def test_get_invalid_uid(client, user): uidb64 = "XX" token = token_generator.make_token(user) url = client.app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) response = client.get(url) assert response.status_code == 404
def test_invalid(test_data, client, user): uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = token_generator.make_token(user) url = client.app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) response = client.post(url, data=test_data) assert response.status_code == 200 assert response.url == f"http://testserver{url}"
def test_get_200(client, user): uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = token_generator.make_token(user) url = client.app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) response = client.get(url) assert response.status_code == 200 assert "form" in response.context assert "request" in response.context
def test_get_user_not_active(client, user): user.is_active = False user.save() uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = token_generator.make_token(user) url = client.app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) response = client.get(url) assert response.status_code == 404
def test_post(client, user): uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = token_generator.make_token(user) url = client.app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) response = client.post(url, data={ "new_password": "******", "confirm_new_password": "******" }) assert response.status_code == 302 assert response.next.url == "http://testserver/auth/password/reset/complete"
def test_get_user_url_is_invalid_by_logging_in(client, user): uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = token_generator.make_token(user) url = client.app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) # here we just update the last_login to simulate the user logging # in after the pw request is created user.last_login = datetime.utcnow() user.save() response = client.get(url) assert response.status_code == 404
def test_post_changed_password(client, user): uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = token_generator.make_token(user) url = client.app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) client.post(url, data={ "new_password": "******", "confirm_new_password": "******" }) user.refresh_from_db() assert user.check_password("foobar25")
def test_post_url_is_one_time_use(client, user): uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = token_generator.make_token(user) url = client.app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) client.post(url, data={ "new_password": "******", "confirm_new_password": "******" }) another = client.get(url) assert another.status_code == 404
async def send_email(self, request: Request): from . import config user = await db.get_user_by_email(self.data["email"]) if not user: return templates = config.templates context = { "request": request, "uid": http.urlsafe_base64_encode(bytes(str(user["id"]), encoding="utf-8")), "user": user, "token": token_generator.make_token(user), } msg = EmailMessage() if (not config.reset_pw_email_subject_template or not config.reset_pw_email_template): error_message = ( "To sent a password reset email you must specify both the " "`reset_pw_email_subject_template` and `reset_pw_email_template` " "templates. Additionally you can also specify the " "`reset_pw_html_email_template` to send an html version.") raise ImproperlyConfigured(error_message) subject_tmpl = templates.get_template( config.reset_pw_email_subject_template) subject = subject_tmpl.render(context) body_tmpl = templates.get_template(config.reset_pw_email_template) body = body_tmpl.render(context) msg["To"] = [user["email"]] msg["Subject"] = subject msg.set_content(body) if config.reset_pw_html_email_template: html_body_tmpl = templates.get_template( config.reset_pw_html_email_template) html_body = html_body_tmpl.render(context) msg.add_alternative(html_body, subtype="html") await send_message(msg)