async def test_delete_user(tmpcwd, app):
auth = NativeAuthenticator(db=app.db)
auth.create_user('johnsnow', 'password')
user = type('User', (), {'name': 'johnsnow'})
auth.delete_user(user)
user_info = UserInfo.find(app.db, 'johnsnow')
assert not user_info
async def test_get_user(tmpcwd, app):
auth = NativeAuthenticator(db=app.db)
auth.create_user('johnsnow', 'password')
# Getting existing user is successful.
assert auth.get_user('johnsnow') != None
# Getting non-existing user fails.
assert auth.get_user('samwelltarly') == None
async def test_delete_user(tmpcwd, app):
auth = NativeAuthenticator(db=app.db)
auth.get_or_create_user('johnsnow', 'password')
user = User.find(app.db, 'johnsnow')
auth.delete_user(user)
user_info = UserInfo.find(app.db, 'johnsnow')
assert not user_info
async def test_create_user(is_admin, open_signup, expected_authorization,
tmpcwd, app):
"""Test method create_user for new user and authorization"""
auth = NativeAuthenticator(db=app.db)
if is_admin:
auth.admin_users = {"johnsnow"}
if open_signup:
auth.open_signup = True
auth.create_user("johnsnow", "password")
user_info = UserInfo.find(app.db, "johnsnow")
assert user_info.username == "johnsnow"
assert user_info.is_authorized == expected_authorization
async def test_create_user(is_admin, open_signup, expected_authorization,
tmpcwd, app):
'''Test method create_user for new user and authorization '''
auth = NativeAuthenticator(db=app.db)
if is_admin:
auth.admin_users = ({'johnsnow'})
if open_signup:
auth.open_signup = True
auth.create_user('johnsnow', 'password')
user_info = UserInfo.find(app.db, 'johnsnow')
assert user_info.username == 'johnsnow'
assert user_info.is_authorized == expected_authorization
async def test_approval_url(app):
auth = NativeAuthenticator(db=app.db)
auth.allow_self_approval_for = ".*@example.com$"
auth.secret_key = "very long and kind-of random asdgaisgfjbafksdgasg"
auth.setup_self_approval()
# confirm that a forged slug cannot be used
with pytest.raises(ValueError):
EmailAuthorizationHandler.validate_slug("foo", auth.secret_key)
# confirm that an expired URL cannot be used
expiration = datetime.datetime.now(tz.utc) - datetime.timedelta(days=2)
url = auth.generate_approval_url("somebody", when=expiration)
slug = url.split("/")[-1]
with pytest.raises(ValueError):
EmailAuthorizationHandler.validate_slug(slug, auth.secret_key)
# confirm that a non-expired, correctly signed URL can be used
expiration = datetime.datetime.now(tz.utc) + datetime.timedelta(days=2)
url = auth.generate_approval_url("somebody", when=expiration)
slug = url.split("/")[-1]
out = EmailAuthorizationHandler.validate_slug(slug, auth.secret_key)
assert out["username"] == "somebody"
assert out["expire"] == expiration
async def test_authentication_with_exceed_atempts_of_login(tmpcwd, app):
auth = NativeAuthenticator(db=app.db)
auth.allowed_failed_logins = 3
auth.secs_before_next_try = 10
infos = {"username": "******", "password": "******"}
auth.create_user(infos["username"], "password")
UserInfo.change_authorization(app.db, "johnsnow")
for i in range(3):
response = await auth.authenticate(app, infos)
assert not response
infos["password"] = "******"
response = await auth.authenticate(app, infos)
assert not response
time.sleep(12)
response = await auth.authenticate(app, infos)
assert response
async def test_authentication_with_exceed_atempts_of_login(tmpcwd, app):
auth = NativeAuthenticator(db=app.db)
auth.allowed_failed_logins = 3
auth.secs_before_next_try = 10
infos = {'username': '******', 'password': '******'}
auth.create_user(infos['username'], 'password')
UserInfo.change_authorization(app.db, 'johnsnow')
for i in range(3):
response = await auth.authenticate(app, infos)
assert not response
infos['password'] = '******'
response = await auth.authenticate(app, infos)
assert not response
time.sleep(12)
response = await auth.authenticate(app, infos)
assert response
async def test_handlers(app):
'''Test if all handlers are available on the Authenticator'''
auth = NativeAuthenticator(db=app.db)
handlers = auth.get_handlers(app)
assert handlers[1][0] == '/signup'
assert handlers[2][0] == '/authorize'
async def test_create_user(tmpcwd, app):
'''Test if method get_or_create_user creates a new user'''
auth = NativeAuthenticator(db=app.db)
auth.get_or_create_user('John Snow', 'password')
user_info = UserInfo.find(app.db, 'John Snow')
assert user_info.username == 'John Snow'
async def test_get_unauthed_amount(tmpcwd, app):
"""Test if get_unauthed_amount returns the proper amount."""
auth = NativeAuthenticator(db=app.db)
auth.admin_users = set()
assert auth.get_unauthed_amount() == 0
auth.create_user("johnsnow", "password")
assert auth.get_unauthed_amount() == 1
UserInfo.change_authorization(app.db, "johnsnow")
assert auth.get_unauthed_amount() == 0
auth.create_user("daenerystargaryen", "anotherpassword")
assert auth.get_unauthed_amount() == 1
auth.create_user("tyrionlannister", "yetanotherpassword")
assert auth.get_unauthed_amount() == 2
auth.admin_users = set({"daenerystargaryen"})
assert auth.get_unauthed_amount() == 1
async def test_get_authed_users(tmpcwd, app):
"""Test if get_authed_users returns the proper set of users."""
auth = NativeAuthenticator(db=app.db)
auth.admin_users = set()
assert auth.get_authed_users() == set()
auth.create_user("johnsnow", "password")
assert auth.get_authed_users() == set()
UserInfo.change_authorization(app.db, "johnsnow")
assert auth.get_authed_users() == set({"johnsnow"})
auth.create_user("daenerystargaryen", "anotherpassword")
assert auth.get_authed_users() == set({"johnsnow"})
auth.admin_users = set({"daenerystargaryen"})
assert "johnsnow" in auth.get_authed_users()
assert "daenerystargaryen" in auth.get_authed_users()
async def test_create_user_bad_characters(tmpcwd, app):
"""Test method create_user with bad characters on username"""
auth = NativeAuthenticator(db=app.db)
assert not auth.create_user("john snow", "password")
assert not auth.create_user("john,snow", "password")
async def test_no_change_to_bad_password(tmpcwd, app):
"""Test that changing password doesn't bypass password requirements"""
auth = NativeAuthenticator(db=app.db)
auth.check_common_password = True
auth.minimum_password_length = 8
auth.create_user("johnsnow", "ironwood")
# Can't change password of nonexistent users.
assert auth.change_password("samwelltarly", "palanquin") is None
assert auth.get_user("johnsnow").is_valid_password("ironwood")
# Can't change password to something too short.
assert auth.change_password("johnsnow", "mummer") is None
assert auth.get_user("johnsnow").is_valid_password("ironwood")
# Can't change password to something too common.
assert auth.change_password("johnsnow", "dragon") is None
assert auth.get_user("johnsnow").is_valid_password("ironwood")
# CAN change password to something fulfilling criteria.
assert auth.change_password("johnsnow", "Daenerys") is not None
assert not auth.get_user("johnsnow").is_valid_password("ironwood")
assert auth.get_user("johnsnow").is_valid_password("Daenerys")
async def test_create_user_bad_characters(tmpcwd, app):
'''Test method create_user with bad characters on username'''
auth = NativeAuthenticator(db=app.db)
assert not auth.create_user('john snow', 'password')
assert not auth.create_user('john,snow', 'password')
