def authenticate(self, username, password): """ Create a "profile" object (object to encrypt) and expiration time. Then return the JWT token Expiration time as a UTC UNIX timestamp (an int) or as a datetime""" user_service = UserService(self._store, self._auth_user) try: _, token = user_service.authenticate(username, password) return token except NotActivatedUser: raise BiiRequestErrorException("User account: %s is not confirmed. Check your " "email account and follow the instructions" % username)
def setUp(self, *args, **kwargs): self.store = TestingMongoStore(self.conn, self.database_name) _, self.brl_user = self.store.generate_non_persistent_user() self.user_service = UserService(self.store, self.brl_user) self.email = "*****@*****.**" % self.brl_user self.plain_password = "******" allow_mailing = False self.bii_user = self.user_service.register(self.brl_user, self.email, self.plain_password, allow_mailing) self.manager = JWTConfirmEmailManagerFactory.new() _, self.confirmed_user, _ = self.user_service.confirm_account( self.bii_user.confirmation_token)
def setUp(self, *args, **kwargs): self.store = TestingMongoStore(self.conn, self.database_name) _, self.brl_user = self.store.generate_non_persistent_user() self.user_service = UserService(self.store, self.brl_user) self.email = "*****@*****.**" % self.brl_user self.plain_password = "******" allow_mailing = False self.bii_user = self.user_service.register(self.brl_user, self.email, self.plain_password, allow_mailing) self.manager = JWTConfirmEmailManagerFactory.new() _, self.confirmed_user, _ = self.user_service.confirm_account(self.bii_user.confirmation_token)
def new_user(login, email, password): service = UserService(server_store, login) service.register(login, email, password, True) user = server_store.read_user(login) user.active = True server_store.update_user(user)
class UserServiceTest(TestWithMongo): def setUp(self, *args, **kwargs): self.store = TestingMongoStore(self.conn, self.database_name) _, self.brl_user = self.store.generate_non_persistent_user() self.user_service = UserService(self.store, self.brl_user) self.email = "*****@*****.**" % self.brl_user self.plain_password = "******" allow_mailing = False self.bii_user = self.user_service.register(self.brl_user, self.email, self.plain_password, allow_mailing) self.manager = JWTConfirmEmailManagerFactory.new() _, self.confirmed_user, _ = self.user_service.confirm_account(self.bii_user.confirmation_token) def test_used_register(self): '''Resgister and confirm user''' self.assertEqual(self.bii_user.ID, self.confirmed_user) def test_invite_register(self): # Input login ok self.user_service.register("newuser", "*****@*****.**", self.plain_password, True, invited_by=self.brl_user) saved_user = self.store.read_user("newuser") self.assertEquals(saved_user.invited_by, self.brl_user) # Input login bad (not exist) self.assertRaises(ControledErrorException, self.user_service.register, "newuser2", "*****@*****.**", self.plain_password, True, invited_by="noexistuser") # Input by email ok self.user_service.register("newuser2", "*****@*****.**", self.plain_password, True, invited_by=self.email) saved_user = self.store.read_user("newuser2") self.assertEquals(saved_user.invited_by, self.brl_user) # Input by email error self.assertRaises(ControledErrorException, self.user_service.register, "newuser3", "*****@*****.**", self.plain_password, True, invited_by="*****@*****.**") def test_invalid_token(self): '''Obtain a valid token and then change password. Token must be invalid''' brl_user, token_1 = self.user_service.authenticate(self.brl_user, self.plain_password) # Check the token is valid manager = JWTCredentialsManagerFactory.new(self.store) brl_user_test = manager.get_user(token_1) self.assertEqual(brl_user, brl_user_test) sleep(0.1) # Sleep a moment and change the password # Now change password and re-check old token self.user_service.change_password(self.brl_user, self.plain_password, "Newp@sW0rd") # Check the token is invalid (can't authenticate) self.assertRaises(DecodeError, manager.get_user, token_1) @patch('biicode.server.user.user_service.get_oauth_service') def test_oauth_register(self, get_oauth_service): # Check that if provider and access_token is passed to register, user # is activated automatically and access_token is stored in user email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=(brl_user, email)) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "google", "THE_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertEqual(saved_user.oauth_google_token, "THE_ACCESS_TOKEN") self.assertIsNone(saved_user.oauth_github_token) self.assertEqual(saved_user.active, True) # Now check the github token email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=(brl_user, email)) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "github", "THE_GITHUB_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertEqual(saved_user.oauth_github_token, "THE_GITHUB_ACCESS_TOKEN") self.assertIsNone(saved_user.oauth_google_token) self.assertEqual(saved_user.active, True) # Now check that if email has been changed in registration process # user is not auto activated, but token is stored email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=(brl_user, "*****@*****.**")) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "github", "THE_GITHUB_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertEqual(saved_user.oauth_github_token, "THE_GITHUB_ACCESS_TOKEN") self.assertIsNone(saved_user.oauth_google_token) self.assertEqual(saved_user.active, False) # Finally if get user info returns none (invalid token) nothing registration process keeps # normal email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=None) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "github", "THE_GITHUB_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertIsNone(saved_user.oauth_github_token) self.assertIsNone(saved_user.oauth_google_token) self.assertEqual(saved_user.active, False)
class UserServiceTest(TestWithMongo): def setUp(self, *args, **kwargs): self.store = TestingMongoStore(self.conn, self.database_name) _, self.brl_user = self.store.generate_non_persistent_user() self.user_service = UserService(self.store, self.brl_user) self.email = "*****@*****.**" % self.brl_user self.plain_password = "******" allow_mailing = False self.bii_user = self.user_service.register(self.brl_user, self.email, self.plain_password, allow_mailing) self.manager = JWTConfirmEmailManagerFactory.new() _, self.confirmed_user, _ = self.user_service.confirm_account( self.bii_user.confirmation_token) def test_used_register(self): '''Resgister and confirm user''' self.assertEqual(self.bii_user.ID, self.confirmed_user) def test_invite_register(self): # Input login ok self.user_service.register("newuser", "*****@*****.**", self.plain_password, True, invited_by=self.brl_user) saved_user = self.store.read_user("newuser") self.assertEquals(saved_user.invited_by, self.brl_user) # Input login bad (not exist) self.assertRaises(ControledErrorException, self.user_service.register, "newuser2", "*****@*****.**", self.plain_password, True, invited_by="noexistuser") # Input by email ok self.user_service.register("newuser2", "*****@*****.**", self.plain_password, True, invited_by=self.email) saved_user = self.store.read_user("newuser2") self.assertEquals(saved_user.invited_by, self.brl_user) # Input by email error self.assertRaises(ControledErrorException, self.user_service.register, "newuser3", "*****@*****.**", self.plain_password, True, invited_by="*****@*****.**") def test_invalid_token(self): '''Obtain a valid token and then change password. Token must be invalid''' brl_user, token_1 = self.user_service.authenticate( self.brl_user, self.plain_password) # Check the token is valid manager = JWTCredentialsManagerFactory.new(self.store) brl_user_test = manager.get_user(token_1) self.assertEqual(brl_user, brl_user_test) sleep(0.1) # Sleep a moment and change the password # Now change password and re-check old token self.user_service.change_password(self.brl_user, self.plain_password, "Newp@sW0rd") # Check the token is invalid (can't authenticate) self.assertRaises(DecodeError, manager.get_user, token_1) @patch('biicode.server.user.user_service.get_oauth_service') def test_oauth_register(self, get_oauth_service): # Check that if provider and access_token is passed to register, user # is activated automatically and access_token is stored in user email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=(brl_user, email)) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "google", "THE_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertEqual(saved_user.oauth_google_token, "THE_ACCESS_TOKEN") self.assertIsNone(saved_user.oauth_github_token) self.assertEqual(saved_user.active, True) # Now check the github token email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=(brl_user, email)) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "github", "THE_GITHUB_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertEqual(saved_user.oauth_github_token, "THE_GITHUB_ACCESS_TOKEN") self.assertIsNone(saved_user.oauth_google_token) self.assertEqual(saved_user.active, True) # Now check that if email has been changed in registration process # user is not auto activated, but token is stored email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock( return_value=(brl_user, "*****@*****.**")) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "github", "THE_GITHUB_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertEqual(saved_user.oauth_github_token, "THE_GITHUB_ACCESS_TOKEN") self.assertIsNone(saved_user.oauth_google_token) self.assertEqual(saved_user.active, False) # Finally if get user info returns none (invalid token) nothing registration process keeps # normal email = "*****@*****.**" _, brl_user = self.store.generate_non_persistent_user() oauth_service = Mock() oauth_service.get_user_info = Mock(return_value=None) get_oauth_service.return_value = oauth_service self.bii_user = self.user_service.register(brl_user, email, self.plain_password, True, "github", "THE_GITHUB_ACCESS_TOKEN") saved_user = self.store.read_user(brl_user) self.assertIsNone(saved_user.oauth_github_token) self.assertIsNone(saved_user.oauth_google_token) self.assertEqual(saved_user.active, False)