コード例 #1
0
ファイル: test_security.py プロジェクト: appetito/Kotti
    def test_login_with_email_remembers(self, remember):
        from kotti.views.login import login
        request = DummyRequest()

        self.make_bob()
        request.params['submit'] = u'on'
        request.params['login'] = u'*****@*****.**'
        request.params['password'] = u'secret'
        login(None, request)
        remember.assert_called_with(request, u'bob')
コード例 #2
0
ファイル: test_security.py プロジェクト: castaf/Kotti
    def test_login_with_email_remembers(self, db_session):
        from kotti.views.login import login
        request = DummyRequest()

        self.make_bob()
        request.params['submit'] = 'on'
        request.params['login'] = '******'
        request.params['password'] = '******'
        with patch('kotti.views.login.remember') as remember:
            login(None, request)
            remember.assert_called_with(request, 'bob')
コード例 #3
0
    def test_login_with_email_remembers(self, db_session):
        from kotti.views.login import login
        request = DummyRequest()

        self.make_bob()
        request.params['submit'] = u'on'
        request.params['login'] = u'*****@*****.**'
        request.params['password'] = u'secret'
        with patch('kotti.views.login.remember') as remember:
            login(None, request)
            remember.assert_called_with(request, u'bob')
コード例 #4
0
ファイル: test_security.py プロジェクト: Doik/Kotti
    def test_reset_password_inactive_user(self, email_set_password):
        from kotti.views.login import login

        request = DummyRequest()
        self.make_bob().active = False
        request.params['reset-password'] = u'on'
        request.params['login'] = u'bob'
        request.params['password'] = u'secret'
        login(None, request)
        self.assertEqual(request.session.pop_flash('error'),
                         [u"That username or email is not known to us."])
        assert email_set_password.call_count == 0
コード例 #5
0
ファイル: test_security.py プロジェクト: Doik/Kotti
    def test_reset_password_inactive_user(self, email_set_password):
        from kotti.views.login import login

        request = DummyRequest()
        self.make_bob().active = False
        request.params['reset-password'] = u'on'
        request.params['login'] = u'bob'
        request.params['password'] = u'secret'
        login(None, request)
        self.assertEqual(request.session.pop_flash('error'),
                         [u"That username or email is not known to us."])
        assert email_set_password.call_count == 0
コード例 #6
0
ファイル: test_security.py プロジェクト: timgates42/Kotti
    def test_login_with_email_remembers(self, db_session):
        from kotti.views.login import login

        request = DummyRequest()

        self.make_bob()
        request.params["submit"] = "on"
        request.params["login"] = "******"
        request.params["password"] = "******"
        with patch("kotti.views.login.remember") as remember:
            login(None, request)
            remember.assert_called_with(request, "bob")
コード例 #7
0
ファイル: test_security.py プロジェクト: Doik/Kotti
    def test_reset_password(self, email_set_password):
        from kotti.views.login import login

        request = DummyRequest()
        self.make_bob()
        request.params['reset-password'] = u'on'
        request.params['login'] = u'bob'
        request.params['password'] = u'secret'
        login(None, request)
        self.assertEqual(request.session.pop_flash('success'), [
            u"You should receive an email with a link to reset your "
            u"password momentarily."])
        assert email_set_password.call_count == 1
コード例 #8
0
ファイル: test_security.py プロジェクト: Doik/Kotti
    def test_reset_password(self, email_set_password):
        from kotti.views.login import login

        request = DummyRequest()
        self.make_bob()
        request.params['reset-password'] = u'on'
        request.params['login'] = u'bob'
        request.params['password'] = u'secret'
        login(None, request)
        self.assertEqual(request.session.pop_flash('success'), [
            u"You should receive an email with a link to reset your "
            u"password momentarily."
        ])
        assert email_set_password.call_count == 1
コード例 #9
0
    def test_reset_password_inactive_user(self, db_session):
        from kotti.views.login import login

        request = DummyRequest()
        self.make_bob().active = False
        request.params['reset-password'] = u'on'
        request.params['login'] = u'bob'
        request.params['password'] = u'secret'
        with patch(
                'kotti.views.login.email_set_password') as email_set_password:
            login(None, request)
        assert (request.session.pop_flash('error') ==
                [u"That username or email is not known by this system."])
        assert email_set_password.call_count == 0
コード例 #10
0
ファイル: test_security.py プロジェクト: rkx-forks/Kotti
    def test_reset_password_inactive_user(self, db_session):
        from kotti.views.login import login

        request = DummyRequest()
        self.make_bob().active = False
        request.params["reset-password"] = "******"
        request.params["login"] = "******"
        request.params["password"] = "******"
        with patch("kotti.views.login.email_set_password") as email_set_password:
            login(None, request)
        assert request.session.pop_flash("error") == [
            "That username or email is not known by this system."
        ]
        assert email_set_password.call_count == 0
コード例 #11
0
ファイル: test_security.py プロジェクト: rkx-forks/Kotti
    def test_reset_password(self, db_session):
        from kotti.views.login import login

        request = DummyRequest()
        self.make_bob()
        request.params["reset-password"] = "******"
        request.params["login"] = "******"
        request.params["password"] = "******"
        with patch("kotti.views.login.email_set_password") as email_set_password:
            login(None, request)
        assert request.session.pop_flash("success") == [
            "You should be receiving an email with a link to reset your "
            "password. Doing so will activate your account."
        ]
        assert email_set_password.call_count == 1
コード例 #12
0
    def test_reset_password(self, db_session):
        from kotti.views.login import login

        request = DummyRequest()
        self.make_bob()
        request.params['reset-password'] = u'on'
        request.params['login'] = u'bob'
        request.params['password'] = u'secret'
        with patch(
                'kotti.views.login.email_set_password') as email_set_password:
            login(None, request)
        assert (request.session.pop_flash('success') == [
            u"You should be receiving an email with a link to reset your "
            u"password. Doing so will activate your account."])
        assert email_set_password.call_count == 1
コード例 #13
0
    def test_reset_password_inactive_user(self, db_session):
        from kotti.views.login import login

        request = DummyRequest()
        self.make_bob().active = False
        request.params['reset-password'] = u'on'
        request.params['login'] = u'bob'
        request.params['password'] = u'secret'
        with patch(
                'kotti.views.login.email_set_password') as email_set_password:
            login(None, request)
        assert (request.session.pop_flash('error') == [
            u"That username or email is not known by this system."
        ])
        assert email_set_password.call_count == 0
コード例 #14
0
    def test_reset_password(self, db_session):
        from kotti.views.login import login

        request = DummyRequest()
        self.make_bob()
        request.params['reset-password'] = u'on'
        request.params['login'] = u'bob'
        request.params['password'] = u'secret'
        with patch(
                'kotti.views.login.email_set_password') as email_set_password:
            login(None, request)
        assert (request.session.pop_flash('success') == [
            u"You should be receiving an email with a link to reset your "
            u"password. Doing so will activate your account."
        ])
        assert email_set_password.call_count == 1
コード例 #15
0
def login_select(context, request):
    log.debug(sys._getframe().f_code.co_name)
    came_from = request.params.get('came_from', request.resource_url(context))
    settings = request.registry.settings
    login = request.params.get('login', '').lower()
    password = request.params.get('password', '')

    settings = request.registry.settings
    try:
        providers = list(find_providers(settings))
    except:
        providers = ["facebook"]
    providers_large = {}
    for provider in providers:
        provider_data = login_providers.get(provider, "")
        if provider_data:
            providers_large[provider] = provider_data
    try:
        # "if submit in the request, login with the user kotti account.
        if 'submit' in request.POST:
            return kotti_login.login(context, request)
        return {
            'url': request.application_url + '/@@login',
            'project': settings['kotti.site_title'],
            'came_from': came_from,
            'password': password,
            'login': login,
            'providers_large': providers_large,
            'providers_small': {},
            'login_url': request.route_url('login'),
            'register': kotti_login.asbool(get_settings()['kotti.register']),
        }
    except Exception as e:
        log.exception(e)
        raise HTTPNotFound(e.message).exception
コード例 #16
0
ファイル: test_security.py プロジェクト: Doik/Kotti
    def test_login(self):
        from kotti.views.login import login
        request = DummyRequest()

        # No login attempt:
        result = login(None, request)
        self.assert_(isinstance(result, dict))
        self.assertEqual(request.session.pop_flash('success'), [])
        self.assertEqual(request.session.pop_flash('error'), [])

        # Attempt to log in before Bob exists:
        request.params['submit'] = u'on'
        request.params['login'] = u'bob'
        request.params['password'] = u'secret'
        result = login(None, request)
        self.assert_(isinstance(result, dict))
        self.assertEqual(request.session.pop_flash('success'), [])
        self.assertEqual(request.session.pop_flash('error'),
                         [u'Login failed.'])

        # Make Bob and do it again:
        bob = self.make_bob()
        self.assertEqual(bob.last_login_date, None)
        result = login(None, request)
        self.assertEqual(result.status, '302 Found')
        self.assertEqual(
            [request.session.pop_flash('success')[0].interpolate()],
            [u'Welcome, Bob Dabolina!'])
        last_login_date = bob.last_login_date
        self.assertNotEqual(last_login_date, None)
        self.assertEqual(request.session.pop_flash('error'), [])

        # Log in with email:
        request.params['login'] = u'*****@*****.**'
        result = login(None, request)
        self.assertEqual(result.status, '302 Found')
        self.assertEqual(
            [request.session.pop_flash('success')[0].interpolate()],
            [u'Welcome, Bob Dabolina!'])
        self.assertTrue(last_login_date < bob.last_login_date)

        # Deactive Bob, logging in is no longer possible:
        bob.active = False
        result = login(None, request)
        self.assert_(isinstance(result, dict))
        self.assertEqual(request.session.pop_flash('error'),
                         [u'Login failed.'])

        # If Bob has a 'confirm_token' set, logging in is still possible:
        bob.active = True
        bob.confirm_token = u'token'
        result = login(None, request)
        self.assertEqual(result.status, '302 Found')
        self.assertEqual(
            [request.session.pop_flash('success')[0].interpolate()],
            [u'Welcome, Bob Dabolina!'])
コード例 #17
0
ファイル: test_security.py プロジェクト: Doik/Kotti
    def test_login(self):
        from kotti.views.login import login
        request = DummyRequest()

        # No login attempt:
        result = login(None, request)
        self.assert_(isinstance(result, dict))
        self.assertEqual(request.session.pop_flash('success'), [])
        self.assertEqual(request.session.pop_flash('error'), [])

        # Attempt to log in before Bob exists:
        request.params['submit'] = u'on'
        request.params['login'] = u'bob'
        request.params['password'] = u'secret'
        result = login(None, request)
        self.assert_(isinstance(result, dict))
        self.assertEqual(request.session.pop_flash('success'), [])
        self.assertEqual(request.session.pop_flash('error'),
                         [u'Login failed.'])

        # Make Bob and do it again:
        bob = self.make_bob()
        self.assertEqual(bob.last_login_date, None)
        result = login(None, request)
        self.assertEqual(result.status, '302 Found')
        self.assertEqual(
            [request.session.pop_flash('success')[0].interpolate()],
            [u'Welcome, Bob Dabolina!'])
        last_login_date = bob.last_login_date
        self.assertNotEqual(last_login_date, None)
        self.assertEqual(request.session.pop_flash('error'), [])

        # Log in with email:
        request.params['login'] = u'*****@*****.**'
        result = login(None, request)
        self.assertEqual(result.status, '302 Found')
        self.assertEqual(
            [request.session.pop_flash('success')[0].interpolate()],
            [u'Welcome, Bob Dabolina!'])
        self.assertTrue(last_login_date < bob.last_login_date)

        # Deactive Bob, logging in is no longer possible:
        bob.active = False
        result = login(None, request)
        self.assert_(isinstance(result, dict))
        self.assertEqual(request.session.pop_flash('error'),
                         [u'Login failed.'])

        # If Bob has a 'confirm_token' set, logging in is still possible:
        bob.active = True
        bob.confirm_token = u'token'
        result = login(None, request)
        self.assertEqual(result.status, '302 Found')
        self.assertEqual(
            [request.session.pop_flash('success')[0].interpolate()],
            [u'Welcome, Bob Dabolina!'])
コード例 #18
0
ファイル: test_security.py プロジェクト: rkx-forks/Kotti
    def test_login(self, db_session):
        from kotti.views.login import login

        request = DummyRequest()

        # No login attempt:
        result = login(None, request)
        assert isinstance(result, dict)
        assert request.session.pop_flash("success") == []
        assert request.session.pop_flash("error") == []

        # Attempt to log in before Bob exists:
        request.params["submit"] = "on"
        request.params["login"] = "******"
        request.params["password"] = "******"
        result = login(None, request)
        assert isinstance(result, dict)
        assert request.session.pop_flash("success") == []
        assert request.session.pop_flash("error") == ["Login failed."]

        # Make Bob and do it again:
        bob = self.make_bob()
        assert bob.last_login_date is None
        result = login(None, request)
        assert result.status == "302 Found"
        assert [request.session.pop_flash("success")[0].interpolate()] == [
            "Welcome, Bob Dabolina!"
        ]
        last_login_date = bob.last_login_date
        assert last_login_date is not None
        assert request.session.pop_flash("error") == []

        # Log in with email:
        request.params["login"] = "******"
        result = login(None, request)
        assert result.status == "302 Found"
        assert [request.session.pop_flash("success")[0].interpolate()] == [
            "Welcome, Bob Dabolina!"
        ]
        assert last_login_date < bob.last_login_date

        # Deactive Bob, logging in is no longer possible:
        bob.active = False
        result = login(None, request)
        assert isinstance(result, dict)
        assert request.session.pop_flash("error") == ["Login failed."]

        # If Bob has a 'confirm_token' set, logging in is still possible:
        bob.active = True
        bob.confirm_token = "token"
        result = login(None, request)
        assert result.status == "302 Found"
        assert [request.session.pop_flash("success")[0].interpolate()] == [
            "Welcome, Bob Dabolina!"
        ]
コード例 #19
0
    def test_login(self, db_session):
        from kotti.views.login import login
        request = DummyRequest()

        # No login attempt:
        result = login(None, request)
        assert isinstance(result, dict)
        assert request.session.pop_flash('success') == []
        assert request.session.pop_flash('error') == []

        # Attempt to log in before Bob exists:
        request.params['submit'] = u'on'
        request.params['login'] = u'bob'
        request.params['password'] = u'secret'
        result = login(None, request)
        assert isinstance(result, dict)
        assert request.session.pop_flash('success') == []
        assert (request.session.pop_flash('error') == [u'Login failed.'])

        # Make Bob and do it again:
        bob = self.make_bob()
        assert bob.last_login_date is None
        result = login(None, request)
        assert result.status == '302 Found'
        assert (
            [request.session.pop_flash('success')[0].interpolate()] ==
            [u'Welcome, Bob Dabolina!'])
        last_login_date = bob.last_login_date
        assert last_login_date is not None
        assert request.session.pop_flash('error') == []

        # Log in with email:
        request.params['login'] = u'*****@*****.**'
        result = login(None, request)
        assert result.status == '302 Found'
        assert (
            [request.session.pop_flash('success')[0].interpolate()] ==
            [u'Welcome, Bob Dabolina!'])
        assert last_login_date < bob.last_login_date

        # Deactive Bob, logging in is no longer possible:
        bob.active = False
        result = login(None, request)
        assert isinstance(result, dict)
        assert (request.session.pop_flash('error') == [u'Login failed.'])

        # If Bob has a 'confirm_token' set, logging in is still possible:
        bob.active = True
        bob.confirm_token = u'token'
        result = login(None, request)
        assert result.status == '302 Found'
        assert (
            [request.session.pop_flash('success')[0].interpolate()] ==
            [u'Welcome, Bob Dabolina!'])
コード例 #20
0
    def test_login(self, db_session):
        from kotti.views.login import login
        request = DummyRequest()

        # No login attempt:
        result = login(None, request)
        assert isinstance(result, dict)
        assert request.session.pop_flash('success') == []
        assert request.session.pop_flash('error') == []

        # Attempt to log in before Bob exists:
        request.params['submit'] = u'on'
        request.params['login'] = u'bob'
        request.params['password'] = u'secret'
        result = login(None, request)
        assert isinstance(result, dict)
        assert request.session.pop_flash('success') == []
        assert (request.session.pop_flash('error') == [u'Login failed.'])

        # Make Bob and do it again:
        bob = self.make_bob()
        assert bob.last_login_date is None
        result = login(None, request)
        assert result.status == '302 Found'
        assert ([request.session.pop_flash('success')[0].interpolate()
                 ] == [u'Welcome, Bob Dabolina!'])
        last_login_date = bob.last_login_date
        assert last_login_date is not None
        assert request.session.pop_flash('error') == []

        # Log in with email:
        request.params['login'] = u'*****@*****.**'
        result = login(None, request)
        assert result.status == '302 Found'
        assert ([request.session.pop_flash('success')[0].interpolate()
                 ] == [u'Welcome, Bob Dabolina!'])
        assert last_login_date < bob.last_login_date

        # Deactive Bob, logging in is no longer possible:
        bob.active = False
        result = login(None, request)
        assert isinstance(result, dict)
        assert (request.session.pop_flash('error') == [u'Login failed.'])

        # If Bob has a 'confirm_token' set, logging in is still possible:
        bob.active = True
        bob.confirm_token = u'token'
        result = login(None, request)
        assert result.status == '302 Found'
        assert ([request.session.pop_flash('success')[0].interpolate()
                 ] == [u'Welcome, Bob Dabolina!'])