def test_user_password(self):
test_user = User(username='******', password='******')
self.assertTrue(test_user.check_password('test_pass'), "Wrong password hash generated after creting user.")
self.assertIn('pbkdf2:sha256:1000$', test_user.password)
self.assertEqual(len(test_user.password), 92, "Wrong hash length.")
test_user.set_password('another_password')
self.assertIn('pbkdf2:sha256:1000$', test_user.password)
self.assertEqual(len(test_user.password), 92, "Wrong hash length.")
self.assertTrue(test_user.check_password('another_password'), "Wrong password hash generated after setting password.")
def sign_in():
"""
parameters:
- name: Login
required: username and password
description: Login route to authenticate existing users
responses:
400: Login failed
description: Bad Username/Password
200:
description: Login Success
result schema:
User object
"""
requested_user = request.get_json()
user = User(username=requested_user['username'],
password=requested_user['password'],
accessToken=requested_user['accessToken'],
tokenType=requested_user['tokenType'],
expiresIn=requested_user['expiresIn'],
refreshToken=requested_user['refreshToken'],
name='',
role='')
if user.check_password(requested_user['pwAttempted']):
return user.toJSON()
else:
abort(400)
def test_user_check_password(self):
user = User('test_user')
user.set_password('password')
self.assertTrue(user.check_password('password'))
def test_password_hashing(self):
u = User(username='******')
u.set_password('cat')
self.assertFalse(u.check_password('dog'))
self.assertTrue(u.check_password('cat'))