = User.create_superuser(u'super2', '*****@*****.**', 'super2') self.assertTrue(su.is_superuser) self.assertTrue(su.is_active) self.assertTrue(su.is_staff)
def setUpClass(cls): super(AuthViewsTestCase, cls).setUpClass() cls.session = orm.sessionmaker() User.__table__.create() cls.user = User.create_user(u'testclient', '*****@*****.**', session=cls.session) cls.user.set_password('password') cls.staff = User.create_staff(u'staff', '*****@*****.**', '123', session=cls.session) User.create_user(u'testclient2', '*****@*****.**', session=cls.session)
def test_create_staff(self): st = User.create_staff(u'staff', '*****@*****.**', 'staff', session=self.session) self.assertFalse(st.is_superuser) self.assertTrue(st.is_active) self.assertTrue(st.is_staff) st = User.create_staff(u'staff2', '*****@*****.**', 'staff2', session=self.session) self.assertFalse(st.is_superuser) self.assertTrue(st.is_active) self.assertTrue(st.is_staff)
def create_inactive_user(cls, username, email, password, site, send_email=True, session=None): '''Create a new, inactive :class:`~baph.auth.models.User`, generate a :class:`RegistrationProfile` and email its activation key to the :class:`~baph.auth.models.User`. :param username: The username of the user. :type username: :class:`unicode` :param email: The email address of the user. :type email: :class:`str` :param password: The password of the user. :type password: :class:`unicode` :param site: The site associated with the user. :type site: :class:`baph.sites.models.Site` or :class:`baph.sites.models.RequestSite` :param send_email: Whether an activation email will be sent to the new user. :type send_email: :class:`bool` :rtype: :class:`baph.auth.models.User` ''' new_user = User.create_user(username, email, password, session=session) new_user.is_active = False session.commit() registration_profile = cls.create_profile(new_user, session=session) if send_email: registration_profile.send_activation_email(site) return new_user
def test_user_email(self): u3 = User.create_user(u'testuser3', '*****@*****.**', session=self.session) self.assertEqual(u3.email, '*****@*****.**') self.assertRaises(ValueError, User.create_user, u'testuser4', 'test4', session=self.session)
def create_inactive_user(cls, username, email, password, site, send_email=True, session=None): '''Create a new, inactive :class:`~baph.auth.models.User`, generate a :class:`RegistrationProfile` and email its activation key to the :class:`~baph.auth.models.User`. :param username: The username of the user. :type username: :class:`unicode` :param email: The email address of the user. :type email: :class:`str` :param password: The password of the user. :type password: :class:`unicode` :param site: The site associated with the user. :type site: :class:`baph.sites.models.DjangoSite` or :class:`baph.sites.models.RequestSite` :param send_email: Whether an activation email will be sent to the new user. :type send_email: :class:`bool` :rtype: :class:`baph.auth.models.User` ''' new_user = User.create_user(username, email, password, session=session) new_user.is_active = False session.commit() registration_profile = cls.create_profile(new_user, session=session) if send_email: registration_profile.send_activation_email(site) return new_user
def create_user(username, email, password, active=False, send_email=True, **kwargs): uname = username.encode('utf-8') if isinstance(username, unicode) else username salt, activation_key = generate_sha1(uname) #org_key = Organization._meta.verbose_name #org = Organization.get_current() #print 'create user:', username, email, password, kwargs new_user = User.create_user(username, email, password, **kwargs) new_user.is_active = active new_user.signup = UserRegistration(activation_key=activation_key) session = orm.sessionmaker() session.add(new_user) session.commit() if auth_settings.BAPH_ACTIVATION_REQUIRED: new_user.signup.send_activation_email() return new_user
def register(self, request, oauth_token, oauth_verifier, given_name, family_name, email): if hasattr(request, 'orm'): session = request.orm.sessionmaker() else: from baph.db.orm import ORM session = ORM.get().sessionmaker() request_token = request.session.pop(SESSION_KEY, None) if request_token and request_token.key == oauth_token: twitter = Twitter(request_token) access_token = twitter.get_access_token(oauth_verifier) if not access_token: return False profile = session.query(TwitterProfile) \ .filter_by(key=access_token.key, secret=access_token.secret) \ .first() if profile: user_obj = profile.user else: # Check that the username is unique, and if so, create a user # and profile twitter_user = twitter.user username = '******' % twitter_user.id user_ct = session.query(User) \ .filter_by(username=username) \ .count() if user_ct == 0: user_obj = User.create_user(username=username, email=email, password=None, session=session) user_obj.first_name = given_name user_obj.last_name = family_name profile = TwitterProfile(user=user_obj, uid=twitter_user.id, username=twitter.username, access_token=access_token) session.add(profile) session.commit() else: # Should we redirect here, or return False and redirect in # post_registration_redirect? return False signals.user_registered.send(sender=self.__class__, user=user_obj, request=request) user = authenticate(oauth_token=access_token.key, uid=twitter_user.id, session=session) login(request, user) elif request.user.is_authenticated(): user_obj = request.user else: # Perhaps we should handle this differently? user_obj = AnonymousUser() return user_obj
def setUp(self): self.cuser = User.create_user('testconsumer', '*****@*****.**') data = dict(name=u'Piston Test Consumer', description=u'A test consumer for Piston.', session=self.session, user=self.cuser) self.consumer = Consumer.create(**data) mail.outbox = []
def test_activation_email(self): ''':meth:`RegistrationProfile.send_activation_email` sends an email. ''' new_user = User.create_user(**self.user_info) profile = RegistrationProfile.create_profile(new_user) profile.send_activation_email(Site.get_current()) self.assertEqual(len(mail.outbox), 1) self.assertEqual(mail.outbox[0].to, [self.user_info['email']])
def test_registration_form(self): """ Test that ``RegistrationForm`` enforces username constraints and matching passwords. """ # Create a user so we can verify that duplicate usernames aren't # permitted. User.create_user('alice', '*****@*****.**', 'secret') invalid_data_dicts = [ # Non-alphanumeric username. {'data': {'username': '******', 'email': '*****@*****.**', 'password1': 'foo', 'password2': 'foo'}, 'error': ('username', [u'''\ This value must contain only letters, numbers and underscores.'''])}, # Already-existing username. {'data': {'username': '******', 'email': '*****@*****.**', 'password1': 'secret', 'password2': 'secret'}, 'error': ('username', [u"A user with that username already exists."])}, # Mismatched passwords. {'data': {'username': '******', 'email': '*****@*****.**', 'password1': 'foo', 'password2': 'bar'}, 'error': ('__all__', [u"The two password fields didn't match."])}, ] for invalid_dict in invalid_data_dicts: form = forms.RegistrationForm(data=invalid_dict['data']) self.failIf(form.is_valid()) self.assertEqual(form.errors[invalid_dict['error'][0]], invalid_dict['error'][1]) form = forms.RegistrationForm(data={'username': '******', 'email': '*****@*****.**', 'password1': 'foo', 'password2': 'foo'}) self.failUnless(form.is_valid())
def register(self, request, **kwargs): if hasattr(request, 'orm'): session = request.orm.sessionmaker() else: from baph.db.orm import ORM session = ORM.get().sessionmaker() params = get_user_from_cookie(request.COOKIES, settings.FACEBOOK_APP_ID, settings.FACEBOOK_SECRET_KEY) if params and 'uid' in params: uid = params['uid'] profile = session.query(FacebookProfile) \ .filter_by(uid=uid) \ .first() if profile: user_obj = profile.user else: # Check that the username is unique, and if so, create a user # and profile username = '******' % uid user_ct = session.query(User) \ .filter_by(username=username) \ .count() if user_ct == 0: fb = Facebook(params['access_token']) fb_user = fb.user user_obj = User.create_user(username=username, email=fb_user['email'], password=None, session=session) user_obj.first_name = fb_user['first_name'] user_obj.last_name = fb_user['last_name'] profile = FacebookProfile( user=user_obj, uid=uid, access_token=params['access_token'], expires_in=params['expires'], ) session.add(profile) session.commit() else: # Should we redirect here, or return False and redirect in # post_registration_redirect? return False signals.user_registered.send(sender=self.__class__, user=user_obj, request=request) user = authenticate(uid=uid, session=session) login(request, user) elif request.user.is_authenticated(): user_obj = request.user else: # Perhaps we should handle this differently? user_obj = AnonymousUser() return user_obj
def setUp(self): self.session = orm.sessionmaker() self.cuser = User.create_user('testoauth', '*****@*****.**', 'testoauth') data = dict(name=u'Piston Test OAuth', description=u'A test consumer for OAuth.', session=self.session, user=self.cuser) self.consumer = Consumer.create(**data) self.old_store = getattr(settings, 'PISTON_OAUTH_STORE', None) settings.PISTON_OAUTH_STORE = BAPH_PISTON_OAUTH_STORE
def test_email_user(self): addr = '*****@*****.**' eu = User.create_user('testuseremail', addr, session=self.session) subject = 'Test Subject' msg = 'This is a Test.' eu.email_user(subject, msg, '*****@*****.**') self.assertEqual(len(mail.outbox), 1) email = mail.outbox[0] self.assertEqual(email.to, [addr]) self.assertEqual(email.subject, subject) self.assertEqual(email.body, msg)
def test_profile_creation(self): '''Creating a registration profile for a user populates the profile with the correct user and a SHA1 hash to use as activation key. ''' new_user = User.create_user(**self.user_info) profile = RegistrationProfile.create_profile(new_user) ct = self.session.query(RegistrationProfile).count() self.assertEqual(ct, 1) self.assertEqual(profile.user.id, new_user.id) self.assertRegexpMatches(profile.activation_key, '^[a-f0-9]{40}$') self.assertEqual(unicode(profile), u'Registration information for alice')
def __init__(self, *args, **kwargs): super(SignupForm, self).__init__(*args, **kwargs) base_form = User.get_form_class() if not base_form: raise Exception('no form_class found in User.Meta') if not settings.BAPH_AUTH_WITHOUT_USERNAMES: field_name = User.USERNAME_FIELD self.fields[field_name] = base_form.base_fields[field_name] for field_name in User.REQUIRED_FIELDS: self.fields[field_name] = base_form.base_fields[field_name] for field_name in ['password1', 'password2']: label = 'Create password' if field_name == 'password1' \ else 'Repeat Password' self.fields[field_name] = forms.CharField( widget=forms.PasswordInput(attrs=attrs_dict, render_value=False), label=_(label))
def setUpClass(cls): cls.session = orm.sessionmaker() User.__table__.create() cls.user = User.create_user(u'testclient', '*****@*****.**', session=cls.session)
def test_registration_form(self): """ Test that ``RegistrationForm`` enforces username constraints and matching passwords. """ # Create a user so we can verify that duplicate usernames aren't # permitted. User.create_user('alice', '*****@*****.**', 'secret') invalid_data_dicts = [ # Non-alphanumeric username. { 'data': { 'username': '******', 'email': '*****@*****.**', 'password1': 'foo', 'password2': 'foo' }, 'error': ('username', [ u'''\ This value must contain only letters, numbers and underscores.''' ]) }, # Already-existing username. { 'data': { 'username': '******', 'email': '*****@*****.**', 'password1': 'secret', 'password2': 'secret' }, 'error': ('username', [u"A user with that username already exists."]) }, # Mismatched passwords. { 'data': { 'username': '******', 'email': '*****@*****.**', 'password1': 'foo', 'password2': 'bar' }, 'error': ('__all__', [u"The two password fields didn't match."]) }, ] for invalid_dict in invalid_data_dicts: form = forms.RegistrationForm(data=invalid_dict['data']) self.failIf(form.is_valid()) self.assertEqual(form.errors[invalid_dict['error'][0]], invalid_dict['error'][1]) form = forms.RegistrationForm( data={ 'username': '******', 'email': '*****@*****.**', 'password1': 'foo', 'password2': 'foo' }) self.failUnless(form.is_valid())