def test_signup(self):
with session_scope() as session:
session.add(Gender(name="male"))
code = send_verification_text(PHONE_NUMBER)
res = signup_user(PHONE_NUMBER, NAME, GENDER_ID, AGE, code)
self.assertIsNotNone(res.get("token"))
with session_scope() as session:
account = session.query(UserAccount).first()
self.assertIsNotNone(account)
self.assertEqual(account.phone_number, PHONE_NUMBER)
user = session.query(User).first()
self.assertEqual(user.name, NAME)
self.assertEqual(user.age, AGE)
self.assertEqual(user.gender_id, GENDER_ID)
def test_login(self):
with session_scope() as session:
session.add(Gender(name="male"))
code = send_verification_text(PHONE_NUMBER)
signup_user(PHONE_NUMBER, NAME, GENDER_ID, AGE, code)
res = login_user(PHONE_NUMBER, code)
self.assertIsNotNone(res.get("token"))
def signup_user(invitation_token: str, password: str):
if len(password) < 6:
raise BadRequest("Password should be at least 6 characters long",
"PASSWORD_TOO_SHORT")
try:
decoded = jwt.decode(invitation_token,
ADMIN_JWT_SECRET,
algorithms=['HS256'])
user_id = decoded["user_id"]
except (jwt.exceptions.PyJWTError, KeyError):
LOGGER.info(f"Received invalid token : {invitation_token}")
raise Unauthorized(error_code="TOKEN_PARSE_ERROR")
with session_scope() as session:
user = session.query(User).filter(User.id == user_id).first()
if user is None:
raise Unauthorized(error_code="USER_NOT_FOUND")
hashed_password = pbkdf2_sha256.hash(password)
account = Account(user_id=user_id, hashed_password=hashed_password)
session.add(account)
session.flush()
token = jwt.encode(dict(account_id=account.id, user_id=user.id),
ADMIN_JWT_SECRET,
algorithm='HS256').decode('utf-8')
return dict(first_name=user.first_name,
last_name=user.last_name,
token=token)
def test_block(self):
res = post("/app/profiles/2/block", token=self.token)
self.assertEqual(res.status_code, 200)
with session_scope() as session:
x = session.query(UserBlock).first()
self.assertIsNotNone(x)
self.assertEqual(x.blocker_user_id, 1)
self.assertEqual(x.user_id, 2)
def test_create_user(self):
res = create_user(FIRST_NAME, LAST_NAME, EMAIL, False)
self.assertIsNotNone(res.get("invitation_token"))
with session_scope() as session:
user = session.query(AdminUser).first()
self.assertIsNotNone(user)
self.assertEqual(user.first_name, FIRST_NAME)
self.assertEqual(user.last_name, LAST_NAME)
self.assertEqual(user.email, EMAIL)
def list_users():
with session_scope() as session:
res = session.query(User, Account).outerjoin(Account).all()
return [
dict(id=user.id,
first_name=user.first_name,
last_name=user.last_name,
email=user.email,
registered=account is not None) for user, account in res
]
def setUp(self):
super(AppAuthTestCase, self).setUp()
with session_scope() as session:
session.add(Gender(name="male"))
session.add(Gender(name="female"))
session.add(Interest(name="a"))
session.add(Interest(name="b"))
session.add(Rating(name="x"))
session.add(Rating(name="y"))
session.add(Activity(name="test"))
session.add(Activity(name="test2"))
code = send_verification_text(PHONE_NUMBER)
res = signup_user(PHONE_NUMBER, NAME, GENDER_ID, AGE, code)
self.token = res["token"]
self.user_id = res["id"]
def login_user(email: str, password: str):
with session_scope() as session:
res = session.query(User, Account).filter(
User.email == email, User.id == Account.user_id).first()
if res is None:
raise Unauthorized(error_code="USER_NOT_FOUND")
user, account = res
if not pbkdf2_sha256.verify(password, account.hashed_password):
raise Unauthorized(error_code="INVALID_PASSWORD")
token = jwt.encode(dict(account_id=account.id, user_id=user.id),
ADMIN_JWT_SECRET,
algorithm='HS256').decode('utf-8')
return dict(first_name=user.first_name,
last_name=user.last_name,
token=token)
def create_user(first_name: str, last_name: str, email: str):
with session_scope() as session:
user = session.query(User).filter(User.email == email).first()
if user is not None:
raise Conflict("EMAIL_IN_USE")
user = User(first_name=first_name, last_name=last_name, email=email)
session.add(user)
session.flush()
payload = dict(user_id=user.id)
invitation_token = jwt.encode(payload,
APP_JWT_SECRET,
algorithm='HS256').decode('utf-8')
send_mail(
[email], "Your Magellan invite",
f"Follow the following link:\n\nhttps://admin.magellan-app.io/signup?invitation_token={invitation_token}"
)
return dict(invitation_token=invitation_token)
def test_delete_account(self):
res = delete("/app/auth/account", None, self.token)
self.assertEqual(res.status_code, 200)
with session_scope() as session:
self.assertIsNone(session.query(User).first())
self.assertIsNone(session.query(UserAccount).first())
def test():
# test connection to DB
with session_scope() as session:
session.query(AdminUser).first()
redis.test_connection()
return "healthy", 200