def test_reset_password_enter_password_wrong_token_get(client): # wrong token (GET) success, user, message = User.create(email_address="*****@*****.**") User._test_set_password_reset_token(user, token="abc123correct") response = client.get('/password-reset-token/abc123wrong') # wrong token assert b'Forbidden' in response.data assert b"The password reset link is not valid or is expired." in response.data
def test_reset_password_enter_password_get(client): # correct token (GET) success, user, message = User.create(email_address="*****@*****.**") User._test_set_password_reset_token(user, token="abc123def") response = client.get('/password-reset-token/abc123def') assert b'Reset password' in response.data assert b"Enter your NEW password" in response.data
def test_reset_password_enter_password_post(client): # correct token (POST) success, user, message = User.create(email_address="*****@*****.**") User._test_set_password_reset_token(user, token="abc123def") assert user.password_hash is None # assert that user does not have a password yet # set a password data = { "reset-password-new-password": "******", "reset-password-repeat-password": "******", } response = client.post('/password-reset-token/abc123def', data=data, follow_redirects=True) assert b'Success!' in response.data assert b"Your password has been successfully (re)set." in response.data user = User.get_user_by_email(email_address="*****@*****.**") assert user.password_hash is not None # assert that the user now has a password