def test_from_identity(self, db_session): from paildocket.models import User alice = User( username=ALICE, password_hash=ALICE_HASH, email=ALICE_EMAIL) db_session.add(alice) db_session.flush() by_username = User.from_identity(db_session, ALICE) assert alice is by_username by_email = User.from_identity(db_session, ALICE_EMAIL) assert alice is by_email
def test_from_request_returns_none_if_authuser_is_none(self): from paildocket.models import User fake_request = DummyObject() fake_request.authenticated_userid = None returned = User.from_request(fake_request) assert returned is None
def test_from_request(self, db_session): from paildocket.models import User alice = User( username=ALICE, password_hash=ALICE_HASH, email=ALICE_EMAIL, ) db_session.add(alice) db_session.flush() fake_request = DummyObject() fake_request.db_session = db_session fake_request.authenticated_userid = alice.id returned = User.from_request(fake_request) assert returned is alice
def validate(self): """ Return the user object, or raise `deform.ValidationFailure` if the form validation fails or the identity and password do not match a user. """ data = self.form.validate(self.request.POST.items()) identity = data['identity'] password = data['password'] user = User.from_identity(self.request.db_session, identity) if user is None: # Eliminate timing differences for unknown identity case # versus invalid password. self.password_context.encrypt(password) else: if self.verify_password_possible_update(password, user): return user message = _('Unknown username/email or incorrect password') self.form.error = colander.Invalid(None, message) raise deform.ValidationFailure(self.form, self.form.cstruct, None)