def register():
# if a user is already logged in
if g.user.is_authenticated():
return render_template('index.html',
message='Please logout before attempting to create a new_account.',
email=g.user.email,
listings=get_listings())
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
user = session.query(User).filter(User.email == email).first()
if user is not None:
return render_template('index.html',
message='An account with that email already exists. If you have forgotten your password,'
+ ' go to "buy5c.com/forgot_password" to find out how to reset it.',
listings=get_listings())
# if no user with that email exists, creates one and adds it to the database
else:
password = pwd_context.encrypt(password)
user = User(email, password)
session.add(user)
session.commit()
return render_template('index.html',
message='Account successfully created.',
listings=get_listings())
return render_template('register.html')
def test_user_can_create_a_listing(self):
email = 'listing_creation_test'
password = '******'
user = User(email, pwd_context.encrypt(password))
session.add(user)
session.commit()
with self.app as c:
c.post('/login', data=dict(
email=email,
password=password))
self.assertEqual(user, current_user, "Could not test user listing creation because login failed.")
title = 'listing creation test title'
description = 'listing creation test description'
category_id = '7'
price = '50'
c.post('/sell', data=dict(
title=title,
description=description,
category=category_id,
price=price,
image=None
))
listing = session.query(Listing).filter(Listing.title == 'listing creation test title').first()
self.assertIsNotNone(listing)
self.assertEqual(listing.title, title)
self.assertEqual(listing.description, description)
self.assertEqual(listing.price, price)
self.assertEqual(listing.user_id, user.id)
def test_user_can_create_new_account(self):
email = 'steve-o'
password = '******'
encrypted_password = pwd_context.encrypt(password)
rv = self.app.post('/register', data=dict(
email=email,
password=password))
user = session.query(User).filter(User.email == email).first()
self.assertIsNotNone(user)
self.assertEqual(user.email, email)
pwd_context.verify(encrypted_password, user.password)
def test_user_can_login(self):
email = 'login_test'
password = '******'
user = User(email, pwd_context.encrypt(password))
session.add(user)
session.commit()
with self.app as c:
c.post('/login', data=dict(
email=email,
password=password))
self.assertEqual(user, current_user)
def test_user_that_did_not_create_listing_cannot_edit_it(self):
email = 'listing editing2 email'
password = '******'
user = User(email, pwd_context.encrypt(password))
listing_id = 90000002
title = 'listing editing2 title'
description = 'listing editing2 description'
category_id = '5' # arbitrary value, not important for this test
user_id = '5' # ibid
time_posted = datetime.utcnow()
price = '50' # ibid
image = None
# creating the listing object
listing = Listing(title, description, category_id, user_id, time_posted, price, image)
# adding the user to the db
session.add(user)
session.commit()
# associating the user and the listing
user_in_database = session.query(User).filter(User.email == email).first()
listing.user_id = user_in_database.id + 1 # ensuring that our user's id and the listing's creator are not the same
listing.id = listing_id
session.add(listing)
session.commit()
with self.app as c:
c.post('/login', data=dict(
email=email,
password=password))
self.assertEqual(user, current_user, "Could not test user listing editing because login failed.")
new_title = 'new listing editing2 title'
new_description = 'new listing editing2 description'
new_category_id = '8'
new_price = '752'
rv = c.post('/listing/' + str(listing_id) + '/edit', data=dict(
title=new_title,
description=new_description,
category=new_category_id,
price=new_price,
), follow_redirects=True)
edited_listing = session.query(Listing).get(listing_id)
self.assertNotEqual(edited_listing.title, new_title)
self.assertNotEqual(edited_listing.description, new_description)
# self.assertEqual(edited_listing.category_id, new_category_id) #Categories not yet implemented
self.assertNotEqual(edited_listing.price, new_price)
def test_user_can_logout(self):
email = 'logout_test'
password = '******'
user = User(email, pwd_context.encrypt(password))
session.add(user)
session.commit()
with self.app as c:
c.post('/login', data=dict(
email=email,
password=password))
self.assertEqual(user, current_user, "Could not test user logout because login failed.")
c.get('/logout')
self.assertNotEqual(user, current_user, "User still logged in.")
def test_user_can_edit_their_listing(self):
email = 'listing editing email'
password = '******'
user = User(email, pwd_context.encrypt(password))
listing_id = 9000000
title = 'listing editing title'
description = 'listing editing description'
category_id = '5' # arbitrary value, not important for this test
user_id = '5' # ibid
time_posted = datetime.utcnow()
price = '50' # ibid
image = None
listing = Listing(title, description, category_id, user_id, time_posted, price, image)
session.add(user)
session.commit()
user_in_database = session.query(User).filter(User.email == email).first()
listing.user_id = user_in_database.id
listing.id = listing_id
session.add(listing)
session.commit()
with self.app as c:
c.post('/login', data=dict(
email=email,
password=password))
self.assertEqual(user, current_user, "Could not test user listing editing because login failed.")
new_title = 'new listing editing title'
new_description = 'new listing editing description'
new_category_id = '8'
new_price = '75'
rv = c.post('/listing/' + str(listing_id) + '/edit', data=dict(
title=new_title,
description=new_description,
category=new_category_id,
price=new_price,
), follow_redirects=True)
edited_listing = session.query(Listing).get(listing_id)
self.assertEqual(edited_listing.title, new_title)
self.assertEqual(edited_listing.description, new_description)
# self.assertEqual(edited_listing.category_id, new_category_id) #Categories not yet implemented
self.assertEqual(edited_listing.price, new_price)
def test_user_account_page_shows_listings(self):
email = 'account test email'
password = '******'
user = User(email, pwd_context.encrypt(password))
listing_id = 90000003
title = 'account test title'
description = 'account test description'
category_id = '5' # arbitrary value, not important for this test
user_id = '5' # ibid
time_posted = datetime.utcnow()
price = '50' # ibid
image = None
# creating the listing object
listing = Listing(title, description, category_id, user_id, time_posted, price, image)
# adding the user to the db
session.add(user)
session.commit()
# associating the user and the listing
user_in_database = session.query(User).filter(User.email == email).first()
listing.user_id = user_in_database.id
session.add(listing)
session.commit()
other_title = 'account test2 title'
user_id = 777
listing = Listing(other_title, description, category_id, user_id, time_posted, price, image)
session.add(listing)
session.commit()
with self.app as c:
c.post('/login', data=dict(
email=email,
password=password))
self.assertEqual(user, current_user, "Could not test user listing editing because login failed.")
rv = c.get('/account')
self.assertIn(title, rv.data)
# listing
self.assertNotIn(other_title, rv.data)
def register():
# if a user is already logged in
if g.user.is_authenticated():
return 'please logout before attempting to create a new account'
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
user = session.query(User).filter(User.email == email).first()
if user is not None:
return 'an account with that email already exists'
# if no user with that email exists, creates one and adds it to the database
else:
password = pwd_context.encrypt(password)
user = User(email, password)
session.add(user)
session.commit()
return ('account successfully created. go to buy5c.com/login' +
' to log in')
return render_template('register.html')
def password(self, password): """ Set password to a hashed password """ self.password_hash = pwd_context.encrypt(password)