def test_accountrecovery_failure_with_wrong_old_password(self): with self.mock_accountrecovery(): res = self.do_accountrecovery(id=self.token._id, email=USER_EMAIL) self.assertEqual(res.status, 200) self.assertFalse(valid_password(self.user, NEW_PASSWORD)) self.assertNotEqual(self.user.email, USER_EMAIL)
def test_resetpassword_failure_with_expired_token(self): """Resetpassword fails: Returns 200 and does not set new password.""" with self.mock_resetpassword(): res = self.do_resetpassword() self.assertEqual(res.status, 200) self.assertFalse(valid_password(self.user, NEW_PASSWORD))
def test_resetpassword_success_with_normal_user(self): """Resetpassword succeeds: Returns 200 and sets new password.""" with self.mock_resetpassword(): res = self.do_resetpassword(id=self.token._id) self.assertEqual(res.status, 200) self.assertTrue(valid_password(self.user, NEW_PASSWORD))
def test_accountrecovery_failure_with_wrong_token(self): with self.mock_accountrecovery(): res = self.do_accountrecovery(curpass=CURRENT_PASSWORD, email=USER_EMAIL) self.assertEqual(res.status, 200) self.assertFalse(valid_password(self.user, NEW_PASSWORD)) self.assertNotEqual(self.user.email, USER_EMAIL)
def test_accountrecovery_success(self): with self.mock_accountrecovery(): res = self.do_accountrecovery(id=self.token._id, email=USER_EMAIL, curpass=CURRENT_PASSWORD) self.assertEqual(res.status, 200) self.assertTrue(valid_password(self.user, NEW_PASSWORD)) self.assertEqual(self.user.email, USER_EMAIL)
def test_resetpassword_success_with_ato_user(self): """Resetpassword succeeds: Returns 200, sets new password, and clear ATO. """ self.user.force_password_reset = True with self.mock_resetpassword(): res = self.do_resetpassword(id=self.token._id) self.assertEqual(res.status, 200) self.assertTrue(valid_password(self.user, NEW_PASSWORD)) self.assertFalse(self.user.force_password_reset)