Esempio n. 1
0
 def _assert_settings_account_details_POST_bad_request(
         self, user_id, data, expected_text):
     response = self._send_settings_account_details_POST_request(data)
     user = User.objects(id=user_id).first()
     assert response.status_code == 400
     assert expected_text.encode() in response.data
     assert not user.last_updated
Esempio n. 2
0
 def _assert_verify_GET_ok(self, token, email):
     response = self._send_verify_GET_request(token)
     user = User.objects(email=email).first()
     assert response.status_code == 200
     assert b'Personal Boards' in response.data
     assert user.is_active
     assert user.last_updated
Esempio n. 3
0
 def _assert_settings_update_password_POST_bad_request(
         self, auth_id, data, expected_text):
     response = self._send_settings_update_password_POST_request(data)
     user = User.objects(auth_id=auth_id).first()
     assert response.status_code == 400
     assert expected_text.encode() in response.data
     assert not user.last_updated
Esempio n. 4
0
 def _assert_reset_password_POST_ok(self, user_id, auth_id, data):
     token = self._get_reset_password_token(auth_id=str(auth_id))
     response = self._send_reset_password_POST_request(data, token)
     user = User.objects(id=user_id).first()
     assert response.status_code == 200
     assert b'Your password has been reset' in response.data
     assert user.auth_id != auth_id
     assert user.last_updated
     assert user.verify_password(data['new_password'])
Esempio n. 5
0
 def _assert_reset_password_POST_bad_request(self, auth_id, data,
                                             expected_text):
     token = self._get_reset_password_token(auth_id=str(auth_id))
     response = self._send_reset_password_POST_request(data, token)
     user = User.objects(auth_id=auth_id).first()
     assert response.status_code == 400
     assert expected_text.encode() in response.data
     assert not user.last_updated
     assert not user.verify_password(data.get('new_password'))
Esempio n. 6
0
    def validate_on_submit(self):
        if not super().validate_on_submit():
            return False

        if User.objects(email=self.email.data).first():
            self.email.errors.append(
                'There is already an account with this email', )
            return False

        return True
Esempio n. 7
0
 def _assert_settings_update_email_POST_bad_request(self, user_id, auth_id,
                                                    data, expected_text):
     response = self._send_settings_update_email_POST_request(data)
     user = User.objects(id=user_id).first()
     assert response.status_code == 400
     assert expected_text.encode() in response.data
     assert user.is_active
     assert user.auth_id == auth_id
     assert user.email != data['email']
     assert not user.last_updated
Esempio n. 8
0
    def validate_on_submit(self):
        if not super().validate_on_submit():
            return False

        self.user = User.objects(email=self.email.data).first()

        if not self.user:
            self.email.errors.append('There is no account with this email')
            return False

        return True
Esempio n. 9
0
def reset_password_GET(token):
    auth_id = deserialize_password_reset_token(token)
    user = User.objects(auth_id=auth_id).first()

    if not user:
        abort(404)

    return render_template(
        'auth/reset-password.html',
        form=ResetPasswordForm(request.form),
    )
Esempio n. 10
0
 def _assert_sign_up_POST_ok(self, data, sent_email=True):
     response = self._send_sign_up_POST_request(data)
     user = User.objects(email=data['email']).first()
     assert response.status_code == 200
     if sent_email:
         assert b'A verification email has been sent' in response.data
     else:
         assert b'Could not send a verification email' in response.data
     assert not user.is_active
     assert user.initials
     assert user.name == data['name']
     assert user.verify_password(data['password'])
Esempio n. 11
0
 def _assert_settings_account_details_POST_ok(self,
                                              user_id,
                                              data,
                                              updated=True):
     response = self._send_settings_account_details_POST_request(data)
     user = User.objects(id=user_id).first()
     assert response.status_code == 200
     assert user.initials == data['initials'].upper()
     assert user.name == data['name']
     if updated:
         assert b'Your account details have been updated' in response.data
         assert user.last_updated
     else:
         assert b'No update needed' in response.data
         assert not user.last_updated
Esempio n. 12
0
    def validate_on_submit(self):
        if not super().validate_on_submit():
            return False

        self.user = User.objects(email=self.email.data).first()

        if not self.user:
            self.email.errors.append('There is no account with this email')
            return False

        if self.user.is_active:
            self.email.errors.append('This account has already been verified')
            return False

        return True
Esempio n. 13
0
    def validate_on_submit(self):
        if not super().validate_on_submit():
            return False

        if not current_user.verify_password(self.password.data):
            self.password.errors.append('Incorrect password')
            return False

        existing_user = User.objects(email=self.email.data).first()

        if current_user.email != self.email.data and existing_user:
            self.email.errors.append(
                'There is already an account with this email', )
            return False

        return True
Esempio n. 14
0
 def _assert_settings_update_password_POST_ok(self,
                                              user_id,
                                              auth_id,
                                              data,
                                              updated=True):
     response = self._send_settings_update_password_POST_request(data)
     user = User.objects(id=user_id).first()
     assert response.status_code == 200
     assert user.verify_password(data['new_password'])
     if updated:
         assert b'Your password has been updated' in response.data
         assert user.auth_id != auth_id
         assert user.last_updated
     else:
         assert b'No update needed' in response.data
         assert user.auth_id == auth_id
         assert not user.last_updated
Esempio n. 15
0
    def validate_on_submit(self):
        if not super().validate_on_submit():
            return False

        self.user = User.objects(email=self.email.data).first()

        if not self.user or not self.user.verify_password(self.password.data):
            self.email.errors.append('Incorrect email')
            self.password.errors.append('Incorrect password')
            return False

        if not self.user.is_active:
            self.email.errors.append(
                'Please verify your email before logging in', )
            return False

        return True
Esempio n. 16
0
    def create_board(cls, **kwargs):
        board = Board()
        board.created_by = kwargs.get('created_by', cls.user.id)
        board.name = kwargs.get(
            'name',
            cls.fake.pystr(min_chars=1, max_chars=256),
        )
        board.owner_id = kwargs.get('owner_id', cls.user.id)
        board.type = kwargs.get('type', BoardType.PERSONAL.id)
        board.visibility = kwargs.get('visibility', BoardVisibility.PRIVATE.id)
        saved_board = board.save()

        user = User.objects(id=saved_board.owner_id).first()
        if user:
            user.boards.append(saved_board)
            user.save()

        return saved_board
Esempio n. 17
0
 def _assert_settings_update_email_POST_ok(self,
                                           user_id,
                                           auth_id,
                                           data,
                                           updated=True):
     response = self._send_settings_update_email_POST_request(data)
     user = User.objects(id=user_id).first()
     assert response.status_code == 200
     assert user.email == data['email']
     if updated:
         assert b'A verification email has been sent' in response.data
         assert not user.is_active
         assert user.auth_id != auth_id
         assert user.last_updated
     else:
         assert b'No update needed' in response.data
         assert user.is_active
         assert user.auth_id == auth_id
         assert not user.last_updated
Esempio n. 18
0
def reset_password_POST(token):
    auth_id = deserialize_password_reset_token(token)
    user = User.objects(auth_id=auth_id).first()

    if not user:
        abort(404)

    form = ResetPasswordForm(request.form)

    if not form.validate_on_submit():
        return render_template('auth/reset-password.html', form=form), 400

    user.password = User.encrypt_password(form.new_password.data)
    user.auth_id = ObjectId()
    user.last_updated = datetime.utcnow()
    user.save()

    flash('Your password has been reset.', 'success')

    login_user(user)

    return redirect(url_for('user.boards_GET'))
Esempio n. 19
0
def verify_GET(token):
    auth_id = deserialize_verification_token(token)
    user = User.objects(auth_id=auth_id).first()

    if not user:
        abort(404)

    user.active = True
    user.auth_id = ObjectId()
    user.last_updated = datetime.utcnow()
    user.save()

    login_user(user)

    flash('Your email address has been verified.', 'success')

    next_target = request.args.get('next')

    if not is_safe_url(next_target):
        abort(400)

    return redirect(next_target or url_for('user.boards_GET'))
Esempio n. 20
0
def load_user(user_id):
    return User.objects(auth_id=to_ObjectId(user_id)).first()
Esempio n. 21
0
def get_owner_from_id(owner_id):
    return User.objects(id=to_ObjectId(owner_id)).first()
Esempio n. 22
0
 def _assert_verify_GET_not_found(self, token, email):
     response = self._send_verify_GET_request(token)
     user = User.objects(email=email).first()
     assert response.status_code == 404
     assert b'Not Found' in response.data
     assert not user or not user.is_active
Esempio n. 23
0
 def _assert_sign_up_POST_bad_request(self, data, expected_text):
     response = self._send_sign_up_POST_request(data)
     user = User.objects(email=data.get('email')).first()
     assert response.status_code == 400
     assert expected_text.encode() in response.data
     assert not user or user == self.user