def test_retrieve_existent_user(postgresql_db):
session = postgresql_db.session
create_all(session)
insert_test_user(session)
sut = UserPersistence(postgresql_db)
user = sut.get_user_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
assert user.full_name == 'Test User'
assert user.phone_number == '444-4444'
def test_cant_change_password_for_firebase_user(postgresql_db):
session = postgresql_db.session
create_all(session)
insert_firebase_test_user(session)
sut = UserPersistence(postgresql_db)
user = sut.get_user_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
with pytest.raises(CantChangePasswordForFirebaseUser):
sut.change_password_for_user('*****@*****.**', 'password')
def test_cant_change_password_for_non_existent_user(postgresql_db):
session = postgresql_db.session
create_all(session)
insert_test_user(session)
sut = UserPersistence(postgresql_db)
user = sut.get_user_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
with pytest.raises(UserNotFoundException):
sut.change_password_for_user('*****@*****.**', 'password')
def test_cant_unblock_user_because_doesnt_exist(postgresql_db):
session = postgresql_db.session
create_all(session)
insert_test_user(session)
sut = UserPersistence(postgresql_db)
user = sut.get_user_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
with pytest.raises(UserNotFoundException):
sut.unblock_user('*****@*****.**')
def test_save_password_user(postgresql_db):
session = postgresql_db.session
create_all(session)
assert query_first_user(session) is None
user_to_save = User('*****@*****.**', 'aaa', 'John Doe', '555-5555', None,
False, False, False)
sut = UserPersistence(postgresql_db)
sut.save(user_to_save)
row = query_first_user(session)
assert row is not None
assert row[0] == '*****@*****.**'
assert row[1] == 'John Doe'
assert row[2] == '555-5555'
def test_cant_unblock_user_because_user_is_already_unblocked(postgresql_db):
session = postgresql_db.session
create_all(session)
insert_test_user(session)
sut = UserPersistence(postgresql_db)
user = sut.get_user_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
sut.block_user('*****@*****.**')
sut.unblock_user('*****@*****.**')
with pytest.raises(UserlAlreadyUnblockedException):
sut.unblock_user('*****@*****.**')
def _register_user():
try:
data = request.json
user = body_parser.parse_regular_user(data)
user_persistence = UserPersistence(current_app.db)
user_persistence.save(user)
result = {
'Registration':
'Successfully registered new user with email {0}'.format(
user.email)
}
logger.debug('User was inserted')
return result, HTTPStatus.CREATED
except UserAlreadyRegisteredException:
logger.error('This user already exists!')
result = {'Registration': 'This user already exists!'}
return result, HTTPStatus.CONFLICT
def _get_user_profile(user_email):
logger.debug('Requested {0} profile'.format(user_email))
user_persistence = UserPersistence(current_app.db)
try:
user = user_persistence.get_user_by_email(user_email)
result = format_with_underscores(user.serialize())
status_code = 200
logger.debug('User profile found')
except UserNotFoundException:
logger.debug('User doesnt exist')
result = {'Error': 'user {0} doesnt exist'.format(user_email)}
status_code = 404
return result, status_code
def _login_user():
data = request.json
logger.debug(data['email'])
with current_app.app_context():
result, status_code, user = get_user(current_app.client, data['email'])
if status_code == 200:
if validar_usuario(user, data['password']):
logger.debug('Usuario logueado con exito')
user_persistence = UserPersistence(current_app.db)
user_found = user_persistence.get_user_by_email(data['email'])
token = generate_auth_token(user_found)
logger.debug('This is the token {0}'.format(token))
result = {'Token': token}
else:
logger.debug('Incorrect user or password')
result = {'Login': '******'}
status_code = 401
return result, status_code
def _login_user_using_firebase():
try:
id_token = request.headers.get('authorization', None)
claims = firebase_admin.auth.verify_id_token(id_token)
if not claims or not claims.get('email'):
logger.debug('Response from auth server login is 401')
result = {'Login': '******'}
status_code = 401
return result, status_code
user_persistence = UserPersistence(current_app.db)
user = None
try:
user = user_persistence.get_user_by_email(claims.get('email'))
except UserNotFoundException:
user = User(claims.get('email'), None, claims.get('name'), 'NULL',
claims.get('picture'), True, False, False)
user_persistence.save(user)
if user.is_blocked_user():
logger.debug('This user is BLOCKED')
result = {'Login': '******'}
status_code = 401
elif user.is_firebase_user():
logger.debug('Usuario logueado con exito')
token = generate_auth_token(user)
logger.debug('This is the token {0}'.format(token))
result = {'Token': token, 'claims': claims}
status_code = HTTPStatus.OK
else:
logger.debug('User not registered with Firebase')
result = {'Login': '******'}
status_code = 401
return result, status_code
except ValueError as exc:
result = {'Login': '******'}
status_code = 401
logger.error(exc)
return result, status_code
except firebase_admin._auth_utils.InvalidIdTokenError as invalid_token_error:
result = {'Register': str(invalid_token_error)}
status_code = 401
logger.error(invalid_token_error)
return result, status_code
def test_unblock_existent_user_successfully(postgresql_db):
session = postgresql_db.session
create_all(session)
insert_test_user(session)
sut = UserPersistence(postgresql_db)
user = sut.get_user_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
assert user.full_name == 'Test User'
assert user.phone_number == '444-4444'
assert user.blocked_user == '0'
sut.block_user('*****@*****.**')
sut.unblock_user('*****@*****.**')
user = sut.get_user_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
assert user.blocked_user == '0'
def test_save_existent_user(postgresql_db):
session = postgresql_db.session
create_all(session)
saved_user = User('*****@*****.**', 'bbb', 'Jane Doe', '111-1111', None,
False, False, False)
sut = UserPersistence(postgresql_db)
sut.save(saved_user)
with pytest.raises(UserAlreadyRegisteredException):
user_to_save = User('*****@*****.**', 'aaa', 'John Doe', '555-5555',
None, False, False, False)
sut.save(user_to_save)
def test_change_password_successfully(postgresql_db):
session = postgresql_db.session
create_all(session)
insert_test_user(session)
sut = UserPersistence(postgresql_db)
user = sut.get_user_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
old_hash = user.hash
sut.change_password_for_user('*****@*****.**', 'password')
user = sut.get_user_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
assert not user.hash == old_hash
def _delete_user(user_email):
logger.debug('Requested to delete user: '******'Successfully deleted user')
logger.debug('Requesting to delete user from app server')
delete_user_app_server_url = os.environ.get(
'APP_SERVER_URL') + '/api/users/' + user_email
logger.debug('Url: ' + delete_user_app_server_url)
response_app_server = requests.delete(url=delete_user_app_server_url)
if response_app_server.status_code == HTTPStatus.OK:
result, status_code = {
'Delete':
'successfully deleted user with email {0}'.format(user_email)
}, HTTPStatus.OK
logger.debug('User deleted')
else:
result, status_code = {
'Error':
'Couldnt delete user {0} in app server'.format(user_email)
}, HTTPStatus.INTERNAL_SERVER_ERROR
logger.debug('Couldnt delete user from app server')
try:
user_persistence.unblock_user(user_email)
except UserNotFoundException:
logger.critical('Couldnt find user to unblock')
except UserlAlreadyUnblockedException:
logger.critical('User was never blocked')
except UserNotFoundException:
result, status_code = {
'Error': 'User {0} doesnt exist'.format(user_email)
}, HTTPStatus.NOT_FOUND
logger.debug('User doesnt exist')
except UserlAlreadyBlockedException:
result, status_code = {
'Error': 'User {0} was already deleted'.format(user_email)
}, HTTPStatus.NOT_FOUND
logger.debug('User was already deleted')
return result, status_code
def _forgot_password(user_email):
logger.debug('Forgot password request from user:{0}'.format(user_email))
try:
user_persistence = UserPersistence(current_app.db)
user = user_persistence.get_user_by_email(user_email)
if user.is_firebase_user():
result = {
"Error": "user {0} is a firebase user".format(user_email)
}
status_code = HTTPStatus.PRECONDITION_FAILED
logger.debug('User is firebase user. Cant change password')
else:
reset_password_persistence = ResetPasswordPersistence(
current_app.db)
try:
# Ya teniamos un codigo para resetear la pass de este usuario
# Si esta vencido le damos uno nuevo y sino le mandamos el mismo
reset_password_obtained = reset_password_persistence.get_reset_password_by_email(
user_email)
logger.debug('User already has reset password')
if reset_password_obtained.is_token_expired():
try:
logger.debug('Token expired. Regenerating new one')
reset_password_persistence.delete(user_email)
reset_password_updated = ResetPassword(user_email)
reset_password_persistence.save(reset_password_updated)
send_email_with_reset_password_token(
user_email, reset_password_updated.token)
result = {
"Forgot password":
"******".format(user_email)
}
status_code = HTTPStatus.OK
logger.debug(
'Email sent to user:{0}'.format(user_email))
except ResetPasswordNotFoundException:
logger.critical(
'Trying to delete non existent reset password')
result = {
"Error":
"couldnt update token for user {0}".format(
user_email)
}
status_code = HTTPStatus.INTERNAL_SERVER_ERROR
except ResetPasswordForNonExistentUserException:
logger.critical(
'Trying to generate reset password for inexistent user in Users table. Super critical!'
)
result = {
"Error":
"user {0} doesnt exist in table users".format(
user_email)
}
status_code = HTTPStatus.INTERNAL_SERVER_ERROR
else:
logger.debug('Token is still valid. Sending email again')
send_email_with_reset_password_token(
user_email, reset_password_obtained.token)
result = {
"Forgot password":
"******".format(user_email)
}
status_code = HTTPStatus.OK
logger.debug('Email sent to user:{0}'.format(user_email))
except ResetPasswordNotFoundException:
# No tenemos un codigo activo para resetear la pass de este user
# Creamos uno
logger.debug('User hasnt reset password. Lets create one')
try:
reset_password_to_save = ResetPassword(user_email)
reset_password_persistence.save(reset_password_to_save)
result = {
"Forgot password":
"******".format(user_email)
}
status_code = HTTPStatus.OK
send_email_with_reset_password_token(
user_email, reset_password_to_save.token)
logger.debug('Email sent to user:{0}'.format(user_email))
except ResetPasswordForNonExistentUserException:
logger.critical(
'Trying to generate reset password for inexistent user in Users table!'
)
result = {
"Error":
"user {0} doesnt exist in table users".format(
user_email)
}
status_code = HTTPStatus.INTERNAL_SERVER_ERROR
except UserNotFoundException:
result = {"Error": "user {0} doesnt exist".format(user_email)}
status_code = HTTPStatus.NOT_FOUND
logger.debug('User doesnt exist')
return result, status_code
def test_retrieve_inexistent_user(postgresql_db):
session = postgresql_db.session
create_all(session)
sut = UserPersistence(postgresql_db)
with pytest.raises(UserNotFoundException):
user = sut.get_user_by_email('*****@*****.**')
def _reset_password(user_email):
logger.debug('Reset password request from user:{0}'.format(user_email))
data = request.json
token_received = data['token']
password_received = data['new_password']
reset_password_persistence = ResetPasswordPersistence(current_app.db)
try:
reset_password_obtained = reset_password_persistence.get_reset_password_by_email(
user_email)
if reset_password_obtained.token == token_received:
if reset_password_obtained.is_token_expired():
logger.debug('Token is expired')
result = {'Error': 'token expired. Already sent new one'}
status_code = HTTPStatus.UNAUTHORIZED
_forgot_password(user_email)
else:
logger.debug('Valid token')
user_persistence = UserPersistence(current_app.db)
try:
user_persistence.change_password_for_user(
user_email, password_received)
reset_password_persistence.delete(user_email)
result = {
'Reset password':
'******'.format(user_email)
}
status_code = HTTPStatus.OK
logger.debug('Password updated')
except CantChangePasswordForFirebaseUser:
logger.critical(
'Trying to change password for firebase user!')
result = {
'Error':
'user {0} is a firebase user'.format(user_email)
}
status_code = HTTPStatus.INTERNAL_SERVER_ERROR
except UserNotFoundException:
logger.critical('Cant find user!')
result = {
'Error': 'user {0} doesnt exist'.format(user_email)
}
status_code = HTTPStatus.INTERNAL_SERVER_ERROR
except ResetPasswordNotFoundException:
logger.critical('Cant reset password to delete!')
result = {
'Error':
'cant delete reset password request for user {0}'.
format(user_email)
}
status_code = HTTPStatus.INTERNAL_SERVER_ERROR
else:
logger.debug('The token {0} is NOT correct'.format(token_received))
result = {'Error': 'token is NOT correct'}
status_code = HTTPStatus.NOT_FOUND
except ResetPasswordNotFoundException:
logger.debug('This user didnt request to reset password')
result = {
'Error':
'user {0} didnt request to reset password'.format(user_email)
}
status_code = HTTPStatus.NOT_FOUND
return result, status_code
