def test_confirm(self):
# send a confirmation token
user = User(email='*****@*****.**',
password='******',
username='******')
self.client.post('/auth/login',
data={
'email': '*****@*****.**',
'password': '******',
'remember_me': True
})
token = r"\x87\xb7t\xcc\x84\x1e\xff"
response = self.client.get('/auth/confirm/%s' % token,
follow_redirects=True)
self.assertIn('确认链接非法或已过期', response.data)
response = self.client.get('/auth/confirm', follow_redirects=True)
self.assertIn('一封新的包含身份确认链接的邮件已发往你的邮箱', response.data)
token = user.generate_confirmation_token('email_confirm')
response = self.client.get('/auth/confirm/%s' % token,
follow_redirects=True)
self.assertIn('已确认你的身份,欢迎加入我们', response.data)
response = self.client.get('/auth/confirm/%s' % token,
follow_redirects=True)
self.assertIn('栏目', response.data)
response = self.client.get('/auth/unconfirmed', follow_redirects=True)
self.assertIn('栏目', response.data)
def register():
"""Register a new user, and send them a confirmation email."""
form = RegistrationForm()
if form.validate_on_submit():
role = Role.objects(default=True, enable=True).first()
if role is not None:
role_id = role.pkid
else:
role_id = 1
user = User(
user_name=form.user_name.data,
email=form.email.data,
password_hash=generate_password_hash(form.password.data),
role_id=role_id
)
user.save()
token = user.generate_confirmation_token()
confirm_link = url_for('account.confirm', token=token, _external=True)
get_queue().enqueue(
send_email,
recipient=user.email,
subject=_('Confirm Your Account'),
template='account/email/confirm',
user=user,
confirm_link=confirm_link)
flash(_('A confirmation link has been sent to {}.').format(user.email), 'warning')
return redirect(url_for('main.index'))
return render_template('auth/register.html', form=form)
def test_05_invalid_confirmation_token(self):
u1 = User(username='******', password='******')
u2 = User(username='******', password='******')
u1.save()
u2.save()
token = u1.generate_confirmation_token('something_need_confirm')
self.assertFalse(u2.confirm(token, 'something_need_confirm'))
def test_08_invalid_reset_token(self):
u1 = User(username='******', password='******')
u2 = User(username='******', password='******')
u1.save()
u2.save()
token = u1.generate_confirmation_token('reset_password')
self.assertFalse(u2.reset_password(token, 'horse'))
self.assertTrue(u2.verify_password('dog'))
def test_change_email(self):
# change email
user = User(email='*****@*****.**',
password='******',
confirmed=True,
username='******')
self.client.post(url_for('auth.login'),
data={
'email': '*****@*****.**',
'password': '******',
'remember_me': True
})
response = self.client.get('/auth/reset/email', follow_redirects=True)
self.assertIn('确认邮件已发送,请确认', response.data)
token = r"\x87\xb7t\xcc\x84\x1e\xff"
response = self.client.get('/auth/reset/email/%s' % token,
follow_redirects=True)
self.assertIn('确认链接非法或已过期', response.data)
token = user.generate_confirmation_token('change_email_confirm')
response = self.client.get('/auth/reset/email/%s' % token)
self.assertIn('修改邮箱地址', response.data)
response = self.client.post('/auth/reset/email/%s' % token,
data={'email': 'john_example.com'},
follow_redirects=True)
self.assertIn('请输入合法的邮箱地址', response.data)
response = self.client.post('/auth/reset/email/%s' % token,
data={'email': '*****@*****.**'},
follow_redirects=True)
self.assertIn('Email已被占用', response.data)
response = self.client.post('/auth/reset/email/%s' % token,
data={'email': '*****@*****.**'},
follow_redirects=True)
self.assertIn('修改成功', response.data)
self.assertIn('一封包含身份确认链接的邮件已发往你的新邮箱', response.data)
token = user.generate_confirmation_token('email_confirm')
response = self.client.get('/auth/confirm/%s' % token,
follow_redirects=True)
self.assertIn('已确认你的身份,欢迎加入我们', response.data)
def register():
form = RegistrationForm()
if form.validate_on_submit():
user = User(email=form.email.data,
username=form.username.data,
password=form.password.data,
member_since=datetime.utcnow())
user.save()
token = user.generate_confirmation_token('email_confirm')
send_email(user.email,
'账户确认',
'auth/email/confirm',
user=user,
token=token)
flash('一封包含身份确认链接的邮件已发往你的邮箱。')
return redirect(url_for('main.neighbourhood'))
return render_template('auth/register.html', form=form)
def test_reset_password(self):
# reset password
user = User(email='*****@*****.**',
password='******',
confirmed=True,
username='******')
self.client.post('/auth/login',
data={
'email': '*****@*****.**',
'password': '******',
'remember_me': True
})
response = self.client.get('/auth/reset/password')
self.assertEqual(response.status_code, 404)
token = r"\x87\xb7t\xcc\x84\x1e\xff"
response = self.client.get('/auth/reset/password/%s' % token)
self.assertEqual(response.status_code, 404)
self.client.get('/auth/logout')
response = self.client.get('/auth/reset/password')
self.assertEqual(response.status_code, 200)
self.assertIn('重设密码', response.data)
response = self.client.post('/auth/reset/password',
data={'email': 'jack_example.com'})
self.assertIn('请输入合法的邮箱地址', response.data)
response = self.client.post('/auth/reset/password',
data={'email': '*****@*****.**'},
follow_redirects=True)
self.assertIn('无效的账号', response.data)
response = self.client.post('/auth/reset/password',
data={'email': '*****@*****.**'},
follow_redirects=True)
self.assertIn('一封含有重设密码的链接已发给你,请注意查收', response.data)
response = self.client.post('/auth/reset/password/%s' % token,
data={
'email': '*****@*****.**',
'password': '******',
'password2': 'cat_cat'
},
follow_redirects=True)
self.assertIn('重设失败', response.data)
token = user.generate_confirmation_token('reset_password')
response = self.client.post('/auth/reset/password/%s' % token,
data={
'email': 'john_example.com',
'password': '******',
'password2': 'cat_catt'
})
self.assertIn('密码重设', response.data)
self.assertIn('请输入合法的邮箱地址', response.data)
self.assertIn('两个密码必须一样', response.data)
response = self.client.post('/auth/reset/password/%s' % token,
data={
'email': '*****@*****.**',
'password': '******',
'password2': 'cat_cat'
})
self.assertIn('无效的账号', response.data)
response = self.client.post('/auth/reset/password/%s' % token,
data={
'email': '*****@*****.**',
'password': '******',
'password2': 'cat_catt'
},
follow_redirects=True)
self.assertIn('你的密码已重设', response.data)
response = self.client.post('/auth/login',
data={
'email': '*****@*****.**',
'password': '******',
'remember_me': True
},
follow_redirects=True)
self.assertIn('个人', response.data)
def test_07_valid_reset_token(self):
u = User(username='******', password='******')
u.save()
token = u.generate_confirmation_token('reset_password')
self.assertTrue(u.reset_password(token, 'dog'))
self.assertTrue(u.verify_password('dog'))
def test_06_expired_confirmation_token(self):
u = User(username='******', password='******')
u.save()
token = u.generate_confirmation_token('something_need_confirm', 1)
time.sleep(2)
self.assertFalse(u.confirm(token, 'something_need_confirm'))
def test_04_valid_confirmation_token(self):
u = User(username='******', password='******')
u.save()
token = u.generate_confirmation_token('something_need_confirm')
self.assertTrue(u.confirm(token, 'something_need_confirm'))
