def valid_user_auth(password_from_request, user): password_is_valid = checkpw(password_from_request, user.password) too_many_failed_logins = user.failed_login_count > current_app.config['MAX_FAILED_LOGIN_COUNT'] if password_is_valid and user.active and not too_many_failed_logins: return True return False
def test_should_check_password(): password = "******" password_hash = hashpw(password) assert checkpw(password, password_hash) is True
def test_should_check_invalid_password(): password = "******" password_hash = hashpw(password) assert checkpw("not my password", password_hash) is False