def test_get_user_by_name_or_email(user_factory):
user = user_factory(name="name", email="email")
db.session.add(user)
db.session.flush()
with pytest.raises(users.UserNotFoundError):
assert users.get_user_by_name_or_email("non-existing")
assert users.get_user_by_name_or_email("email") is user
assert users.get_user_by_name_or_email("EMAIL") is user
assert users.get_user_by_name_or_email("name") is user
assert users.get_user_by_name_or_email("NAME") is user
def test_get_user_by_name_or_email(user_factory):
user = user_factory(name='name', email='email')
db.session.add(user)
db.session.flush()
with pytest.raises(users.UserNotFoundError):
assert users.get_user_by_name_or_email('non-existing')
assert users.get_user_by_name_or_email('email') is user
assert users.get_user_by_name_or_email('EMAIL') is user
assert users.get_user_by_name_or_email('name') is user
assert users.get_user_by_name_or_email('NAME') is user
def test_get_user_by_name_or_email(user_factory):
user = user_factory(name='name', email='email')
db.session.add(user)
db.session.flush()
with pytest.raises(users.UserNotFoundError):
assert users.get_user_by_name_or_email('non-existing')
assert users.get_user_by_name_or_email('email') is user
assert users.get_user_by_name_or_email('EMAIL') is user
assert users.get_user_by_name_or_email('name') is user
assert users.get_user_by_name_or_email('NAME') is user
def start_password_reset(ctx: rest.Context,
params: Dict[str, str]) -> rest.Response:
user_name = params['user_name']
user = users.get_user_by_name_or_email(user_name)
if not user.email:
raise errors.ValidationError(
'User %r hasn\'t supplied email. Cannot reset password.' %
(user_name))
token = auth.generate_authentication_token(user)
if 'SERVER_NAME' in ctx.env:
url = ctx.env['SERVER_NAME'].rstrip('/')
elif 'HTTP_ORIGIN' in ctx.env:
url = ctx.env['HTTP_ORIGIN'].rstrip('/')
elif 'HTTP_HOST' in ctx.env:
url = ctx.env['HTTP_HOST'].rstrip('/')
else:
url = ''
url += '/password-reset/%s:%s' % (user.name, token)
mailer.send_mail('noreply@%s' % config.config['name'], user.email,
MAIL_SUBJECT.format(name=config.config['name']),
MAIL_BODY.format(name=config.config['name'], url=url))
return {}
def start_password_reset(ctx: rest.Context,
params: Dict[str, str]) -> rest.Response:
user_name = params["user_name"]
user = users.get_user_by_name_or_email(user_name)
if not user.email:
raise errors.ValidationError(
"User %r hasn't supplied email. Cannot reset password." %
(user_name))
token = auth.generate_authentication_token(user)
if config.config["domain"]:
url = config.config["domain"]
elif "HTTP_ORIGIN" in ctx.env:
url = ctx.env["HTTP_ORIGIN"].rstrip("/")
elif "HTTP_REFERER" in ctx.env:
url = ctx.env["HTTP_REFERER"].rstrip("/")
else:
url = ""
url += "/password-reset/%s:%s" % (user.name, token)
mailer.send_mail(
config.config["smtp"]["from"],
user.email,
MAIL_SUBJECT.format(name=config.config["name"]),
MAIL_BODY.format(name=config.config["name"], url=url),
)
return {}
def post(self, ctx, user_name):
''' Verify token from mail, generate a new password and return it. '''
user = users.get_user_by_name_or_email(user_name)
good_token = auth.generate_authentication_token(user)
token = ctx.get_param_as_string('token', required=True)
if token != good_token:
raise errors.ValidationError('Invalid password reset token.')
new_password = users.reset_user_password(user)
ctx.session.commit()
return {'password': new_password}
def finish_password_reset(ctx, params):
''' Verify token from mail, generate a new password and return it. '''
user_name = params['user_name']
user = users.get_user_by_name_or_email(user_name)
good_token = auth.generate_authentication_token(user)
token = ctx.get_param_as_string('token', required=True)
if token != good_token:
raise errors.ValidationError('Invalid password reset token.')
new_password = users.reset_user_password(user)
versions.bump_version(user)
ctx.session.commit()
return {'password': new_password}
def finish_password_reset(ctx: rest.Context,
params: Dict[str, str]) -> rest.Response:
user_name = params['user_name']
user = users.get_user_by_name_or_email(user_name)
good_token = auth.generate_authentication_token(user)
token = ctx.get_param_as_string('token')
if _hash(token) != _hash(good_token):
raise errors.ValidationError('Invalid password reset token.')
new_password = users.reset_user_password(user)
versions.bump_version(user)
ctx.session.commit()
return {'password': new_password}
def finish_password_reset(
ctx: rest.Context, params: Dict[str, str]) -> rest.Response:
user_name = params['user_name']
user = users.get_user_by_name_or_email(user_name)
good_token = auth.generate_authentication_token(user)
token = ctx.get_param_as_string('token')
if _hash(token) != _hash(good_token):
raise errors.ValidationError('Invalid password reset token.')
new_password = users.reset_user_password(user)
versions.bump_version(user)
ctx.session.commit()
return {'password': new_password}
def post(self, ctx, user_name):
''' Verify token from mail, generate a new password and return it. '''
user = users.get_user_by_name_or_email(user_name)
if not user:
raise errors.NotFoundError('User %r not found.' % user_name)
good_token = auth.generate_authentication_token(user)
token = ctx.get_param_as_string('token', required=True)
if token != good_token:
raise errors.ValidationError('Invalid password reset token.')
new_password = users.reset_password(user)
ctx.session.commit()
return {'password': new_password}
def get(self, _ctx, user_name):
''' Send a mail with secure token to the correlated user. '''
user = users.get_user_by_name_or_email(user_name)
if not user.email:
raise errors.ValidationError(
'User %r hasn\'t supplied email. Cannot reset password.' %
(user_name))
token = auth.generate_authentication_token(user)
url = '%s/password-reset/%s:%s' % (
config.config['base_url'].rstrip('/'), user.name, token)
mailer.send_mail('noreply@%s' % config.config['name'], user.email,
MAIL_SUBJECT.format(name=config.config['name']),
MAIL_BODY.format(name=config.config['name'], url=url))
return {}
def start_password_reset(_ctx: rest.Context,
params: Dict[str, str]) -> rest.Response:
user_name = params['user_name']
user = users.get_user_by_name_or_email(user_name)
if not user.email:
raise errors.ValidationError(
'User %r hasn\'t supplied email. Cannot reset password.' %
(user_name))
token = auth.generate_authentication_token(user)
url = '%s/password-reset/%s:%s' % (config.config['base_url'].rstrip('/'),
user.name, token)
mailer.send_mail('noreply@%s' % config.config['name'], user.email,
MAIL_SUBJECT.format(name=config.config['name']),
MAIL_BODY.format(name=config.config['name'], url=url))
return {}
def start_password_reset(_ctx: rest.Context,
params: Dict[str, str]) -> rest.Response:
user_name = params['user_name']
user = users.get_user_by_name_or_email(user_name)
if not user.email:
raise errors.ValidationError(
'사용자 %r님은 이메일 주소를 등록하지 않았습니다. 비밀번호를 재설정할 수 없습니다.' % (user_name))
token = auth.generate_authentication_token(user)
url = '%s/password-reset/%s:%s' % (config.config['base_url'].rstrip('/'),
user.name, token)
mailer.send_mail(
formataddr((str(Header(config.config['smtp']['user_display'],
'utf-8')), config.config['smtp']['user'])),
user.email, MAIL_SUBJECT.format(name=config.config['name']),
MAIL_BODY.format(name=config.config['name'], url=url))
return {}
def start_password_reset(_ctx, params):
''' Send a mail with secure token to the correlated user. '''
user_name = params['user_name']
user = users.get_user_by_name_or_email(user_name)
if not user.email:
raise errors.ValidationError(
'User %r hasn\'t supplied email. Cannot reset password.' % (
user_name))
token = auth.generate_authentication_token(user)
url = '%s/password-reset/%s:%s' % (
config.config['base_url'].rstrip('/'), user.name, token)
mailer.send_mail(
'noreply@%s' % config.config['name'],
user.email,
MAIL_SUBJECT.format(name=config.config['name']),
MAIL_BODY.format(name=config.config['name'], url=url))
return {}
def start_password_reset(
ctx: rest.Context, params: Dict[str, str]) -> rest.Response:
user_name = params['user_name']
user = users.get_user_by_name_or_email(user_name)
if not user.email:
raise errors.ValidationError(
'User %r hasn\'t supplied email. Cannot reset password.' % (
user_name))
token = auth.generate_authentication_token(user)
if 'HTTP_ORIGIN' in ctx.env:
url = ctx.env['HTTP_ORIGIN'].rstrip('/')
else:
url = ''
url += '/password-reset/%s:%s' % (user.name, token)
mailer.send_mail(
'noreply@%s' % config.config['name'],
user.email,
MAIL_SUBJECT.format(name=config.config['name']),
MAIL_BODY.format(name=config.config['name'], url=url))
return {}
