def test_retrieve_existent_user(postgresql_db): session = postgresql_db.session create_all(session) insert_test_user(session) sut = UserPersistence(postgresql_db) user = sut.get_user_by_email('*****@*****.**') assert user.email == '*****@*****.**' assert user.full_name == 'Test User' assert user.phone_number == '444-4444'
def test_cant_change_password_for_firebase_user(postgresql_db): session = postgresql_db.session create_all(session) insert_firebase_test_user(session) sut = UserPersistence(postgresql_db) user = sut.get_user_by_email('*****@*****.**') assert user.email == '*****@*****.**' with pytest.raises(CantChangePasswordForFirebaseUser): sut.change_password_for_user('*****@*****.**', 'password')
def test_cant_change_password_for_non_existent_user(postgresql_db): session = postgresql_db.session create_all(session) insert_test_user(session) sut = UserPersistence(postgresql_db) user = sut.get_user_by_email('*****@*****.**') assert user.email == '*****@*****.**' with pytest.raises(UserNotFoundException): sut.change_password_for_user('*****@*****.**', 'password')
def test_cant_unblock_user_because_doesnt_exist(postgresql_db): session = postgresql_db.session create_all(session) insert_test_user(session) sut = UserPersistence(postgresql_db) user = sut.get_user_by_email('*****@*****.**') assert user.email == '*****@*****.**' with pytest.raises(UserNotFoundException): sut.unblock_user('*****@*****.**')
def test_save_password_user(postgresql_db): session = postgresql_db.session create_all(session) assert query_first_user(session) is None user_to_save = User('*****@*****.**', 'aaa', 'John Doe', '555-5555', None, False, False, False) sut = UserPersistence(postgresql_db) sut.save(user_to_save) row = query_first_user(session) assert row is not None assert row[0] == '*****@*****.**' assert row[1] == 'John Doe' assert row[2] == '555-5555'
def test_cant_unblock_user_because_user_is_already_unblocked(postgresql_db): session = postgresql_db.session create_all(session) insert_test_user(session) sut = UserPersistence(postgresql_db) user = sut.get_user_by_email('*****@*****.**') assert user.email == '*****@*****.**' sut.block_user('*****@*****.**') sut.unblock_user('*****@*****.**') with pytest.raises(UserlAlreadyUnblockedException): sut.unblock_user('*****@*****.**')
def _register_user(): try: data = request.json user = body_parser.parse_regular_user(data) user_persistence = UserPersistence(current_app.db) user_persistence.save(user) result = { 'Registration': 'Successfully registered new user with email {0}'.format( user.email) } logger.debug('User was inserted') return result, HTTPStatus.CREATED except UserAlreadyRegisteredException: logger.error('This user already exists!') result = {'Registration': 'This user already exists!'} return result, HTTPStatus.CONFLICT
def _get_user_profile(user_email): logger.debug('Requested {0} profile'.format(user_email)) user_persistence = UserPersistence(current_app.db) try: user = user_persistence.get_user_by_email(user_email) result = format_with_underscores(user.serialize()) status_code = 200 logger.debug('User profile found') except UserNotFoundException: logger.debug('User doesnt exist') result = {'Error': 'user {0} doesnt exist'.format(user_email)} status_code = 404 return result, status_code
def _login_user(): data = request.json logger.debug(data['email']) with current_app.app_context(): result, status_code, user = get_user(current_app.client, data['email']) if status_code == 200: if validar_usuario(user, data['password']): logger.debug('Usuario logueado con exito') user_persistence = UserPersistence(current_app.db) user_found = user_persistence.get_user_by_email(data['email']) token = generate_auth_token(user_found) logger.debug('This is the token {0}'.format(token)) result = {'Token': token} else: logger.debug('Incorrect user or password') result = {'Login': '******'} status_code = 401 return result, status_code
def _login_user_using_firebase(): try: id_token = request.headers.get('authorization', None) claims = firebase_admin.auth.verify_id_token(id_token) if not claims or not claims.get('email'): logger.debug('Response from auth server login is 401') result = {'Login': '******'} status_code = 401 return result, status_code user_persistence = UserPersistence(current_app.db) user = None try: user = user_persistence.get_user_by_email(claims.get('email')) except UserNotFoundException: user = User(claims.get('email'), None, claims.get('name'), 'NULL', claims.get('picture'), True, False, False) user_persistence.save(user) if user.is_blocked_user(): logger.debug('This user is BLOCKED') result = {'Login': '******'} status_code = 401 elif user.is_firebase_user(): logger.debug('Usuario logueado con exito') token = generate_auth_token(user) logger.debug('This is the token {0}'.format(token)) result = {'Token': token, 'claims': claims} status_code = HTTPStatus.OK else: logger.debug('User not registered with Firebase') result = {'Login': '******'} status_code = 401 return result, status_code except ValueError as exc: result = {'Login': '******'} status_code = 401 logger.error(exc) return result, status_code except firebase_admin._auth_utils.InvalidIdTokenError as invalid_token_error: result = {'Register': str(invalid_token_error)} status_code = 401 logger.error(invalid_token_error) return result, status_code
def test_unblock_existent_user_successfully(postgresql_db): session = postgresql_db.session create_all(session) insert_test_user(session) sut = UserPersistence(postgresql_db) user = sut.get_user_by_email('*****@*****.**') assert user.email == '*****@*****.**' assert user.full_name == 'Test User' assert user.phone_number == '444-4444' assert user.blocked_user == '0' sut.block_user('*****@*****.**') sut.unblock_user('*****@*****.**') user = sut.get_user_by_email('*****@*****.**') assert user.email == '*****@*****.**' assert user.blocked_user == '0'
def test_save_existent_user(postgresql_db): session = postgresql_db.session create_all(session) saved_user = User('*****@*****.**', 'bbb', 'Jane Doe', '111-1111', None, False, False, False) sut = UserPersistence(postgresql_db) sut.save(saved_user) with pytest.raises(UserAlreadyRegisteredException): user_to_save = User('*****@*****.**', 'aaa', 'John Doe', '555-5555', None, False, False, False) sut.save(user_to_save)
def test_change_password_successfully(postgresql_db): session = postgresql_db.session create_all(session) insert_test_user(session) sut = UserPersistence(postgresql_db) user = sut.get_user_by_email('*****@*****.**') assert user.email == '*****@*****.**' old_hash = user.hash sut.change_password_for_user('*****@*****.**', 'password') user = sut.get_user_by_email('*****@*****.**') assert user.email == '*****@*****.**' assert not user.hash == old_hash
def _delete_user(user_email): logger.debug('Requested to delete user: '******'Successfully deleted user') logger.debug('Requesting to delete user from app server') delete_user_app_server_url = os.environ.get( 'APP_SERVER_URL') + '/api/users/' + user_email logger.debug('Url: ' + delete_user_app_server_url) response_app_server = requests.delete(url=delete_user_app_server_url) if response_app_server.status_code == HTTPStatus.OK: result, status_code = { 'Delete': 'successfully deleted user with email {0}'.format(user_email) }, HTTPStatus.OK logger.debug('User deleted') else: result, status_code = { 'Error': 'Couldnt delete user {0} in app server'.format(user_email) }, HTTPStatus.INTERNAL_SERVER_ERROR logger.debug('Couldnt delete user from app server') try: user_persistence.unblock_user(user_email) except UserNotFoundException: logger.critical('Couldnt find user to unblock') except UserlAlreadyUnblockedException: logger.critical('User was never blocked') except UserNotFoundException: result, status_code = { 'Error': 'User {0} doesnt exist'.format(user_email) }, HTTPStatus.NOT_FOUND logger.debug('User doesnt exist') except UserlAlreadyBlockedException: result, status_code = { 'Error': 'User {0} was already deleted'.format(user_email) }, HTTPStatus.NOT_FOUND logger.debug('User was already deleted') return result, status_code
def _forgot_password(user_email): logger.debug('Forgot password request from user:{0}'.format(user_email)) try: user_persistence = UserPersistence(current_app.db) user = user_persistence.get_user_by_email(user_email) if user.is_firebase_user(): result = { "Error": "user {0} is a firebase user".format(user_email) } status_code = HTTPStatus.PRECONDITION_FAILED logger.debug('User is firebase user. Cant change password') else: reset_password_persistence = ResetPasswordPersistence( current_app.db) try: # Ya teniamos un codigo para resetear la pass de este usuario # Si esta vencido le damos uno nuevo y sino le mandamos el mismo reset_password_obtained = reset_password_persistence.get_reset_password_by_email( user_email) logger.debug('User already has reset password') if reset_password_obtained.is_token_expired(): try: logger.debug('Token expired. Regenerating new one') reset_password_persistence.delete(user_email) reset_password_updated = ResetPassword(user_email) reset_password_persistence.save(reset_password_updated) send_email_with_reset_password_token( user_email, reset_password_updated.token) result = { "Forgot password": "******".format(user_email) } status_code = HTTPStatus.OK logger.debug( 'Email sent to user:{0}'.format(user_email)) except ResetPasswordNotFoundException: logger.critical( 'Trying to delete non existent reset password') result = { "Error": "couldnt update token for user {0}".format( user_email) } status_code = HTTPStatus.INTERNAL_SERVER_ERROR except ResetPasswordForNonExistentUserException: logger.critical( 'Trying to generate reset password for inexistent user in Users table. Super critical!' ) result = { "Error": "user {0} doesnt exist in table users".format( user_email) } status_code = HTTPStatus.INTERNAL_SERVER_ERROR else: logger.debug('Token is still valid. Sending email again') send_email_with_reset_password_token( user_email, reset_password_obtained.token) result = { "Forgot password": "******".format(user_email) } status_code = HTTPStatus.OK logger.debug('Email sent to user:{0}'.format(user_email)) except ResetPasswordNotFoundException: # No tenemos un codigo activo para resetear la pass de este user # Creamos uno logger.debug('User hasnt reset password. Lets create one') try: reset_password_to_save = ResetPassword(user_email) reset_password_persistence.save(reset_password_to_save) result = { "Forgot password": "******".format(user_email) } status_code = HTTPStatus.OK send_email_with_reset_password_token( user_email, reset_password_to_save.token) logger.debug('Email sent to user:{0}'.format(user_email)) except ResetPasswordForNonExistentUserException: logger.critical( 'Trying to generate reset password for inexistent user in Users table!' ) result = { "Error": "user {0} doesnt exist in table users".format( user_email) } status_code = HTTPStatus.INTERNAL_SERVER_ERROR except UserNotFoundException: result = {"Error": "user {0} doesnt exist".format(user_email)} status_code = HTTPStatus.NOT_FOUND logger.debug('User doesnt exist') return result, status_code
def test_retrieve_inexistent_user(postgresql_db): session = postgresql_db.session create_all(session) sut = UserPersistence(postgresql_db) with pytest.raises(UserNotFoundException): user = sut.get_user_by_email('*****@*****.**')
def _reset_password(user_email): logger.debug('Reset password request from user:{0}'.format(user_email)) data = request.json token_received = data['token'] password_received = data['new_password'] reset_password_persistence = ResetPasswordPersistence(current_app.db) try: reset_password_obtained = reset_password_persistence.get_reset_password_by_email( user_email) if reset_password_obtained.token == token_received: if reset_password_obtained.is_token_expired(): logger.debug('Token is expired') result = {'Error': 'token expired. Already sent new one'} status_code = HTTPStatus.UNAUTHORIZED _forgot_password(user_email) else: logger.debug('Valid token') user_persistence = UserPersistence(current_app.db) try: user_persistence.change_password_for_user( user_email, password_received) reset_password_persistence.delete(user_email) result = { 'Reset password': '******'.format(user_email) } status_code = HTTPStatus.OK logger.debug('Password updated') except CantChangePasswordForFirebaseUser: logger.critical( 'Trying to change password for firebase user!') result = { 'Error': 'user {0} is a firebase user'.format(user_email) } status_code = HTTPStatus.INTERNAL_SERVER_ERROR except UserNotFoundException: logger.critical('Cant find user!') result = { 'Error': 'user {0} doesnt exist'.format(user_email) } status_code = HTTPStatus.INTERNAL_SERVER_ERROR except ResetPasswordNotFoundException: logger.critical('Cant reset password to delete!') result = { 'Error': 'cant delete reset password request for user {0}'. format(user_email) } status_code = HTTPStatus.INTERNAL_SERVER_ERROR else: logger.debug('The token {0} is NOT correct'.format(token_received)) result = {'Error': 'token is NOT correct'} status_code = HTTPStatus.NOT_FOUND except ResetPasswordNotFoundException: logger.debug('This user didnt request to reset password') result = { 'Error': 'user {0} didnt request to reset password'.format(user_email) } status_code = HTTPStatus.NOT_FOUND return result, status_code