def test_reset_user_password_by_sms(self, mock_check_sms_code): self.user.mobile = 'mobile' self.user.save() mock_check_sms_code.side_effect = [{ 'mobile': 'wrong_mobile' }, { 'mobile': 'mobile' }] data = { 'new_password': '******', 'mobile': 'mobile', 'sms_token': 'any' } res = self.client.put(reverse('siteapi:ucenter_password'), data=data) self.assertEqual(res.status_code, 400) self.assertEqual(res.json(), {'mobile': ['invalid']}) data = { 'new_password': '******', 'mobile': 'mobile', 'sms_token': 'any' } res = self.client.put(reverse('siteapi:ucenter_password'), data=data) self.assertEqual(res.status_code, 200) ciphertext = User.valid_objects.get( username=self.user.username).password self.assertTrue(verify_password('new_password', ciphertext))
def test_pwd_encrypt_verify(self): plaintext = 'password' ciphertext = encrypt_password(plaintext, 'MD5') self.assertTrue(verify_password(plaintext, ciphertext)) ciphertext = encrypt_password(plaintext, 'SMD5') self.assertTrue(verify_password(plaintext, ciphertext)) ciphertext = encrypt_password(plaintext, 'SHA') self.assertTrue(verify_password(plaintext, ciphertext)) ciphertext = encrypt_password(plaintext, 'SSHA') self.assertTrue(verify_password(plaintext, ciphertext)) with self.assertRaises(ValueError): ciphertext = encrypt_password(plaintext, 'PLAINTEXT')
def test_reset_user_password_by_op(self): data = { 'new_password': '******', 'username': '******', 'old_password': '******' } res = self.client.put(reverse('siteapi:ucenter_password'), data=data) self.assertEqual(res.status_code, 200) ciphertext = User.valid_objects.get( username=self.user.username).password self.assertTrue(verify_password('new_password', ciphertext))
def authenticate(self, request, username=None, password=None): # pylint: disable=no-self-use,unused-argument ''' return user if success else None ''' user = User.active_objects.filter(username=username).first() if not user: return None ciphertext = user.password plaintext = password if verify_password(plaintext, ciphertext): request.user = user # 注意这里替换的是OneID.User,可能会与其他backend记录的user不一样 return user return None
def check_password(self, password): ''' 校验密码是否正确 :rtype: boolean ''' return verify_password(password, self.password)