Esempio n. 1
0
def test_get_invalid_uid(client, user):
    uidb64 = "XX"
    token = token_generator.make_token(user)
    url = client.app.url_path_for("auth:password_reset_confirm",
                                  uidb64=uidb64,
                                  token=token)

    response = client.get(url)
    assert response.status_code == 404
Esempio n. 2
0
def test_invalid(test_data, client, user):
    uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8"))
    token = token_generator.make_token(user)
    url = client.app.url_path_for("auth:password_reset_confirm",
                                  uidb64=uidb64,
                                  token=token)

    response = client.post(url, data=test_data)
    assert response.status_code == 200
    assert response.url == f"http://testserver{url}"
Esempio n. 3
0
def test_get_200(client, user):
    uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8"))
    token = token_generator.make_token(user)
    url = client.app.url_path_for("auth:password_reset_confirm",
                                  uidb64=uidb64,
                                  token=token)

    response = client.get(url)
    assert response.status_code == 200
    assert "form" in response.context
    assert "request" in response.context
Esempio n. 4
0
def test_get_user_not_active(client, user):
    user.is_active = False
    user.save()
    uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8"))
    token = token_generator.make_token(user)
    url = client.app.url_path_for("auth:password_reset_confirm",
                                  uidb64=uidb64,
                                  token=token)

    response = client.get(url)
    assert response.status_code == 404
Esempio n. 5
0
def test_post(client, user):
    uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8"))
    token = token_generator.make_token(user)
    url = client.app.url_path_for("auth:password_reset_confirm",
                                  uidb64=uidb64,
                                  token=token)

    response = client.post(url,
                           data={
                               "new_password": "******",
                               "confirm_new_password": "******"
                           })
    assert response.status_code == 302
    assert response.next.url == "http://testserver/auth/password/reset/complete"
Esempio n. 6
0
def test_get_user_url_is_invalid_by_logging_in(client, user):
    uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8"))
    token = token_generator.make_token(user)
    url = client.app.url_path_for("auth:password_reset_confirm",
                                  uidb64=uidb64,
                                  token=token)

    # here we just update the last_login to simulate the user logging
    # in after the pw request is created
    user.last_login = datetime.utcnow()
    user.save()

    response = client.get(url)
    assert response.status_code == 404
Esempio n. 7
0
def test_post_changed_password(client, user):
    uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8"))
    token = token_generator.make_token(user)
    url = client.app.url_path_for("auth:password_reset_confirm",
                                  uidb64=uidb64,
                                  token=token)

    client.post(url,
                data={
                    "new_password": "******",
                    "confirm_new_password": "******"
                })

    user.refresh_from_db()
    assert user.check_password("foobar25")
Esempio n. 8
0
def test_post_url_is_one_time_use(client, user):
    uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8"))
    token = token_generator.make_token(user)
    url = client.app.url_path_for("auth:password_reset_confirm",
                                  uidb64=uidb64,
                                  token=token)

    client.post(url,
                data={
                    "new_password": "******",
                    "confirm_new_password": "******"
                })

    another = client.get(url)
    assert another.status_code == 404
Esempio n. 9
0
    async def send_email(self, request: Request):
        from . import config

        user = await db.get_user_by_email(self.data["email"])
        if not user:
            return

        templates = config.templates
        context = {
            "request":
            request,
            "uid":
            http.urlsafe_base64_encode(bytes(str(user["id"]),
                                             encoding="utf-8")),
            "user":
            user,
            "token":
            token_generator.make_token(user),
        }
        msg = EmailMessage()

        if (not config.reset_pw_email_subject_template
                or not config.reset_pw_email_template):
            error_message = (
                "To sent a password reset email you must specify both the "
                "`reset_pw_email_subject_template` and `reset_pw_email_template` "
                "templates. Additionally you can also specify the "
                "`reset_pw_html_email_template` to send an html version.")
            raise ImproperlyConfigured(error_message)

        subject_tmpl = templates.get_template(
            config.reset_pw_email_subject_template)
        subject = subject_tmpl.render(context)
        body_tmpl = templates.get_template(config.reset_pw_email_template)
        body = body_tmpl.render(context)

        msg["To"] = [user["email"]]
        msg["Subject"] = subject
        msg.set_content(body)

        if config.reset_pw_html_email_template:
            html_body_tmpl = templates.get_template(
                config.reset_pw_html_email_template)
            html_body = html_body_tmpl.render(context)
            msg.add_alternative(html_body, subtype="html")

        await send_message(msg)