def login_user(event, _):
"""
Login a user
:param event: event
:return: 200 and a login cookie if successful, 401 otherwise
"""
# Parse the paramteres
params = parse_qs(event["body"])
# Make sure that the request contains all needed data
if "identifier" in params and "password" in params:
# Try to login the user
user = User()
username = user.login_user(params["identifier"][0],
params["password"][0])
if username:
cookie_content = f"user={username}"
cookie_content_signed = sign_cookie(cookie_content)
expiration_date = datetime.now() + timedelta(days=30)
cookie = f"{cookie_content_signed};SameSite=Strict;Path=/;Expires={get_cookie_date(expiration_date)};HttpOnly"
return create_response(
200,
"POST",
username,
{
"Access-Control-Allow-Credentials": "true",
"Set-Cookie": cookie
},
)
return create_response(401, "POST")
def test_login_user(self, _):
user = User()
# Test correct identifier and password
self.assertEqual("user_1", user.login_user("user_1", "test"))
self.assertEqual("user_1", user.login_user("*****@*****.**", "test"))
# Test wrong identifier or password
self.assertFalse(user.login_user("user_1", "wrong_password"))
self.assertFalse(user.login_user("user_1", "test2"))
self.assertFalse(user.login_user("user_3", "test3"))
self.assertFalse(user.login_user("*****@*****.**", "test3"))
# Test last active password
self.assertEqual("1111",
user.get_user_by_username("user_2")["last_active"])
user.login_user("user_2", "test2")
self.assertEqual("9999",
user.get_user_by_username("user_2")["last_active"])
