def test_login_inactive(self): t = self.make_team() self.dbsession.add(t) res, msg, team = login("*****@*****.**", "Password0") assert not res assert msg == "Team not activated yet" assert team is None
def test_login_invalid_pw(self): t = self.make_team() self.dbsession.add(t) res, msg, team = login("*****@*****.**", "PasswordX") assert not res assert msg == "Invalid password" assert team is None
def test_login(self): t = self.make_team(active=True) self.dbsession.add(t) res, msg, team = login("*****@*****.**", "Password0") assert res assert msg is None assert team == t
def test_login_no_team(self): t = self.make_team() self.dbsession.add(t) res, msg, team = login("*****@*****.**", None) assert not res assert msg == "Team not found" assert team is None
def login(self): """ A view that logs in the user. Displays a login form and in case of a ``POST`` request, handles the login by checking whether it is valid. If it is, the user is logged in and redirected to the frontpage. """ form = LoginForm(self.request.POST, csrf_context=self.request) retparams = {'form': form, } if self.request.method == 'POST': if not form.validate(): return retparams login_success, msg, team = login(form.email.data, form.password.data) if not login_success: self.request.session.flash("Login failed.", 'error') log.warn("Failed login attempt for team '%(team_email)s' " "with IP Address '%(ip_address)s' and reason " "'%(message)s'" % {'team_email': form.email.data, 'ip_address': self.request.client_addr, 'message': msg, } ) return retparams # Start a new session due to new permissions self.request.session.invalidate() # Check if CTF has started already ctf_started = self.request.settings.ctf_started if not ctf_started: ctf_start = self.request.settings.ctf_start_date self.request.session.flash( "You are now logged in. However, the CTF has not started " "yet and thus you cannot see any challenges or the " "scoreboard. The CTF will start at %s (%s), i.e. %s UTC." % (tz_str(ctf_start, team.timezone), team.timezone, tz_str(ctf_start, utc))) else: self.request.session.flash("You have been logged in.", 'success') headers = remember(self.request, team.id) return HTTPFound(location=self.request.route_url('home'), headers=headers) return retparams