def test_can_add_user(in_movie_repo):
new_username = '******'
new_password = '******'
auth_services.add_user(new_username, new_password, in_movie_repo)
user_as_dict = auth_services.get_user(new_username, in_movie_repo)
assert user_as_dict['username'] == new_username
# Check that password has been encrypted.
assert user_as_dict['password'].startswith('pbkdf2:sha256:')
def login():
form = LoginForm()
username_not_recognised = None
password_does_not_match_username = None
if form.validate_on_submit():
# Successful POST, i.e. the username and password have passed validation checking.
# Use the service layer to lookup the user.
try:
user = services.get_user(form.username.data, repo.repo_instance)
# Authenticate user.
services.authenticate_user(user['username'], form.password.data,
repo.repo_instance)
# Initialise session and redirect the user to the home page.
session.clear()
session['username'] = user['username']
return redirect(url_for('home_bp.home'))
except services.UnknownUserException:
# Username not known to the system, set a suitable error message.
username_not_recognised = 'Username not recognised - please supply another'
except services.AuthenticationException:
# Authentication failed, set a suitable error message.
password_does_not_match_username = '******'
# For a GET or a failed POST, return the Login Web page.
return render_template(
'authentication/credentials.html',
home_url=url_for('home_bp.home'),
list_movie_url=url_for('movie_bp.movies_by_year'),
list_actor_url=url_for('actor_bp.list_actor'),
list_director_url=url_for('director_bp.list_director'),
list_genre_url=url_for('genre_bp.list_genre'),
search_url=url_for('search_bp.find_movie'),
register_url=url_for('authentication_bp.register'),
title='Login',
username_error_message=username_not_recognised,
password_error_message=password_does_not_match_username,
form=form,
selected_movies=utilities.get_selected_movies(),
tag_urls=url_for('genre_bp.list_genre'))
def login():
form = LoginForm()
username_not_recognised = None
password_does_not_match_username = None
if form.validate_on_submit():
# Successful POST, i.e. the username and password have passed validation checking.
# Use the service layer to lookup the user.
try:
user = services.get_user(form.username.data, repo.repo_instance)
# Authenticate user.
services.authenticate_user(user['username'], form.password.data, repo.repo_instance)
# Initialise session and redirect the user to the home page.
session.clear()
session['username'] = user['username']
return redirect(url_for('movies_bp.suggest_movie'))
except services.UnknownUserException:
username_not_recognised = 'Username not recognised - please supply another'
except services.AuthenticationException:
password_does_not_match_username = '******'
return render_template(
'authentication/credentials.html',
title='Login',
username_error_message=username_not_recognised,
password_error_message=password_does_not_match_username,
form_login=form,
title_form=SearchByTitleForm(),
form=SearchForm(),
handler_url=url_for('movies_bp.search'),
handler_url_title=url_for('movies_bp.search_by_title'),
selected_movies=utilities.get_selected_movies(),
genre_urls=utilities.get_genres_and_urls()
)