def test_change_password_failures(app):
new_password = "******"
user = users_factories.UserFactory()
access_token = create_access_token(identity=user.email)
test_client = TestClient(app.test_client())
test_client.auth_header = {"Authorization": f"Bearer {access_token}"}
response = test_client.post(
"/native/v1/change_password",
json={"currentPassword": "******", "newPassword": new_password},
)
assert response.status_code == 400
assert response.json["code"] == "INVALID_PASSWORD"
response = test_client.post(
"/native/v1/change_password",
json={"currentPassword": users_factories.DEFAULT_PASSWORD, "newPassword": "******"},
)
assert response.status_code == 400
assert response.json["code"] == "WEAK_PASSWORD"
user = find_user_by_id(user.id)
assert user.password == hash_password(users_factories.DEFAULT_PASSWORD)
def test_reset_password_success(app):
new_password = "******"
user = users_factories.UserFactory()
token = Token(from_dict={"userId": user.id, "value": "secret-value", "type": TokenType.RESET_PASSWORD})
repository.save(token)
data = {"reset_password_token": token.value, "new_password": new_password}
response = TestClient(app.test_client()).post("/native/v1/reset_password", json=data)
user = find_user_by_id(user.id)
assert response.status_code == 204
assert user.password == hash_password(new_password)
def test_check_password(self):
hashed = hash_password("secret")
assert not check_password("wrong", hashed)
assert check_password("secret", hashed)
def test_hash_password_uses_bcrypt(self):
hashed = hash_password("secret")
assert hashed != "secret"
assert hashed.startswith(b"$2b$") # bcrypt prefix
def test_hash_password_uses_md5(self):
hashed = hash_password("secret")
assert hashed == b"5ebe2294ecd0e0f08eab7690d2a6ee69"
def random_password() -> bytes:
return hash_password(random_token(length=12))