def test_user_password_login(rf, user, user_password):
"""Tests that user_password works for login case"""
request_password = "******"
user.set_password(user_password)
user.save()
request = rf.post("/complete/email", {
"password": request_password,
"email": user.email
})
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
strategy = load_strategy(request)
backend = load_backend(strategy, "email", None)
if request_password == user_password:
assert (user_actions.validate_password(
strategy,
backend,
pipeline_index=0,
user=user,
flow=SocialAuthState.FLOW_LOGIN,
) == {})
else:
with pytest.raises(InvalidPasswordException):
user_actions.validate_password(
strategy,
backend,
pipeline_index=0,
user=user,
flow=SocialAuthState.FLOW_LOGIN,
)
def test_user_password_not_exists(rf):
"""Tests that user_password raises auth error for nonexistent user"""
request = rf.post(
"/complete/email", {"password": "******", "email": "doesntexist@localhost"}
)
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
strategy = load_strategy(request)
backend = load_backend(strategy, "email", None)
with pytest.raises(RequireRegistrationException):
user_actions.validate_password(
strategy,
backend,
pipeline_index=0,
user=None,
flow=SocialAuthState.FLOW_LOGIN,
)
def test_user_password_not_login(rf, user):
"""
Tests that user_password performs denies authentication
for an existing user if password not provided regardless of auth_type
"""
user.set_password("abc123")
user.save()
request = rf.post("/complete/email", {"email": user.email})
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
strategy = load_strategy(request)
backend = load_backend(strategy, "email", None)
with pytest.raises(RequirePasswordException):
user_actions.validate_password(
strategy,
backend,
pipeline_index=0,
user=user,
flow=SocialAuthState.FLOW_LOGIN,
)
def test_user_password_not_email_backend(mocker):
"""Tests that user_password return if not using the email backend"""
mock_strategy = mocker.MagicMock()
mock_user = mocker.Mock()
mock_backend = mocker.Mock()
mock_backend.name = "notemail"
assert (user_actions.validate_password(
mock_strategy,
mock_backend,
pipeline_index=0,
user=mock_user,
flow=SocialAuthState.FLOW_LOGIN,
) == {})
# make sure we didn't update or check the password
mock_user.set_password.assert_not_called()
mock_user.save.assert_not_called()
mock_user.check_password.assert_not_called()