def test_add_user(self):
backend = MongoDBRegistrationBackend(self.settings, self.config)
# Test good, available username, writing it to DB
struct = {"username":"******", "password":"******", "email":"*****@*****.**"}
backend.add_user(struct)
user_doc = self.db.users.find_one({"username":struct["username"]})
self.assertEquals(user_doc["username"], struct["username"])
self.assertEquals(user_doc["email"], struct["email"])
self.assertNotEquals(user_doc["password"], struct["password"])
# Test that we cannot add the same username again
self.assertRaises(colander.Invalid, backend.add_user, struct)
def test_add_user(self):
backend = MongoDBRegistrationBackend(self.settings, self.config)
# Test good, available username, writing it to DB
struct = {
"username": "******",
"password": "******",
"email": "*****@*****.**"
}
backend.add_user(struct)
user_doc = self.db.users.find_one({"username": struct["username"]})
self.assertEquals(user_doc["username"], struct["username"])
self.assertEquals(user_doc["email"], struct["email"])
self.assertNotEquals(user_doc["password"], struct["password"])
# Test that we cannot add the same username again
self.assertRaises(colander.Invalid, backend.add_user, struct)
def test_activation(self):
backend = MongoDBRegistrationBackend(self.settings, self.config)
struct = {
"username": "******",
"password": "******",
"email": "*****@*****.**"
}
backend.add_user(struct)
user_doc = self.db.users.find_one({"username": struct["username"]})
self.assertEquals(user_doc["username"], struct["username"])
self.assertEquals(user_doc["email"], struct["email"])
self.assertNotEquals(user_doc["password"], struct["password"])
# User has been added - verify it has no activated tokens
for token in user_doc.get("access_tokens", []):
self.assertFalse(token.get("activated_timestamp"))
# Issue a token for this user
access_token = backend.issue_access_token(user_doc["_id"])
# Verify user has this access token in their user document
user_doc = self.db.users.find_one({"username": struct["username"]})
doc_token = False
for token in user_doc.get("access_tokens", []):
if token.get("token") == access_token:
doc_token = token
break
self.assertEquals(doc_token["token"], access_token)
# Verify this token is not activated
self.assertFalse(doc_token.get("activated_timestamp"))
# Ensure verify_access_token on this token returns False
self.assertFalse(backend.verify_access_token(access_token))
# Now activate the token, and assert that the token is marked as
# activated in the database.
backend.activate(access_token)
user_doc = self.db.users.find_one({"username": struct["username"]})
doc_token = False
for token in user_doc.get("access_tokens", []):
if token.get("token") == access_token:
self.assertTrue(token.get("activated_timestamp"))
break
# Ensure verify_access_token on this token returns the user_id
userid = backend.verify_access_token(access_token)
self.assertEquals(userid, str(user_doc["_id"]))
def test_simple_login(self):
backend = MongoDBRegistrationBackend(self.settings, self.config)
# Test good, available username, writing it to DB
password = "******"
struct = {"username":"******", "password":password, "email":"*****@*****.**"}
backend.add_user(struct)
# Now lets verify we can retrieve it correctly with a simple_login
user_doc = backend.simple_login(struct["username"], struct["password"])
self.assertEquals(struct["username"], user_doc["username"])
self.assertEquals(struct["email"], user_doc["email"])
# Same again but by email not username
user_doc = backend.simple_login(struct["email"], struct["password"])
self.assertEquals(struct["username"], user_doc["username"])
self.assertEquals(struct["email"], user_doc["email"])
# Failure case: bad password
user_doc = backend.simple_login(struct["email"], "wrongpassword")
self.assertFalse(user_doc)
def test_activation(self):
backend = MongoDBRegistrationBackend(self.settings, self.config)
struct = {"username":"******", "password":"******", "email":"*****@*****.**"}
backend.add_user(struct)
user_doc = self.db.users.find_one({"username":struct["username"]})
self.assertEquals(user_doc["username"], struct["username"])
self.assertEquals(user_doc["email"], struct["email"])
self.assertNotEquals(user_doc["password"], struct["password"])
# User has been added - verify it has no activated tokens
for token in user_doc.get("access_tokens", []):
self.assertFalse(token.get("activated_timestamp"))
# Issue a token for this user
access_token = backend.issue_access_token(user_doc["_id"])
# Verify user has this access token in their user document
user_doc = self.db.users.find_one({"username":struct["username"]})
doc_token = False
for token in user_doc.get("access_tokens", []):
if token.get("token") == access_token:
doc_token = token
break
self.assertEquals(doc_token["token"], access_token)
# Verify this token is not activated
self.assertFalse(doc_token.get("activated_timestamp"))
# Ensure verify_access_token on this token returns False
self.assertFalse(backend.verify_access_token(access_token))
# Now activate the token, and assert that the token is marked as
# activated in the database.
backend.activate(access_token)
user_doc = self.db.users.find_one({"username":struct["username"]})
doc_token = False
for token in user_doc.get("access_tokens", []):
if token.get("token") == access_token:
self.assertTrue(token.get("activated_timestamp"))
break
# Ensure verify_access_token on this token returns the user_id
userid = backend.verify_access_token(access_token)
self.assertEquals(userid, str(user_doc["_id"]))
def test_simple_login(self):
backend = MongoDBRegistrationBackend(self.settings, self.config)
# Test good, available username, writing it to DB
password = "******"
struct = {
"username": "******",
"password": password,
"email": "*****@*****.**"
}
backend.add_user(struct)
# Now lets verify we can retrieve it correctly with a simple_login
user_doc = backend.simple_login(struct["username"], struct["password"])
self.assertEquals(struct["username"], user_doc["username"])
self.assertEquals(struct["email"], user_doc["email"])
# Same again but by email not username
user_doc = backend.simple_login(struct["email"], struct["password"])
self.assertEquals(struct["username"], user_doc["username"])
self.assertEquals(struct["email"], user_doc["email"])
# Failure case: bad password
user_doc = backend.simple_login(struct["email"], "wrongpassword")
self.assertFalse(user_doc)
def test_add_user(self, connection_mock):
# Test bad username
struct = {"username":"******"}
conn = connection_mock.instance()
connection_mock.return_value = conn
db = conn[self.settings["mongodb.db_name"]]
backend = MongoDBRegistrationBackend(self.settings, self.config)
self.assertRaises(colander.Invalid, backend.add_user, struct)
# Test good username that already exists in DB
struct["username"] = "******"
db.users.find_one.return_value = {"username":struct["username"]}
self.assertRaises(colander.Invalid, backend.add_user, struct)
# Test good, available username, writing it to DB
db.users.find_one.return_value = None
utcnow = datetime.datetime.utcnow()
with patch("pyramid_registration.mongodb.make_access_token"):
with patch("datetime.datetime"):
testtoken = "testtoken"
datetime.datetime.utcnow.return_value = utcnow
mongodb.make_access_token.return_value = testtoken
backend.add_user(struct)
db.users.insert.assert_called_once_with({"username":struct["username"],
"access_tokens":[{"created_timestamp":utcnow,"token":testtoken}]},
safe=True)
# Test writing bcrypted password value to DB
struct["password"] = "******"
hashed_pw = _hash_pw(struct["password"])
# patch bcrypt module to return the hash we just generated
with patch("pyramid_registration.mongodb.bcrypt.hashpw"):
mongodb.bcrypt.hashpw.return_value = hashed_pw
backend.add_user(struct)
db.users.insert.assert_called_with({"username":struct["username"],"password":hashed_pw,
"access_tokens":[{"created_timestamp":utcnow,"token":testtoken}]},
safe=True)
# Test writing email to DB
struct["email"] = "*****@*****.**"
del struct["password"]
backend.add_user(struct)
db.users.insert.assert_called_with({"username":struct["username"],"email":struct["email"],
"access_tokens":[{"created_timestamp":utcnow,"token":testtoken}]},
safe=True)
def test_add_user(self, connection_mock):
# Test bad username
struct = {"username": "******"}
conn = connection_mock.instance()
connection_mock.return_value = conn
db = conn[self.settings["mongodb.db_name"]]
backend = MongoDBRegistrationBackend(self.settings, self.config)
self.assertRaises(colander.Invalid, backend.add_user, struct)
# Test good username that already exists in DB
struct["username"] = "******"
db.users.find_one.return_value = {"username": struct["username"]}
self.assertRaises(colander.Invalid, backend.add_user, struct)
# Test good, available username, writing it to DB
db.users.find_one.return_value = None
utcnow = datetime.datetime.utcnow()
with patch("pyramid_registration.mongodb.make_access_token"):
with patch("datetime.datetime"):
testtoken = "testtoken"
datetime.datetime.utcnow.return_value = utcnow
mongodb.make_access_token.return_value = testtoken
backend.add_user(struct)
db.users.insert.assert_called_once_with(
{
"username":
struct["username"],
"access_tokens": [{
"created_timestamp": utcnow,
"token": testtoken
}]
},
safe=True)
# Test writing bcrypted password value to DB
struct["password"] = "******"
hashed_pw = _hash_pw(struct["password"])
# patch bcrypt module to return the hash we just generated
with patch("pyramid_registration.mongodb.bcrypt.hashpw"):
mongodb.bcrypt.hashpw.return_value = hashed_pw
backend.add_user(struct)
db.users.insert.assert_called_with(
{
"username":
struct["username"],
"password":
hashed_pw,
"access_tokens": [{
"created_timestamp": utcnow,
"token": testtoken
}]
},
safe=True)
# Test writing email to DB
struct["email"] = "*****@*****.**"
del struct["password"]
backend.add_user(struct)
db.users.insert.assert_called_with(
{
"username":
struct["username"],
"email":
struct["email"],
"access_tokens": [{
"created_timestamp": utcnow,
"token": testtoken
}]
},
safe=True)