コード例 #1
0
    def setUpFactories(self):
        """This runs when the test class first starts up.
        This does not run before every test case. Use this method to
        set your database up.
        """
        User.create({
            'username': '******',
            'email': '*****@*****.**',
            'password': password('secret'),
            'bio': 'This is a bio',
            'image': '',
            'token': None
        })

        User.create({
            'username': '******',
            'email': '*****@*****.**',
            'password': password('secret')
        })

        Follow.first_or_create(user_id=1, follower_id=2)

        Article.create({
            'title': 'this is a title',
            'slug': 'this-is-a-title',
            'description': 'This is a description',
            'body': 'this is a body',
            'author_id': 1
        })

        Tag.create({'name': 'Python'})
コード例 #2
0
 def setUpFactories(self):
     """This runs when the test class first starts up.
     This does not run before every test case. Use this method to
     set your database up.
     """
     User.create({
         'username': '******',
         'email': '*****@*****.**',
         'password': password('secret')
     })
     User.create({
         'username': '******',
         'email': '*****@*****.**',
         'password': password('secret')
     })
コード例 #3
0
    def reregister(self, request: Request, validate: Validator, auth: Auth):
        today_date = date.today()

        errors = request.validate(
            validate.required([
                'firstname', 'lastname', 'address', 'email', 'username',
                'password', 'cell_phone'
            ]),
            validate.email('email'),
            validate.strong(
                'password',
                length=8,
                special=1,
                uppercase=1,
                # breach=True checks if the password has been breached before.
                # Requires 'pip install pwnedapi'
                breach=False))
        if errors:
            return request.back().with_errors(errors).with_input()

        if request.input('password') != request.input('password_confirm'):
            return request.back().with_errors({
                'error':
                ['Passwords do not match.  Please make sure passwords match']
            })

        User.where(
            'id',
            request.param('id')).update(firstname=request.input('firstname'))
        User.where(
            'id',
            request.param('id')).update(lastname=request.input('lastname'))
        User.where(
            'id', request.param('id')).update(address=request.input('address'))
        User.where(
            'id',
            request.param('id')).update(cell_phone=request.input('cell_phone'))
        User.where('id',
                   request.param('id')).update(email=request.input('email'))
        User.where(
            'id',
            request.param('id')).update(username=request.input('username'))
        User.where('id', request.param('id')).update(
            password=password(request.input('password')))
        User.where('id', request.param('id')).update(cancelled='No')
        User.where('id', request.param('id')).update(re_activated='Yes')
        User.where('id', request.param('id')).update(reactivated_on=today_date)

        auth.login(request.input('email'), request.input('password'))

        request.session.flash(
            'success',
            'Your account has been reactivated.  Thank you for trusing us again.'
        )

        return request.redirect('/')
コード例 #4
0
 def test_user_can_be_updated(self):
     self.assertTrue(
         self.actingAs(User.find(1)).json(
             'PUT', '/api/user', {
                 'user': {
                     'email': '*****@*****.**',
                     'password': password('secret'),
                     'username': '******'
                 }
             }).hasJson('user.email', '*****@*****.**'))
コード例 #5
0
 def test_user_can_be_created(self):
     self.assertTrue(
         self.json(
             'POST', '/api/users', {
                 'user': {
                     'email': '*****@*****.**',
                     'password': password('secret'),
                     'username': '******'
                 }
             }).hasJson('user.email', '*****@*****.**'))
コード例 #6
0
def user_factory(faker):
    return {
        'first_name': faker.first_name(),
        'last_name': faker.last_name(),
        'email': faker.email(),
        'password': password('secret'),
        'remember_token': get_random_string(10),
        'owner': False,
        'photo_path': ''
    }
コード例 #7
0
    def update(self, view: View, request: Request, auth: Auth,
               validate: Validator):
        user = User.all()
        pws = User.lists('password')

        customer = request.user()
        pw = customer.password

        if bcrypt.checkpw(bytes(request.input('password'), 'utf-8'),
                          bytes(pw, 'utf-8')) == False:
            return request.back().with_errors(
                {'error': ['Please enter correct old password']})

        new_password = request.input('new_password')
        confirm_password = request.input('confirm_password')

        for pws in pws:
            if bcrypt.checkpw(bytes(request.input('new_password'), 'utf-8'),
                              bytes(pws, 'utf-8')):
                return request.back().with_errors({
                    'error': [
                        'Password already exists.  Please create a new password.'
                    ]
                })

        errors = request.validate(
            validate.required(['password', 'new_password',
                               'confirm_password']),
            validate.strong('new_password',
                            length=8,
                            special=1,
                            uppercase=1,
                            breach=False)
            # breach=True checks if the password has been breached before.
            # Requires 'pip install pwnedapi'
        )

        if errors:
            return request.back().with_errors(errors).with_input()
        elif new_password != confirm_password:
            return request.back().with_errors({
                'error':
                ['New password and confirm new password do not match!']
            })
        else:
            user.where(
                'id',
                customer.id).first().update(password=password(new_password))
            request.session.flash(
                'success', 'Your password has been successfully updated.')
            return request.redirect('account')
コード例 #8
0
    def register(self, request: Request, auth: Auth, validate: Validator):

        """ register a new administrator and also checks that form is filled out properly without errors and checks to see if email, passwords, and
        usernames alread exits"""

        email = Administrator.lists('admin_email')
        user_name = Administrator.lists('admin_username')
        pw = Administrator.lists('password')

        #check to see if emails or usernames already exist
        accounts = [email, user_name]
        inputs = [request.input('admin_email'), request.input('admin_username')]

        for input in inputs:
            for account in accounts:
                if inputs[0] in accounts[0] and inputs[1] in accounts[1]:
                    return request.back().with_errors({'error': ['{} and {} already exists'.format(inputs[0], inputs[1])]})
                elif input in account:
                    return request.back().with_errors({'error': ['{} already exists'.format(input)]})

        #checking to see if password already exists

        for pw in pw:
            if bcrypt.checkpw(bytes(request.input('admin_password'), 'utf-8'), bytes(pw, 'utf-8')):
                return request.back().with_errors({'error': ['Password already exists.  Please create a new password.']})

        #checking for user entry errors when registering as an Administrator
        errors = request.validate(
            validate.required(['admin_name', 'admin_cell_phone', 'admin_address', 'admin_email', 'admin_username', 'admin_password']),
            validate.email('admin_email'),
            validate.strong('admin_password', length=8, special=1, uppercase=1)
            )

        if errors:
            return request.back().with_errors(errors).with_input()
        #when everything above checks out ok, then go ahead and insert data in Administrator table
        else:
            encoded_jwt = jwt.encode({'email': request.input('admin_email')},os.getenv('KEY') ,algorithm='HS256')
            encrypted_password = password(request.input('admin_password'))
            Administrator.insert(admin_name=request.input('admin_name'),
                                    admin_cell_phone=request.input('admin_cell_phone'),
                                    admin_address=request.input('admin_address'),
                                    admin_email=request.input('admin_email'),
                                    admin_username=request.input('admin_username'),
                                    password=encrypted_password,
                                    remember_token=encoded_jwt)

        return request.redirect('/admin')
コード例 #9
0
    def run(self):
        """Run the database seeds."""
        # self.call(UserTableSeeder)
        account = Account.create(name="Acme Corporation")

        user = User.create(account_id=account.id,
                           first_name="John",
                           last_name="Doe",
                           password=password('secret'),
                           email="*****@*****.**",
                           owner=True,
                           photo_path="")

        Factory(User, 5).create({"account_id": account.id})

        Factory(Organization, 10).create({"account_id": account.id})
コード例 #10
0
    def create(self, request: Request):
        del request.request_variables['csrf_token']

        # if POST /api/users
        proxy = self.__auth__()

        for field, value in request.all().items():
            if value:
                print(field)
                if field == 'password':

                    setattr(proxy, field, password(request.input('password')))
                else:
                    setattr(proxy, field, value)

        proxy.save()

        return request.redirect('/dashboard/management')
コード例 #11
0
    def reset(
        self,
        view: View,
        request: Request,
        validate: Validator,
    ):
        new_password = request.input('new_password')
        pws = User.lists('password')
        decoded_token = jwt.decode(request.param('id'),
                                   'secret',
                                   algorithm='HS256')
        user_email = decoded_token['email']

        for pw in pws:
            if bcrypt.checkpw(bytes(request.input('new_password'), 'utf-8'),
                              bytes(pw, 'utf-8')):
                return request.back().with_errors({
                    'error': [
                        'Password already exists.  Please create a new password.'
                    ]
                })

        errors = request.validate(
            validate.required('new_password'),
            validate.strong('new_password',
                            length=8,
                            special=1,
                            uppercase=1,
                            breach=False)
        )  # breach=True checks if the password has been breached before.
        # Requires 'pip install pwnedapi'
        if errors:
            return request.back().with_errors(errors).with_input()
        else:
            AUTH['guards']['web']['model'].where(
                'email',
                user_email).first().update(password=password(new_password))
            request.session.flash(
                'success', 'Your password has been successfully updated.')
            return request.redirect('login')
コード例 #12
0
 def setUpFactories(self):
     User.create({
         'email': '*****@*****.**',
         'password': password('secret'),
         'username': '******'
     })
コード例 #13
0
 def test_password_returns_bcrypted_password(self):
     assert password('secret') != 'secret'
     assert isinstance(password('secret'), str)