def login(): ''' This router function attempts to fulfill a login request. During its attempt, it returns a json string, with two values: - boolean, inidicates if account exists - integer, codified indicator of registration attempt: - 0, successful login - 1, username does not exist - 2, username does not have a password - 3, supplied password does not match stored password ''' if request.method == 'POST': # local variables username = request.form.getlist('user[login]')[0] password = request.form.getlist('user[password]')[0] account = Retrieve_Account() # validate: check username exists if (account.check_username(username)['result'] and account.get_uid(username)['result']): # database query: get hashed password, and userid hashed_password = account.get_password(username)['result'] uid = account.get_uid(username)['result'] # notification: verify hashed password exists if hashed_password: # notification: verify password if verifypass(str(password), hashed_password): # set session: uid corresponds to primary key, from the # user database table, and a unique integer # representing the username. session['uid'] = uid # return user status return json.dumps({'status': 0, 'username': username}) else: return json.dumps({'status': 3, 'username': username}) # notification: user does not have a password else: return json.dumps({'status': 2, 'username': username}) # notification: username does not exist else: return json.dumps({'status': 1, 'username': username})
def test_login(client, live_server): ''' This method tests the user login process. Specifically, the tests include verifying the user credentials (i.e. username, and password). Then, it checks, if the flask session has successfully stored the userid (i.e. uid), into flask's session implementation. ''' live_server.start() # local variables username = '******' password = '******' url = '/login' authenticate = Retrieve_Account() # validate: username exists if authenticate.check_username(username)['result']: # database query: get hashed password hashed_password = authenticate.get_password(username)['result'] # notification: verify hashed password exists if hashed_password: # notification: verify password if verifypass(str(password), hashed_password): # post requests: login response payload = {'user[login]': username, 'user[password]': password} login = client.post(url, data=payload) assert login.status_code == 200 assert session.get('uid') == 1 else: assert False # notification: user does not have a password else: assert False # notification: username does not exist else: assert False
def login(): ''' This router function attempts to fulfill a login request. During its attempt, it returns a json string, with two values: - boolean, inidicates if account exists - integer, codified indicator of registration attempt: - 0, successful login - 1, username does not exist - 2, username does not have a password - 3, supplied password does not match stored password ''' if request.method == 'POST': # local variables username = request.form.getlist('user[login]')[0] password = request.form.getlist('user[password]')[0] account = Retrieve_Account() # validate: check username exists if ( account.check_username(username)['result'] and account.get_uid(username)['result'] ): # database query: get hashed password, and userid hashed_password = account.get_password(username)['result'] uid = account.get_uid(username)['result'] # notification: verify hashed password exists if hashed_password: # notification: verify password if verifypass(str(password), hashed_password): # set session: uid corresponds to primary key, from the # user database table, and a unique integer # representing the username. session['uid'] = uid # return user status return json.dumps({ 'status': 0, 'username': username }) else: return json.dumps({ 'status': 3, 'username': username }) # notification: user does not have a password else: return json.dumps({ 'status': 2, 'username': username }) # notification: username does not exist else: return json.dumps({ 'status': 1, 'username': username })