def test_confirm(self): # send a confirmation token user = User(email='*****@*****.**', password='******', username='******') self.client.post('/auth/login', data={ 'email': '*****@*****.**', 'password': '******', 'remember_me': True }) token = r"\x87\xb7t\xcc\x84\x1e\xff" response = self.client.get('/auth/confirm/%s' % token, follow_redirects=True) self.assertIn('确认链接非法或已过期', response.data) response = self.client.get('/auth/confirm', follow_redirects=True) self.assertIn('一封新的包含身份确认链接的邮件已发往你的邮箱', response.data) token = user.generate_confirmation_token('email_confirm') response = self.client.get('/auth/confirm/%s' % token, follow_redirects=True) self.assertIn('已确认你的身份,欢迎加入我们', response.data) response = self.client.get('/auth/confirm/%s' % token, follow_redirects=True) self.assertIn('栏目', response.data) response = self.client.get('/auth/unconfirmed', follow_redirects=True) self.assertIn('栏目', response.data)
def register(): """Register a new user, and send them a confirmation email.""" form = RegistrationForm() if form.validate_on_submit(): role = Role.objects(default=True, enable=True).first() if role is not None: role_id = role.pkid else: role_id = 1 user = User( user_name=form.user_name.data, email=form.email.data, password_hash=generate_password_hash(form.password.data), role_id=role_id ) user.save() token = user.generate_confirmation_token() confirm_link = url_for('account.confirm', token=token, _external=True) get_queue().enqueue( send_email, recipient=user.email, subject=_('Confirm Your Account'), template='account/email/confirm', user=user, confirm_link=confirm_link) flash(_('A confirmation link has been sent to {}.').format(user.email), 'warning') return redirect(url_for('main.index')) return render_template('auth/register.html', form=form)
def test_05_invalid_confirmation_token(self): u1 = User(username='******', password='******') u2 = User(username='******', password='******') u1.save() u2.save() token = u1.generate_confirmation_token('something_need_confirm') self.assertFalse(u2.confirm(token, 'something_need_confirm'))
def test_08_invalid_reset_token(self): u1 = User(username='******', password='******') u2 = User(username='******', password='******') u1.save() u2.save() token = u1.generate_confirmation_token('reset_password') self.assertFalse(u2.reset_password(token, 'horse')) self.assertTrue(u2.verify_password('dog'))
def test_change_email(self): # change email user = User(email='*****@*****.**', password='******', confirmed=True, username='******') self.client.post(url_for('auth.login'), data={ 'email': '*****@*****.**', 'password': '******', 'remember_me': True }) response = self.client.get('/auth/reset/email', follow_redirects=True) self.assertIn('确认邮件已发送,请确认', response.data) token = r"\x87\xb7t\xcc\x84\x1e\xff" response = self.client.get('/auth/reset/email/%s' % token, follow_redirects=True) self.assertIn('确认链接非法或已过期', response.data) token = user.generate_confirmation_token('change_email_confirm') response = self.client.get('/auth/reset/email/%s' % token) self.assertIn('修改邮箱地址', response.data) response = self.client.post('/auth/reset/email/%s' % token, data={'email': 'john_example.com'}, follow_redirects=True) self.assertIn('请输入合法的邮箱地址', response.data) response = self.client.post('/auth/reset/email/%s' % token, data={'email': '*****@*****.**'}, follow_redirects=True) self.assertIn('Email已被占用', response.data) response = self.client.post('/auth/reset/email/%s' % token, data={'email': '*****@*****.**'}, follow_redirects=True) self.assertIn('修改成功', response.data) self.assertIn('一封包含身份确认链接的邮件已发往你的新邮箱', response.data) token = user.generate_confirmation_token('email_confirm') response = self.client.get('/auth/confirm/%s' % token, follow_redirects=True) self.assertIn('已确认你的身份,欢迎加入我们', response.data)
def register(): form = RegistrationForm() if form.validate_on_submit(): user = User(email=form.email.data, username=form.username.data, password=form.password.data, member_since=datetime.utcnow()) user.save() token = user.generate_confirmation_token('email_confirm') send_email(user.email, '账户确认', 'auth/email/confirm', user=user, token=token) flash('一封包含身份确认链接的邮件已发往你的邮箱。') return redirect(url_for('main.neighbourhood')) return render_template('auth/register.html', form=form)
def test_reset_password(self): # reset password user = User(email='*****@*****.**', password='******', confirmed=True, username='******') self.client.post('/auth/login', data={ 'email': '*****@*****.**', 'password': '******', 'remember_me': True }) response = self.client.get('/auth/reset/password') self.assertEqual(response.status_code, 404) token = r"\x87\xb7t\xcc\x84\x1e\xff" response = self.client.get('/auth/reset/password/%s' % token) self.assertEqual(response.status_code, 404) self.client.get('/auth/logout') response = self.client.get('/auth/reset/password') self.assertEqual(response.status_code, 200) self.assertIn('重设密码', response.data) response = self.client.post('/auth/reset/password', data={'email': 'jack_example.com'}) self.assertIn('请输入合法的邮箱地址', response.data) response = self.client.post('/auth/reset/password', data={'email': '*****@*****.**'}, follow_redirects=True) self.assertIn('无效的账号', response.data) response = self.client.post('/auth/reset/password', data={'email': '*****@*****.**'}, follow_redirects=True) self.assertIn('一封含有重设密码的链接已发给你,请注意查收', response.data) response = self.client.post('/auth/reset/password/%s' % token, data={ 'email': '*****@*****.**', 'password': '******', 'password2': 'cat_cat' }, follow_redirects=True) self.assertIn('重设失败', response.data) token = user.generate_confirmation_token('reset_password') response = self.client.post('/auth/reset/password/%s' % token, data={ 'email': 'john_example.com', 'password': '******', 'password2': 'cat_catt' }) self.assertIn('密码重设', response.data) self.assertIn('请输入合法的邮箱地址', response.data) self.assertIn('两个密码必须一样', response.data) response = self.client.post('/auth/reset/password/%s' % token, data={ 'email': '*****@*****.**', 'password': '******', 'password2': 'cat_cat' }) self.assertIn('无效的账号', response.data) response = self.client.post('/auth/reset/password/%s' % token, data={ 'email': '*****@*****.**', 'password': '******', 'password2': 'cat_catt' }, follow_redirects=True) self.assertIn('你的密码已重设', response.data) response = self.client.post('/auth/login', data={ 'email': '*****@*****.**', 'password': '******', 'remember_me': True }, follow_redirects=True) self.assertIn('个人', response.data)
def test_07_valid_reset_token(self): u = User(username='******', password='******') u.save() token = u.generate_confirmation_token('reset_password') self.assertTrue(u.reset_password(token, 'dog')) self.assertTrue(u.verify_password('dog'))
def test_06_expired_confirmation_token(self): u = User(username='******', password='******') u.save() token = u.generate_confirmation_token('something_need_confirm', 1) time.sleep(2) self.assertFalse(u.confirm(token, 'something_need_confirm'))
def test_04_valid_confirmation_token(self): u = User(username='******', password='******') u.save() token = u.generate_confirmation_token('something_need_confirm') self.assertTrue(u.confirm(token, 'something_need_confirm'))