def _validate_form(username, password):
if not username:
return 'Username is required.'
if not password:
return 'Password is required.'
if db.get_user('username', username) is not None:
return 'User {} is already registered.'.format(username)
def create():
username = request.form['username']
password = request.form['password']
user = db.get_user('username', username)
error = _validate_form(user, password)
if error is not None:
flash(error)
return render_template('auth/login.html')
session.clear()
session['user_id'] = user['id']
return redirect(url_for('index'))
def load_logged_in_user():
user_id = session.get('user_id')
g.user = None
if user_id is not None:
g.user = db.get_user('id', user_id)
def get_user(): if 'uid' in request.args: uid = request.args['uid'] return db.get_user(uid) return response(400, "uid: uid of requested user")
def test_create_hashes_password(client, app):
client.post('/auth/register', data={'username': '******', 'password': '******'})
with app.app_context():
admin = db.get_user('username', 'admin')
assert 'pbkdf2:sha256:' in admin['password']
def test_create_saves_login_in_database(client, app):
client.post('/auth/register', data={'username': '******', 'password': '******'})
with app.app_context():
assert db.get_user('username', 'user') is not None