def purge():
'''
Truncate all tables
'''
Users.delete().execute()
Inventory.delete().execute()
AccessRights.delete().execute()
Credentials.delete().execute()
def test_multiple_credentials(self):
'''
test to check if the program can save multiple credentials object in the credentials_list
'''
self.new_credentials.save_credentials()
test_credentials = Credentials("john", "dribble.com", "y")
test_credentials.save_credentials()
self.assertEqual(len(Credentials.credentials_list), 2)
def test_copy_password(self):
'''
test to confirm that the application can copy the found password on the clipboard
'''
self.new_credentials.save_credentials()
Credentials.copy_password("medium.com")
self.assertEqual(self.new_credentials.app_password, pyperclip.paste())
def post(self, request):
form = request.POST
if len(Credentials.objects.all()) > 0:
Credentials.objects.all()[0].delete()
print(form)
cred = Credentials(servername=form.get('servername'), port=form.get('port'),
uuid=form.get('uuid'), token=form.get('token'), cloud=form.get('cloud'))
cred.save()
return render(request, 'index.html', {'form': KnotForm(form)})
def grant(hostname, user, account_name, verbose=False):
'''
Grant access to some credentials
'''
inv = Inventory.get(hostname=hostname, account_name=account_name)
ar = AccessRights.create(created_by=user.identifier,
user=user.identifier, host=inv.identifier)
plaintext = crypt.rsa_dec(user, inv.account_password, verbose)
cipher = crypt.rsa_enc(user, plaintext)
Credentials.create(access=ar.identifier, password=cipher)
def test_set_and_verify_new_phone_when_phone_verified(self):
result = self.service.set_new_phone(self.phone_credentials, "+79212225577")
verification_code = result["verification"]["send_code"]
new_phone_credentials = Credentials()
new_phone_credentials.phone = "+79212225577"
new_phone_credentials.password = self.phone_credentials.password
self.assertRaises(IncorrectLogin, lambda: self.service.authenticate(new_phone_credentials))
self.service.authenticate(self.phone_credentials)
self.service.verify_phone(self.phone_credentials, verification_code)
self.service.authenticate(new_phone_credentials)
self.assertRaises(IncorrectLogin, lambda: self.service.authenticate(self.phone_credentials))
def test_vk_auth_fail(self):
os.environ["VK_APP_SECRET_KEY"] = "12345"
vk_id = 42
vk_concated_string = "blablabla=1&blabla=2"
sig = md5(vk_concated_string.replace("&", "") + "12345")
credentials = Credentials()
credentials.vk_id = vk_id
self.assertRaises(
IncorrectOAuthSignature,
self.service.authenticate_vk, credentials, vk_concated_string, sig+"1"
)
def test_find_contact_by_name(self):
'''
test to check if we can find an application credential by name and display data
'''
self.new_credentials.save_credentials()
test_credentials = Credentials("john", "dribble.com", "y")
test_credentials.save_credentials()
found_password = Credentials.find_by_app_name("dribble.com")
self.assertEqual(found_password, test_credentials.app_password)
def test_contact_exists(self):
'''
test to check if contact exists method works
'''
self.new_credentials.save_credentials()
test_credentials = Credentials("john", "dribble.com", "y")
test_credentials.save_credentials()
credentials_exists = Credentials.credentials_exists("dribble.com")
self.assertTrue(credentials_exists)
def test_delete_credential(self):
'''
test if the application can delete an application credentials object in credentials list
'''
self.new_credentials.save_credentials()
test_credentials = Credentials("john", "dribble.com", "y")
test_credentials.save_credentials()
self.new_credentials.delete_credentials() #delete credentials
self.assertEqual(len(Credentials.credentials_list), 1)
def test_set_and_verify_email_when_phone_verified(self):
result = self.service.set_new_email(self.phone_credentials, "*****@*****.**")
verification_code = result["verification"]["send_code"]
new_email_credentials = Credentials()
new_email_credentials.email = "*****@*****.**"
new_email_credentials.password = self.phone_credentials.password
self.assertRaises(IncorrectLogin, lambda: self.service.authenticate(new_email_credentials))
self.service.authenticate(self.phone_credentials)
self.service.verify_email(self.phone_credentials, verification_code)
self.service.authenticate(new_email_credentials)
self.service.authenticate(self.phone_credentials)
def test_fail_email_verification_and_delete_account(self):
credentials = Credentials()
credentials.email = "*****@*****.**"
credentials.password = "******"
register_result = self.service.register(credentials)
verification_code = register_result["verification"]["send_code"]
self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_email(credentials, "blablabla"))
self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_email(credentials, "blablabla"))
self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_email(credentials, "blablabla"))
self.assertRaises(IncorrectVerificationCodeFatal, lambda: self.service.verify_email(credentials, "blablabla"))
self.assertRaises(IncorrectLogin, lambda: self.service.verify_email(credentials, "blablabla"))
self.assertRaises(IncorrectLogin, lambda: self.service.verify_email(credentials, verification_code))
def test_fail_phone_verification_and_delete_account(self):
credentials = Credentials()
credentials.phone = "+79263435016"
credentials.password = "******"
register_result = self.service.register(credentials)
verification_code = register_result["verification"]["send_code"]
self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_phone(credentials, "blablabla"))
self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_phone(credentials, "blablabla"))
self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_phone(credentials, "blablabla"))
self.assertRaises(IncorrectVerificationCodeFatal, lambda: self.service.verify_phone(credentials, "blablabla"))
self.assertRaises(IncorrectLogin, lambda: self.service.verify_phone(credentials, "blablabla"))
self.assertRaises(IncorrectLogin, lambda: self.service.verify_phone(credentials, verification_code))
def test_phone_verification_with_third_attempt(self):
credentials = Credentials()
credentials.phone = "+79263435016"
credentials.password = "******"
register_result = self.service.register(credentials)
verification_code = register_result["verification"]["send_code"]
self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_phone(credentials, "9999"))
self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_phone(credentials, "9999"))
self.assertTrue(self.service.verify_phone(credentials, verification_code))
auth_result = self.service.authenticate(credentials)
self.assertTrue(isinstance(auth_result, dict))
self.assertEqual(1, auth_result["authentication"]["id"])
self.assertEqual(32, len(auth_result["authentication"]["token"]))
def test_email_verification_with_third_attempt(self):
credentials = Credentials()
credentials.email = "*****@*****.**"
credentials.password = "******"
register_result = self.service.register(credentials)
verification_code = register_result["verification"]["send_code"]
self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_email(credentials, "blablabla"))
self.assertRaises(IncorrectVerificationCode, lambda: self.service.verify_email(credentials, "blablabla"))
self.assertTrue(self.service.verify_email(credentials, verification_code))
auth_result = self.service.authenticate(credentials)
self.assertTrue(isinstance(auth_result, tuple))
self.assertEqual(1, auth_result[0])
self.assertEqual(32, len(auth_result[1]))
def test_vk_auth_after_normal_registartion(self):
os.environ["VK_APP_SECRET_KEY"] = "12345"
vk_id = 42
vk_concated_string = "blablabla=1&blabla=2"
sig = md5(vk_concated_string.replace("&", "") + "12345")
# Обычная регистрация, получаем токен:
credentials = Credentials()
credentials.phone = "+79263435016"
credentials.password = "******"
register_result = self.service.register(credentials)
verification_code = register_result["verification"]["send_code"]
self.service.verify_phone(credentials, verification_code)
auth_result = self.service.authenticate(credentials)
self.assertEqual(1, auth_result[0])
token = auth_result[1]
# Используем токен и укажем vk_id:
new_credentials = Credentials()
new_credentials.token = token
new_credentials.vk_id = vk_id
vk_auth_result = self.service.authenticate_vk(new_credentials, vk_concated_string, sig)
self.assertTrue(isinstance(vk_auth_result, tuple))
self.assertEqual(1, vk_auth_result[0])
self.assertEqual(token, vk_auth_result[1])
# Теперь можно и без токена:
new_credentials = Credentials()
new_credentials.vk_id = vk_id
vk_auth_result = self.service.authenticate_vk(new_credentials, vk_concated_string, sig)
self.assertTrue(isinstance(vk_auth_result, tuple))
self.assertEqual(1, vk_auth_result[0])
self.assertEqual(32, len(vk_auth_result[1]))
self.assertNotEqual(token, vk_auth_result[1])
def setUp(self):
self.service = AuthenticationService()
self.email_credentials = Credentials()
self.email_credentials.email = "*****@*****.**"
self.email_credentials.password = "******"
register_result = self.service.register(self.email_credentials)
verification_code = register_result["verification"]["send_code"]
self.service.verify_email(self.email_credentials, verification_code)
self.phone_credentials = Credentials()
self.phone_credentials.phone = "+79263435016"
self.phone_credentials.password = "******"
register_result = self.service.register(self.phone_credentials)
verification_code = register_result["verification"]["send_code"]
self.service.verify_phone(self.phone_credentials, verification_code)
def test_authenticate_vk(self):
os.environ["VK_APP_SECRET_KEY"] = "12345"
vk_id = 42
vk_concated_string = "blablabla=1&blabla=2"
sig = md5(vk_concated_string.replace("&", "") + "12345")
credentials = Credentials()
credentials.vk_id = vk_id
response = self.app.get(
"/v1/authenticate_vk/", {"vk_id": "42", "vk_concated_string": vk_concated_string, "signature": sig}
)
response = json.loads(response.body.decode())
self.assertTrue(isinstance(response, list))
self.assertTrue(len(response), 2)
self.assertEqual(1, response[0])
self.assertEqual(32, len(response[1]))
def register(uid, password):
"""
register a new user
:param uid: user's global id
:param password: user's password
:return: user instance
:raises UserAlreadyExist:
"""
if User.find_with_uid(uid) is not None:
raise UserAlreadyExist()
user = User.register(uid)
Credentials.init(user, password)
return user
def test_registration_with_autogenerated_password(self):
credentials = Credentials()
self.assertRaises(IncorrectLogin, lambda: self.service.register(credentials))
credentials.email = "*****@*****.**"
register_result = self.service.register(credentials)
self.assertTrue(isinstance(register_result, dict))
self.assertTrue("verification" in register_result)
self.assertTrue("id" in register_result["verification"])
self.assertTrue("password" in register_result["verification"])
self.assertTrue("send_code" in register_result["verification"])
self.assertTrue("send_via" in register_result["verification"])
self.assertTrue("send_address" in register_result["verification"])
self.assertEqual(1, register_result["verification"]["id"])
self.assertEqual(8, len(register_result["verification"]["password"]))
self.assertEqual("email", register_result["verification"]["send_via"])
self.assertEqual("*****@*****.**", register_result["verification"]["send_address"])
verification_code = register_result["verification"]["send_code"]
credentials2 = Credentials()
credentials2.email = "*****@*****.**"
self.assertRaises(IncorrectLogin, lambda: self.service.authenticate(credentials2))
verification_result = self.service.verify_email(credentials2, verification_code)
self.assertTrue(isinstance(verification_result, dict))
self.assertTrue("verification" in verification_result)
self.assertTrue("result" in verification_result["verification"])
self.assertEqual(True, verification_result["verification"]["result"])
self.assertTrue("password" in verification_result["verification"])
self.assertEqual(8, len(verification_result["verification"]["password"]))
self.assertRaises(IncorrectPassword, lambda : self.service.authenticate(credentials2))
credentials2.password = verification_result["verification"]["password"]
auth_result = self.service.authenticate(credentials2)
self.assertTrue(isinstance(auth_result, dict))
self.assertEqual(1, auth_result["authentication"]["id"])
self.assertEqual(32, len(auth_result["authentication"]["token"]))
def test_auth_by_token(self):
auth_result = self.service.authenticate(self.email_credentials)
self.assertTrue(isinstance(auth_result, tuple))
self.assertEqual(1, auth_result[0])
self.assertEqual(32, len(auth_result[1]))
token = auth_result[1]
new_credentials = Credentials()
new_credentials.token = token
auth_result = self.service.authenticate(new_credentials)
self.assertTrue(isinstance(auth_result, tuple))
self.assertEqual(1, auth_result[0])
self.assertEqual(token, token)
# При авторизации по токену, токен не меняется:
auth_result = self.service.authenticate(new_credentials)
self.assertTrue(isinstance(auth_result, tuple))
self.assertEqual(1, auth_result[0])
self.assertEqual(token, token)
def test_init_registration_with_vk(self):
os.environ["VK_APP_SECRET_KEY"] = "12345"
vk_id = 42
vk_concated_string = "blablabla=1&blabla=2"
sig = md5(vk_concated_string.replace("&", "") + "12345")
credentials = Credentials()
credentials.vk_id = vk_id
result = self.service.authenticate_vk(credentials, vk_concated_string, sig)
self.assertTrue(isinstance(result, tuple))
self.assertEqual(1, result[0])
self.assertEqual(32, len(result[1]))
token = result[1]
# Используя токен, полученный при регистрации через вк авторизуемся стандартным путем:
credentials.token = token
auth_result = self.service.authenticate(credentials)
self.assertTrue(isinstance(auth_result, tuple))
self.assertEqual(1, auth_result[0])
self.assertEqual(token, auth_result[1])
def test_auth_by_domain_specific_token(self):
self.email_credentials.token_name = "test"
auth_result = self.service.authenticate(self.email_credentials)
self.assertTrue(isinstance(auth_result, dict))
self.assertEqual(1, auth_result["authentication"]["id"])
self.assertEqual(32, len(auth_result["authentication"]["testtoken"]))
token = auth_result["authentication"]["testtoken"]
new_credentials = Credentials()
new_credentials.token = token
new_credentials.token_name = "test"
auth_result = self.service.authenticate(new_credentials)
self.assertTrue(isinstance(auth_result, dict))
self.assertEqual(1, auth_result["authentication"]["id"])
self.assertEqual(32, len(auth_result["authentication"]["testtoken"]))
# При авторизации по токену, токен не меняется:
auth_result = self.service.authenticate(new_credentials)
self.assertTrue(isinstance(auth_result, dict))
self.assertEqual(1, auth_result["authentication"]["id"])
self.assertEqual(token, auth_result["authentication"]["testtoken"])
def test_fail_to_verify_phone_when_email_verified_doesnt_remove_credentials(self):
result = self.service.set_new_phone(self.email_credentials, "+79164143212")
verification_code = result["verification"]["send_code"]
self.assertRaises(IncorrectVerificationCode, self.service.verify_phone, self.email_credentials, "bla")
self.assertRaises(IncorrectVerificationCode, self.service.verify_phone, self.email_credentials, "bla")
self.assertRaises(IncorrectVerificationCode, self.service.verify_phone, self.email_credentials, "bla")
self.assertRaises(IncorrectVerificationCodeFatal, self.service.verify_phone, self.email_credentials, "bla")
self.assertRaises(NoVerificationProcess, self.service.verify_phone, self.email_credentials, verification_code)
self.service.authenticate(self.email_credentials)
result = self.service.set_new_phone(self.email_credentials, "+79164143212")
verification_code = result["verification"]["send_code"]
self.service.verify_phone(self.email_credentials, verification_code)
new_phone_credentials = Credentials()
new_phone_credentials.phone = "+79164143212"
new_phone_credentials.password = self.email_credentials.password
auth_result = self.service.authenticate(new_phone_credentials)
self.assertTrue(isinstance(auth_result, tuple))
self.assertEqual(1, auth_result[0])
def test_change_password(self):
credentials = Credentials()
credentials.token = self.email_account_token
self.assertRaises(IncorrectPassword, self.service.set_new_password, credentials, "blabla", "123", "456")
self.assertRaises(NewPasswordsMismatch, self.service.set_new_password, credentials, "qwerty123", "123", "456")
change_password_result = self.service.set_new_password(credentials, "qwerty123", "12345", "12345")
self.assertTrue(isinstance(change_password_result, dict))
self.assertTrue("new_password" in change_password_result)
self.assertEqual("email", change_password_result["new_password"]["send_via"])
self.assertEqual("*****@*****.**", change_password_result["new_password"]["send_address"])
self.assertEqual("12345", change_password_result["new_password"]["send_password"])
credentials = Credentials()
credentials.token = self.phone_account_token
self.assertRaises(IncorrectPassword, self.service.set_new_password, credentials, "blabla", "123", "456")
self.assertRaises(NewPasswordsMismatch, self.service.set_new_password, credentials, "qwerty123", "123", "456")
change_password_result = self.service.set_new_password(credentials, "qwerty123", "12345", "12345")
self.assertTrue(isinstance(change_password_result, dict))
self.assertTrue("new_password" in change_password_result)
self.assertEqual("phone", change_password_result["new_password"]["send_via"])
self.assertEqual("+79263435016", change_password_result["new_password"]["send_address"])
self.assertEqual("12345", change_password_result["new_password"]["send_password"])
def test_init_registration_process_with_email(self):
credentials = Credentials()
self.assertRaises(IncorrectLogin, lambda: self.service.register(credentials))
credentials.email = "*****@*****.**"
credentials.password = "******"
register_result = self.service.register(credentials)
self.assertTrue(isinstance(register_result, dict))
self.assertTrue("verification" in register_result)
self.assertTrue("send_code" in register_result["verification"])
self.assertTrue("send_via" in register_result["verification"])
self.assertTrue("send_address" in register_result["verification"])
self.assertEqual("email", register_result["verification"]["send_via"])
self.assertEqual("*****@*****.**", register_result["verification"]["send_address"])
verification_code = register_result["verification"]["send_code"]
self.assertRaises(IncorrectLogin, lambda: self.service.authenticate(credentials))
self.assertTrue(self.service.verify_email(credentials, verification_code))
auth_result = self.service.authenticate(credentials)
self.assertTrue(isinstance(auth_result, dict))
self.assertEqual(1, auth_result["authentication"]["id"])
self.assertEqual(32, len(auth_result["authentication"]["token"]))
def test_init_registration_process_with_phone(self):
credentials = Credentials()
credentials.phone = "+79263435016"
credentials.password = "******"
register_result = self.service.register(credentials)
self.assertTrue(isinstance(register_result, dict))
self.assertTrue("verification" in register_result)
self.assertTrue("send_code" in register_result["verification"])
self.assertTrue("send_via" in register_result["verification"])
self.assertTrue("send_address" in register_result["verification"])
self.assertEqual("phone", register_result["verification"]["send_via"])
self.assertEqual("+79263435016", register_result["verification"]["send_address"])
verification_code = register_result["verification"]["send_code"]
self.assertRaises(IncorrectLogin, lambda: self.service.authenticate(credentials))
self.assertTrue(self.service.verify_phone(credentials, verification_code))
auth_result = self.service.authenticate(credentials)
self.assertTrue(isinstance(auth_result, tuple))
self.assertEqual(1, auth_result[0])
self.assertEqual(32, len(auth_result[1]))
def credentials_validate():
if request.method == "POST":
print request.method
service = (request.form.get("service"))
email = (request.form.get("email"))
password = (request.form.get("password"))
if service and email and password:
p = Credentials(service,email,password)
db.session.add(p)
db.session.commit()
flash('Created with Successfully','success')
return redirect(url_for('webui.credentials'))
def build_credentials(cls, request: Request):
""" Метод для создания экземпляра класса Credentials на основе предоставленного объекта Request
:param request:
:return:
"""
credentials = Credentials()
credentials.email = request.get("email").lower() if request.get(
"email", None) else None
credentials.phone = normalize_phone_number(
request.get("phone")) if request.get("phone", False) else None
credentials.token_name = request.get("token_name", "")
credentials.token = request.get("%stoken" % credentials.token_name,
None)
credentials.password = request.get("password", None)
credentials.vk_id = request.get("vk_id", None)
return credentials
def build_credentials(cls, request: Request):
""" Метод для создания экземпляра класса Credentials на основе предоставленного объекта Request
:param request:
:return:
"""
credentials = Credentials()
credentials.email = request.get("email").lower() if request.get("email", None) else None
credentials.phone = normalize_phone_number(request.get("phone")) if request.get("phone", False) else None
credentials.token_name = request.get("token_name", "")
credentials.token = request.get("%stoken" % credentials.token_name, None)
credentials.password = request.get("password", None)
credentials.vk_id = request.get("vk_id", None)
return credentials
def test_test(self):
"""
Регрессионный тест
Странная особенность - если при повторной попытке зарегистрироваться указана недействительная кука -
то ограничение по уникальности логина не срабатывает, получаются дубли
Такого быть не должно.
Данный тест проверяет, что в системе предусмотрена жесткая проверка
на наличие указанного логина перед вставкой новых записей
:return:
"""
credentials1 = Credentials()
credentials1.email = "*****@*****.**"
credentials1.password = "******"
register_result1 = self.service.register(credentials1)
verification_code1 = register_result1["verification"]["send_code"]
self.service.verify_email(credentials1, verification_code1)
credentials2 = Credentials()
credentials2.email = "*****@*****.**"
credentials2.token = "blablbalblabdlablblad"
credentials2.password = "******"
self.assertRaises(AlreadyRegistred, lambda: self.service.register(credentials2))
def test_second_attempt_to_start_registration_process(self):
credentials1 = Credentials()
credentials1.email = "*****@*****.**"
credentials1.password = "******"
register_result1 = self.service.register(credentials1)
verification_code1 = register_result1["verification"]["send_code"]
credentials2 = Credentials()
credentials2.email = "*****@*****.**"
credentials2.password = "******"
register_result2 = self.service.register(credentials2)
verification_code2 = register_result2["verification"]["send_code"]
self.assertNotEqual(verification_code1, verification_code2)
self.assertTrue(self.service.verify_email(credentials2, verification_code2))
auth_result = self.service.authenticate(credentials2)
self.assertTrue(isinstance(auth_result, dict))
self.assertEqual(1, auth_result["authentication"]["id"])
self.assertEqual(32, len(auth_result["authentication"]["token"]))
def post(self):
# parsing arguments
args = parser.parse_args()
FirstName = args['FirstName']
LastName = args['LastName']
Email = args['Email']
Password = args['Password']
Mobile = args['Mobile']
DateOfBirth = args['DateOfBirth']
Address = args['Address']
Is_Admin = args['Is_Admin']
user_details = Details(
FirstName=FirstName,
LastName=LastName,
Email=Email,
DateOfBirth=DateOfBirth,
Mobile=Mobile,
Address=Address
)
user_credentials = Credentials(
Email=Email,
Password=Password
)
user_Role = Role(
Email=Email,
Is_Admin=Is_Admin
)
my_session.add(user_details)
my_session.commit()
my_session.add(user_credentials)
my_session.commit()
my_session.add(user_Role)
my_session.commit()
employee = my_session.query(Details).filter(Details.Email == Email).first()
return employee, 201
