def login(): ''' This router function attempts to fulfill a login request. During its attempt, it returns a json string, with two values: - boolean, inidicates if account exists - integer, codified indicator of registration attempt: - 0, successful login - 1, username does not exist - 2, username does not have a password - 3, supplied password does not match stored password ''' if request.method == 'POST': # local variables username = request.form.getlist('user[login]')[0] password = request.form.getlist('user[password]')[0] account = Retrieve_Account() # validate: check username exists if (account.check_username(username)['result'] and account.get_uid(username)['result']): # database query: get hashed password, and userid hashed_password = account.get_password(username)['result'] uid = account.get_uid(username)['result'] # notification: verify hashed password exists if hashed_password: # notification: verify password if verifypass(str(password), hashed_password): # set session: uid corresponds to primary key, from the # user database table, and a unique integer # representing the username. session['uid'] = uid # return user status return json.dumps({'status': 0, 'username': username}) else: return json.dumps({'status': 3, 'username': username}) # notification: user does not have a password else: return json.dumps({'status': 2, 'username': username}) # notification: username does not exist else: return json.dumps({'status': 1, 'username': username})
def test_login(client, live_server): ''' This method tests the user login process. Specifically, the tests include verifying the user credentials (i.e. username, and password). Then, it checks, if the flask session has successfully stored the userid (i.e. uid), into flask's session implementation. ''' live_server.start() # local variables username = '******' password = '******' url = '/login' authenticate = Retrieve_Account() # validate: username exists if authenticate.check_username(username)['result']: # database query: get hashed password hashed_password = authenticate.get_password(username)['result'] # notification: verify hashed password exists if hashed_password: # notification: verify password if verifypass(str(password), hashed_password): # post requests: login response payload = {'user[login]': username, 'user[password]': password} login = client.post(url, data=payload) assert login.status_code == 200 assert session.get('uid') == 1 else: assert False # notification: user does not have a password else: assert False # notification: username does not exist else: assert False
def test_registration(client, live_server): ''' This method tests the user registration process. ''' live_server.start() # local variables username = '******' email = '*****@*****.**' password = '******' authenticate = Retrieve_Account() # verify requirements: one letter, one number, and ten characters. if (validate_password(password)): # validate: unique username if not authenticate.check_username(username)['result']: # validate: unique email if not authenticate.check_email(email)['result']: # database query: save username, and password hashed = hashpass(str(password)) result = Save_Account().save_account(username, email, hashed) # notification: attempt to store account assert result['status'] assert result['id'] assert not result['error'] # notification: email already exists else: assert False # notification: account already exists else: assert False # notification: password doesn't meet criteria else: assert False
def register(): ''' This router function attempts to register a new username. During its attempt, it returns a json string, with three possible values: - integer, codified indicator of registration attempt: - 0, successful account creation - 1, password doesn't meet minimum requirements - 2, username already exists in the database - 3, email already exists in the database - 4, internal database error - username, string value of the user - email, is returned if the value already exists in the database, or the registration process was successful ''' if request.method == 'POST': # local variables username = request.form.getlist('user[login]')[0] email = request.form.getlist('user[email]')[0] password = request.form.getlist('user[password]')[0] account = Retrieve_Account() # validate requirements: one letter, one number, and ten characters. if (validate_password(password)): # validate: unique username if not account.check_username(username)['result']: # validate: unique email if not account.check_email(email)['result']: # database query: save username, and password hashed = hashpass(str(password)) result = Save_Account().save_account( username, email, hashed) # notification: attempt to store account if result: return json.dumps({ 'status': 0, 'username': username, 'email': email }) else: return json.dumps({ 'status': 4, 'username': username, }) # notification: email already exists else: return json.dumps({ 'status': 3, 'username': username, 'email': email }) # notification: account already exists else: return json.dumps({'status': 2, 'username': username}) # notification: password doesn't meet criteria else: return json.dumps({'status': 1, 'username': username})