def verify_user_code(user_id): data = request.get_json() validate(data, post_verify_code_schema) user_to_verify = get_user_by_id(user_id=user_id) code = get_user_code(user_to_verify, data['code'], data['code_type']) if user_to_verify.failed_login_count >= current_app.config.get( 'MAX_VERIFY_CODE_COUNT'): raise InvalidRequest("Code not found", status_code=404) if not code: # only relevant from sms increment_failed_login_count(user_to_verify) raise InvalidRequest("Code not found", status_code=404) if datetime.utcnow() > code.expiry_datetime or code.code_used: # sms and email increment_failed_login_count(user_to_verify) raise InvalidRequest("Code has expired", status_code=400) user_to_verify.current_session_id = str(uuid.uuid4()) user_to_verify.logged_in_at = datetime.utcnow() user_to_verify.failed_login_count = 0 save_model_user(user_to_verify) use_user_code(code.id) return jsonify({}), 204
def verify_user_password(user_id): user_to_verify = get_user_by_id(user_id=user_id) try: txt_pwd = request.get_json()['password'] except KeyError: message = 'Required field missing data' errors = {'password': [message]} raise InvalidRequest(errors, status_code=400) if user_to_verify.check_password(txt_pwd): reset_failed_login_count(user_to_verify) return jsonify({}), 204 else: increment_failed_login_count(user_to_verify) message = 'Incorrect password' errors = {'password': [message]} raise InvalidRequest(errors, status_code=400)
def verify_user_password(user_id): user_to_verify = get_user_by_id(user_id=user_id) txt_pwd = None try: txt_pwd = request.get_json()['password'] except KeyError: message = 'Required field missing data' errors = {'password': [message]} raise InvalidRequest(errors, status_code=400) if user_to_verify.check_password(txt_pwd): user_to_verify.logged_in_at = datetime.utcnow() save_model_user(user_to_verify) reset_failed_login_count(user_to_verify) return jsonify({}), 204 else: increment_failed_login_count(user_to_verify) message = 'Incorrect password' errors = {'password': [message]} raise InvalidRequest(errors, status_code=400)
def test_reset_failed_login_should_set_failed_logins_to_0(sample_user): increment_failed_login_count(sample_user) assert sample_user.failed_login_count == 1 reset_failed_login_count(sample_user) assert sample_user.failed_login_count == 0
def test_increment_failed_login_should_increment_failed_logins(sample_user): assert sample_user.failed_login_count == 0 increment_failed_login_count(sample_user) assert sample_user.failed_login_count == 1
def test_reset_failed_login_should_set_failed_logins_to_0(notify_api, notify_db, notify_db_session, sample_user): assert User.query.count() == 1 increment_failed_login_count(sample_user) assert sample_user.failed_login_count == 1 reset_failed_login_count(sample_user) assert sample_user.failed_login_count == 0