def test_update_user_password(self, _): user = User() # Test valid password hash user_1 = user.get_user_by_username("user_1") user_1[ "password_hash"] = "$2b$12$nChdB1EJj1DZbtJgNSOFz.fTxPXu565.ic3xtXJvjLf64F4ELnuXG" user.update_user_password("user_1", "test3") self.assertEqual(user_1, user.get_user_by_username("user_1")) # Test invalid password hash self.assertRaises(ValueError, user.update_user_password, "user_1", "") self.assertRaises(ValueError, user.update_user_password, "user_1", "a") self.assertRaises(ValueError, user.update_user_password, "user_1", "aa") self.assertRaises(ValueError, user.update_user_password, "user_1", "aaa") # Test invalid user self.assertRaises( ValueError, user.update_user_password, "user_x", "$2b$12$G/Kb.r3YAJbenM7Ul9gQXO6bIjMZtVAt1uY.nKZMQL.1i6L50LLTW", )
def change_password(event, _): """ Change the password of the user :param event: event :return: 200 if the change was successful, 400 if there was a problem with the new password """ # Parse the parameters params = parse_qs(event["body"]) # Check if a password is missing or they don't match if ("newpassword" not in params or "newpassword2" not in params or params["newpassword"][0] != params["newpassword2"][0]): return create_response(400, "POST", "The two passwords don't match") # Check if the user is logged in correctly username = get_logged_in_user(event) if not username: return create_response(400, "POST", "User not logged in correctly") # Try to change the password user = User() try: user.update_user_password(username, params["newpassword"][0]) return create_response(200, "POST") except ValueError as error: return create_response(400, "POST", str(error))