def delete():
claims = get_jwt_claims()
user = User.from_claims(claims)
try:
password = expect(request.get_json().get('password'), str, 'password')
userdata = get_user(user.email)
if (not user.email == userdata['email'] and not
bcrypt.check_password_hash(userdata['password'], password)):
response_object = {
'status': 'fail',
'error': {'password': '******'}
}
return make_response(jsonify(response_object)), 401
else:
delete_user(user.email)
response_object = {
'status': 'success'
}
return make_response(jsonify(response_object)), 201
except Exception as e:
response_object = {
'status': 'fail',
'error': {'internal': e}
}
return make_response(jsonify(response_object)), 500
def test_invalid_user_should_not_have_preferences(client):
# delete the test user if it exists
delete_user('*****@*****.**')
preferences = {
"color": "green",
"favorite_letter": "q",
"favorite_number": 42
}
result = update_prefs('*****@*****.**', preferences)
assert result.get('error', None) is not None
assert isinstance(result, UpdateResult) is False
def test_registration(client):
delete_user('*****@*****.**')
# the password will be hashed at the api layer
# NEVER
# NEVER
# NEVER store passwords in plaintext
result = add_user(test_user.get('name'), test_user.get('email'),
test_user.get('password'))
assert result == {'success': True}
found_user = get_user(test_user.get('email'))
assert found_user.get('name') == test_user.get('name')
assert found_user.get('email') == test_user.get('email')
assert found_user.get('password') == test_user.get('password')
def test_registration(client):
delete_user("*****@*****.**")
# the password will be hashed at the api layer
# NEVER
# NEVER
# NEVER store passwords in plaintext
result = add_user(test_user.get("name"), test_user.get("email"),
test_user.get("password"))
assert result == {"success": True}
found_user = get_user(test_user.get("email"))
assert found_user.get("name") == test_user.get("name")
assert found_user.get("email") == test_user.get("email")
assert found_user.get("password") == test_user.get("password")
def delete():
claims = get_jwt_claims()
user = User.from_claims(claims)
try:
password = expect(request.get_json().get("password"), str, "password")
userdata = get_user(user.email)
if not user.email == userdata[
"email"] and not bcrypt.check_password_hash(
userdata["password"], password):
response_object = {
"error": {
"password": "******"
}
}
return make_response(jsonify(response_object)), 401
else:
delete_user(user.email)
response_object = {"status": "deleted"}
return make_response(jsonify(response_object)), 201
except Exception as e:
response_object = {"error": {"internal": str(e)}}
return make_response(jsonify(response_object)), 500