def test_bootstrap_error(self): user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User") user.save() response = self.client.get('/bootstrap/') # since we have a user now, bootstrap should fail response = self.client.get('/user/create/') logging.info("response status: %s" % response.status_code) assert response.status_code == 302
def test_passwords(self): user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User") user.set_password("password") user.save() assert PortalUser.check_login("*****@*****.**", "password") assert not PortalUser.check_login("*****@*****.**", "password") assert not PortalUser.check_login("*****@*****.**", "wrong")
def test_change_password(self): user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User") user.set_password("password") user.save() login_data = {"email": "*****@*****.**", "password": "******"} response = self.client.post('/login', data=login_data, follow_redirects=True) response = self.client.get('/user/[email protected]/change_password/') assert response.status_code == 200 pw_data = {"password": "******", "confirm": "newpassword"} response = self.client.post('/user/[email protected]/change_password/', data=pw_data, follow_redirects=True) assert response.status_code == 200 assert PortalUser.check_login("*****@*****.**", "newpassword") assert not PortalUser.check_login("*****@*****.**", "password") self.client.get("/logout") login_data = {"email": "*****@*****.**", "password": "******"} response = self.client.post('/login', data=login_data, follow_redirects=True) assert "Invalid" not in response.data assert "You were logged in" in response.data
def bootstrap(): if PortalUser.no_users(): session['logged_in'] = True flash('Logged in without a real user -- be sure and create one soon.') return redirect('/users/all/') else: flash('Bootstrap login not available after first user created.') return redirect(url_for('index'))
def test_create_user(self): response = self.client.get('/bootstrap/') response = self.client.get('/user/create/') assert response.status_code == 200 test_data = { "email": '*****@*****.**', "first_name": "create", "last_name": "test", "password": "******", "confirm": "password", "needs_password": True, } response = self.client.post('/user/save/', data=test_data, follow_redirects=True) assert response.status_code == 200 user = PortalUser.find_by_email(test_data['email']) assert user assert user.first_name == test_data['first_name'] assert user.last_name == test_data['last_name'] # save with a new name, test false "needs_password" path test_data = { "email": '*****@*****.**', "first_name": "changed", "last_name": "test", } response = self.client.post('/user/save/', data=test_data, follow_redirects=True) assert response.status_code == 200 user = PortalUser.find_by_email("*****@*****.**") assert user.first_name == "changed" # test error case -- first_name can't be blank test_data = { "email": '*****@*****.**', "first_name": "", "last_name": "test", } response = self.client.post('/user/save/', data=test_data, follow_redirects=True) assert response.status_code == 200 user = PortalUser.find_by_email("*****@*****.**") assert user.first_name is not ""
def login(): error = None if request.method == 'POST': if PortalUser.check_login(request.form['email'], request.form['password']): session['logged_in'] = True flash('You were logged in') return redirect(url_for('users.list_users')) error = "Invalid email or password" form = LoginForm() return render_template('login.html', form=form, error=error)
def change_password(email): if request.method == 'POST': form = PasswordForm(request.form) if form.validate(): user = PortalUser.find_by_email(email) user.set_password(form.password.data) user.save() flash('Password changed') return redirect('/user/%s/' % email) else: form = PasswordForm() return render_template('change_password.html', form=form, email=email)
def test_login(self): user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User") user.set_password("password") user.save() response = self.client.get('/login') assert response.status_code == 200 # bogus logins cause errors # TODO -- test that session is not set login_data = {"email": "*****@*****.**", "password": "******"} response = self.client.post('/login', data=login_data) assert "Invalid" in response.data login_data = {"email": "*****@*****.**", "password": "******"} response = self.client.post('/login', data=login_data) assert "Invalid" in response.data login_data = {"email": "*****@*****.**", "password": "******"} response = self.client.post('/login', data=login_data, follow_redirects=True) assert "Invalid" not in response.data assert "You were logged in" in response.data # now we can get response = self.client.get('/user/all/') assert response.status_code == 200
def test_user_model(self): user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User") user.save() assert PortalUser.find_by_email("*****@*****.**") assert PortalUser.find_by_key(ObjectId()) == None
def test_login(self): user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User") user.set_password("password") user.save() response = self.client.get('/login') assert response.status_code == 200 # bogus logins cause errors # TODO -- test that session is not set login_data = { "email": "*****@*****.**", "password": "******"} response = self.client.post('/login', data=login_data) assert "Invalid" in response.data login_data = { "email": "*****@*****.**", "password": "******"} response = self.client.post('/login', data=login_data) assert "Invalid" in response.data login_data = { "email": "*****@*****.**", "password": "******"} response = self.client.post('/login', data=login_data, follow_redirects=True) assert "Invalid" not in response.data assert "You were logged in" in response.data # now we can get response = self.client.get('/user/all/') assert response.status_code == 200
def test_change_email(self): user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User") user.set_password("password") user.save() login_data = { "email": "*****@*****.**", "password": "******"} response = self.client.post('/login', data=login_data, follow_redirects=True) test_data = { "email": '*****@*****.**', "first_name": "Test", "last_name": "User", "id": str(user.id), } response = self.client.post('/user/save/', data=test_data, follow_redirects=False) assert PortalUser.find_by_email("*****@*****.**") assert PortalUser.check_login("*****@*****.**", "password")
def test_change_email(self): user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User") user.set_password("password") user.save() login_data = {"email": "*****@*****.**", "password": "******"} response = self.client.post('/login', data=login_data, follow_redirects=True) test_data = { "email": '*****@*****.**', "first_name": "Test", "last_name": "User", "id": str(user.id), } response = self.client.post('/user/save/', data=test_data, follow_redirects=False) assert PortalUser.find_by_email("*****@*****.**") assert PortalUser.check_login("*****@*****.**", "password")
def save_user(): needs_password = '******' in request.form if needs_password: form = NewUserForm(request.form) else: form = UserForm(request.form) if form.validate(): email = form.email.data if form.id.data: user = PortalUser.find_by_key(form.id.data) else: user = PortalUser.find_by_email(email) if not user: user = PortalUser(email=email) form.populate_obj(user) if 'password' in request.form: user.set_password(form.password.data) user.save() return redirect(url_for('list_users')) else: return render_template('user_detail.html', form=form, needs_password=needs_password)
def test_change_password(self): user = PortalUser(email="*****@*****.**", first_name="Test", last_name="User") user.set_password("password") user.save() login_data = { "email": "*****@*****.**", "password": "******"} response = self.client.post('/login', data=login_data, follow_redirects=True) response = self.client.get('/user/[email protected]/change_password/') assert response.status_code == 200 pw_data = {"password": "******", "confirm": "newpassword"} response = self.client.post('/user/[email protected]/change_password/', data=pw_data, follow_redirects=True) assert response.status_code == 200 assert PortalUser.check_login("*****@*****.**", "newpassword") assert not PortalUser.check_login("*****@*****.**", "password") self.client.get("/logout") login_data = { "email": "*****@*****.**", "password": "******"} response = self.client.post('/login', data=login_data, follow_redirects=True) assert "Invalid" not in response.data assert "You were logged in" in response.data
def edit_user(email): user = PortalUser.find_by_email(email) form = UserForm(request.args, user) return render_template('user_detail.html', form=form)
def list_users(): users = PortalUser.all() return render_template('user_list.html', users=users)