def post(self): data = request.get_json() if data is None: error(400, "No json data in request body") check_data_fields(data, ["email", "password"]) user_db_result = user_db_util.read( g.database, user_db_util.identify_by_email(g.database, data["email"])) if not user_db_result or not check_password_hash( user_db_result["hashed_password"], data["password"]): error(401, "Invalid username or password") user = from_dict(data_class=User, data=user_db_result) User.login_user(user) response = make_response() if user.admin: response.set_cookie( "is_admin", expires=time.time() + 365 * 24 * 60 * 60, # type: ignore # 1 year lifetime matches flask login cookie ) return response, 200
def test_get_missing_user(self): email = "*****@*****.**" user_result = user.read(self.database, user.identify_by_email(self.database, email)) assert user_result is None
def test_update_password(self): self.create_example_user(self.user_data["user1"]["email"]) user_id = user.identify_by_email(self.database, self.user_data["user1"]["email"]) user.update(self.database, user_id, {"hashed_password": "******"}) self.verify_user_data(self.user_data["user1"]["email"], self.user_data["user1"]["name"], self.user_data["user1"]["group_name"], "new_hashed_password", self.user_data["user1"]["admin"])
def post(self): data = request.get_json() if data is None: error(400, "No json data in request body") check_data_fields(data, ["email", "password"]) user_db_result = user_db_util.read(g.database, user_db_util.identify_by_email(g.database, data["email"])) if not user_db_result or not check_password_hash(user_db_result["hashed_password"], data["password"]): error(401, "Invalid username or password") user = from_dict(data_class=User, data=user_db_result) User.login_user(user) return jsonify({})
def test_get_user(self): email = "*****@*****.**" name = "Ima Test" group_name = "Ima Test Group" hashed_password = '******' admin = True self.create_example_user(email=email) user_result = user.read(self.database, user.identify_by_email(self.database, email)) self.verify_user_data(user_result["email"], user_result["name"], user_result["group_name"], user_result["hashed_password"], user_result["admin"])
def test_update_other_fields(self): self.create_example_user(self.user_data["user1"]["email"]) user_id = user.identify_by_email(self.database, self.user_data["user1"]["email"]) user.update( self.database, user_id, { "email": "*****@*****.**", "admin": True, "name": "newname", "group_name": "newgroupname" }) self.verify_user_data("*****@*****.**", "newname", "newgroupname", self.user_data["user1"]["hashed_password"], True)