async def post(self): """ Check is email unique and create new User """ cleaned_data = await self._validate() email = cleaned_data["email"] password_1 = cleaned_data["password_1"] password_2 = cleaned_data["password_2"] invite_token = cleaned_data.get("token") db_objects = self.request.app.objects self._password_match(password_1, password_2) user_invite = await self._get_user_invite(db_objects, invite_token) if not user_invite: details = "Invitation link is expired or unavailable" logger.error("Couldn't signup user token: %s | details: %s", invite_token, details) raise InvalidParameterError(details=details) if await db_objects.count(User.select().where(User.email ** email)): raise InvalidParameterError(details=f"User with email '{email}' already exists") user = await User.async_create( db_objects, email=email, password=User.make_password(password_1), ) user_invite.user = user user_invite.is_applied = True await user_invite.async_update(db_objects) await Podcast.create_first_podcast(self.request.app.objects, user.id) self._login(user) return {"redirect_url": self._get_url("index")}, http.HTTPStatus.OK
def test_reset_password__ok(self, client, user, mocked_auth_send, dbs): request_user = user await_(request_user.update(dbs, is_superuser=True)) target_user = await_( User.async_create(dbs, db_commit=True, email=self.email, password="******")) client.login(user) response = client.post(self.url, json={"email": target_user.email}) response_data = self.assert_ok_response(response) token = response_data.get("token") assert response_data["user_id"] == target_user.id assert token is not None, response_data assert decode_jwt(response_data["token"])["user_id"] == target_user.id link = f"{settings.SITE_URL}/change-password/?t={token}" expected_body = ( f"<p>You can reset your password for {settings.SITE_URL}</p>" f"<p>Please follow the link </p>" f"<p><a href={link}>{link}</a></p>") mocked_auth_send.assert_awaited_once_with( recipient_email=target_user.email, subject=f"Welcome back to {settings.SITE_URL}", html_content=expected_body, )
def update_or_create_admin(email, password): """ Find existing user or create new user """ user = User.query.filter(User.email == email).first() if not user: print(" * [DASPANEL] Creating admin user: "******" * [DASPANEL] Reseting admin user password: " + email) user.password = generate_password_hash(password) db.session.add(user) db.session.flush() return user
def _create_user(self, db_session, is_active=True): self.user = await_( User.async_create( db_session, db_commit=True, email=self.email, password=self.encoded_password, is_active=is_active, ))
async def post(self, request): """ Check is email unique and create new User """ cleaned_data = await self._validate(request) user, _, _ = await LoginRequiredAuthBackend(request).authenticate_user( jwt_token=cleaned_data["token"], token_type=TOKEN_TYPE_RESET_PASSWORD, ) new_password = User.make_password(cleaned_data["password_1"]) await user.update(self.db_session, password=new_password) token_collection = await self._create_session(user) return self._response(token_collection)
async def post(self): """ Check is email unique and create new User """ cleaned_data = await self._validate() password_1 = cleaned_data["password_1"] password_2 = cleaned_data["password_2"] jwt_token = cleaned_data["token"] self._password_match(password_1, password_2) user = await self.authenticate_user(self.db_objects, jwt_token) user.password = User.make_password(password_1) await user.async_update(self.db_objects) self._login(user) return {"redirect_url": self._get_url("index")}, http.HTTPStatus.OK
def test_sign_up__ok(self, client, user_invite, dbs): request_data = self._sign_up_data(user_invite) response = client.post(self.url, json=request_data) response_data = self.assert_ok_response(response, status_code=201) user = await_(User.async_get(dbs, email=request_data["email"])) assert user is not None, f"User wasn't created with {request_data=}" assert_tokens(response_data, user) await_(dbs.refresh(user_invite)) assert user_invite.user_id == user.id assert user_invite.is_applied assert await_(Podcast.async_get(dbs, created_by_id=user.id)) is not None
async def post(self, request): cleaned_data = await self._validate(request) user_invite: UserInvite = cleaned_data["user_invite"] user = await User.async_create( self.db_session, email=cleaned_data["email"], password=User.make_password(cleaned_data["password_1"]), ) await user_invite.update(self.db_session, is_applied=True, user_id=user.id) await Podcast.create_first_podcast(self.db_session, user.id) token_collection = await self._create_session(user) return self._response(token_collection, status_code=status.HTTP_201_CREATED)
async def test_check_owners(db_objects, user_data, unauth_client, check_for_owner_urls): handlers = { "get": unauth_client.get, "post": unauth_client.post, } with db_objects.allow_sync(): email, password = user_data another_user = User.create(email=email, password=password) make_cookie(unauth_client, {"user": another_user.id}) for url in check_for_owner_urls: handler = handlers[url.method] response = await handler(url.url, allow_redirects=False) assert response.status == url.status_code, f"Couldn't get expected response for {url}"
def test_sign_up__user_already_exists__fail(self, client, user_invite, dbs): request_data = self._sign_up_data(user_invite) user_email = request_data["email"] await_( User.async_create(dbs, db_commit=True, email=user_email, password="******")) response = client.post(self.url, json=request_data) response_data = self.assert_fail_response(response) assert response_data == { "error": "Requested data is not valid.", "details": f"User with email '{user_email}' already exists", }
def upload_teachers(): print('Adding Teachers ...') with app.app_context(): for teacher in teachers: name = teacher[0] email = teacher[1] password = teacher[2] to_add_teacher = User(name=name, email=email, role='teacher') to_add_teacher.set_hash(password) to_add_teacher.insert() print('[x] Added', teacher)
def upload_students(): print('Adding Students ...') with app.app_context(): for student in students: name = student[0] email = student[1] password = student[2] to_add_student = User(name=name, email=email, role='student') to_add_student.set_hash(password) to_add_student.insert() print('[x] Added', student)
async def test_signin__ok(self, unauth_client, web_app): email, password = f"u_{uuid.uuid4().hex}"[:10], "password" await web_app.objects.create(User, email=email, password=User.make_password(password)) request_data = {"email": email, "password": password} response = await unauth_client.post(self.path, data=request_data, allow_redirects=False) assert response.status == 302 location = response.headers["Location"] assert str(web_app.router["index"].url_for()), location response = await unauth_client.get(location, allow_redirects=False) assert response.status == 200 content = await response.text() assert "podcasts" in content
def add_check(grade_id): if request.method == 'POST': context = base_context() form = AddStudentForm() # if form.validate_on_submit(): if not form.validate_on_submit(): flash_errors(form) return redirect(url_for('student.view', grade_id=grade_id)) user = User.query.filter(User.email == form.email.data).first() if user: flash(notify_danger('Mail already exists!')) return redirect(url_for('student.index')) student = User(name=form.name.data, email=form.email.data, role='student') grade = Grade.query.get(grade_id) student.grade = grade student.set_hash(current_app.config['DEFAULT_PASS_ALL']) student.insert() flash(notify_success('Added {}!'.format(form.email.data))) return redirect(url_for('student.view', grade_id=grade_id))
def add_check(): if request.method == 'POST': context = base_context() form = AddTeacherForm() # if form.validate_on_submit(): if not form.validate_on_submit(): flash_errors(form) return redirect(url_for('teacher.index')) user = User.query.filter(User.email == form.email.data).first() if user: flash(notify_danger('Mail already exists!')) return redirect(url_for('teacher.index')) teacher = User(name=form.name.data, email=form.email.data, role='teacher') teacher.set_hash(current_app.config['DEFAULT_PASS_ALL']) teacher.insert() flash(notify_success('Added {}!'.format(teacher.name))) return redirect(url_for('teacher.index'))
def add_admin(name, email, password): with app.app_context(): admin = User(name=name, email=email, role='admin') admin.set_hash(password) admin.insert() print('[x] added admin:', name, email, password)
def user(db_objects): with db_objects.allow_sync(): email, password = get_user_data() yield User.create(email=email, password=password)
def teardown_module(module): print(f"module teardown {module}") Episode.truncate_table() Podcast.truncate_table() User.truncate_table()
#coding: utf8 from modules.auth.models import User, Application, AppUser, db db.create_all() apps = [ Application(nom='Administration'), Application(nom='Annuaire'), Application(nom='Recrutement')] user = User(login='******', password='******', email='*****@*****.**' ) rels = [ AppUser(niveau=6, user=user, application=apps[0]), AppUser(niveau=6, user=user, application=apps[1]), AppUser(niveau=6, user=user, application=apps[2])] db.session.add_all(apps) db.session.add(user) db.session.add_all(rels) db.session.commit()
def create_user(db_session): email, password = get_user_data() return await_(User.async_create(db_session, db_commit=True, email=email, password=password))
def setup_class(cls): cls.encoded_password = User.make_password(cls.raw_password)