예제 #1
0
 def test_add_user(self):
     backend = MongoDBRegistrationBackend(self.settings, self.config)
     # Test good, available username, writing it to DB
     struct = {"username":"******", "password":"******", "email":"*****@*****.**"}
     backend.add_user(struct)
     user_doc = self.db.users.find_one({"username":struct["username"]})
     self.assertEquals(user_doc["username"], struct["username"])
     self.assertEquals(user_doc["email"], struct["email"])
     self.assertNotEquals(user_doc["password"], struct["password"])
     # Test that we cannot add the same username again
     self.assertRaises(colander.Invalid, backend.add_user, struct)
예제 #2
0
 def test_add_user(self):
     backend = MongoDBRegistrationBackend(self.settings, self.config)
     # Test good, available username, writing it to DB
     struct = {
         "username": "******",
         "password": "******",
         "email": "*****@*****.**"
     }
     backend.add_user(struct)
     user_doc = self.db.users.find_one({"username": struct["username"]})
     self.assertEquals(user_doc["username"], struct["username"])
     self.assertEquals(user_doc["email"], struct["email"])
     self.assertNotEquals(user_doc["password"], struct["password"])
     # Test that we cannot add the same username again
     self.assertRaises(colander.Invalid, backend.add_user, struct)
예제 #3
0
    def test_activation(self):
        backend = MongoDBRegistrationBackend(self.settings, self.config)
        struct = {
            "username": "******",
            "password": "******",
            "email": "*****@*****.**"
        }
        backend.add_user(struct)
        user_doc = self.db.users.find_one({"username": struct["username"]})
        self.assertEquals(user_doc["username"], struct["username"])
        self.assertEquals(user_doc["email"], struct["email"])
        self.assertNotEquals(user_doc["password"], struct["password"])

        # User has been added - verify it has no activated tokens
        for token in user_doc.get("access_tokens", []):
            self.assertFalse(token.get("activated_timestamp"))

        # Issue a token for this user
        access_token = backend.issue_access_token(user_doc["_id"])

        # Verify user has this access token in their user document
        user_doc = self.db.users.find_one({"username": struct["username"]})
        doc_token = False
        for token in user_doc.get("access_tokens", []):
            if token.get("token") == access_token:
                doc_token = token
                break

        self.assertEquals(doc_token["token"], access_token)
        # Verify this token is not activated
        self.assertFalse(doc_token.get("activated_timestamp"))
        # Ensure verify_access_token on this token returns False

        self.assertFalse(backend.verify_access_token(access_token))
        # Now activate the token, and assert that the token is marked as
        # activated in the database.
        backend.activate(access_token)

        user_doc = self.db.users.find_one({"username": struct["username"]})
        doc_token = False
        for token in user_doc.get("access_tokens", []):
            if token.get("token") == access_token:
                self.assertTrue(token.get("activated_timestamp"))
                break

        # Ensure verify_access_token on this token returns the user_id
        userid = backend.verify_access_token(access_token)
        self.assertEquals(userid, str(user_doc["_id"]))
예제 #4
0
 def test_simple_login(self):
     backend = MongoDBRegistrationBackend(self.settings, self.config)
     # Test good, available username, writing it to DB
     password = "******"
     struct = {"username":"******", "password":password, "email":"*****@*****.**"}
     backend.add_user(struct)
     # Now lets verify we can retrieve it correctly with a simple_login
     user_doc = backend.simple_login(struct["username"], struct["password"])
     self.assertEquals(struct["username"], user_doc["username"])
     self.assertEquals(struct["email"], user_doc["email"])
     # Same again but by email not username
     user_doc = backend.simple_login(struct["email"], struct["password"])
     self.assertEquals(struct["username"], user_doc["username"])
     self.assertEquals(struct["email"], user_doc["email"])
     # Failure case: bad password
     user_doc = backend.simple_login(struct["email"], "wrongpassword")
     self.assertFalse(user_doc)
예제 #5
0
    def test_activation(self):
        backend = MongoDBRegistrationBackend(self.settings, self.config)
        struct = {"username":"******", "password":"******", "email":"*****@*****.**"}
        backend.add_user(struct)
        user_doc = self.db.users.find_one({"username":struct["username"]})
        self.assertEquals(user_doc["username"], struct["username"])
        self.assertEquals(user_doc["email"], struct["email"])
        self.assertNotEquals(user_doc["password"], struct["password"])

        # User has been added - verify it has no activated tokens
        for token in user_doc.get("access_tokens", []):
            self.assertFalse(token.get("activated_timestamp"))

        # Issue a token for this user
        access_token = backend.issue_access_token(user_doc["_id"])

        # Verify user has this access token in their user document
        user_doc = self.db.users.find_one({"username":struct["username"]})
        doc_token = False
        for token in user_doc.get("access_tokens", []):
            if token.get("token") == access_token:
                doc_token = token
                break

        self.assertEquals(doc_token["token"], access_token)
        # Verify this token is not activated
        self.assertFalse(doc_token.get("activated_timestamp"))
        # Ensure verify_access_token on this token returns False

        self.assertFalse(backend.verify_access_token(access_token))
        # Now activate the token, and assert that the token is marked as
        # activated in the database.
        backend.activate(access_token)

        user_doc = self.db.users.find_one({"username":struct["username"]})
        doc_token = False
        for token in user_doc.get("access_tokens", []):
            if token.get("token") == access_token:
                self.assertTrue(token.get("activated_timestamp"))
                break


        # Ensure verify_access_token on this token returns the user_id
        userid = backend.verify_access_token(access_token)
        self.assertEquals(userid, str(user_doc["_id"]))
예제 #6
0
 def test_simple_login(self):
     backend = MongoDBRegistrationBackend(self.settings, self.config)
     # Test good, available username, writing it to DB
     password = "******"
     struct = {
         "username": "******",
         "password": password,
         "email": "*****@*****.**"
     }
     backend.add_user(struct)
     # Now lets verify we can retrieve it correctly with a simple_login
     user_doc = backend.simple_login(struct["username"], struct["password"])
     self.assertEquals(struct["username"], user_doc["username"])
     self.assertEquals(struct["email"], user_doc["email"])
     # Same again but by email not username
     user_doc = backend.simple_login(struct["email"], struct["password"])
     self.assertEquals(struct["username"], user_doc["username"])
     self.assertEquals(struct["email"], user_doc["email"])
     # Failure case: bad password
     user_doc = backend.simple_login(struct["email"], "wrongpassword")
     self.assertFalse(user_doc)
예제 #7
0
 def test_add_user(self, connection_mock):
     # Test bad username
     struct = {"username":"******"}
     conn = connection_mock.instance()
     connection_mock.return_value = conn
     db = conn[self.settings["mongodb.db_name"]]
     backend = MongoDBRegistrationBackend(self.settings, self.config)
     self.assertRaises(colander.Invalid, backend.add_user, struct)
     # Test good username that already exists in DB
     struct["username"] = "******"
     db.users.find_one.return_value = {"username":struct["username"]}
     self.assertRaises(colander.Invalid, backend.add_user, struct)
     # Test good, available username, writing it to DB
     db.users.find_one.return_value = None
     utcnow = datetime.datetime.utcnow()
     with patch("pyramid_registration.mongodb.make_access_token"):
         with patch("datetime.datetime"):
             testtoken = "testtoken"
             datetime.datetime.utcnow.return_value = utcnow
             mongodb.make_access_token.return_value = testtoken
             
             backend.add_user(struct)
             db.users.insert.assert_called_once_with({"username":struct["username"],
                 "access_tokens":[{"created_timestamp":utcnow,"token":testtoken}]},
                     safe=True)
             # Test writing bcrypted password value to DB
             struct["password"] = "******"
             hashed_pw = _hash_pw(struct["password"])
             # patch bcrypt module to return the hash we just generated
             with patch("pyramid_registration.mongodb.bcrypt.hashpw"):
                 mongodb.bcrypt.hashpw.return_value = hashed_pw
                 backend.add_user(struct)
                 db.users.insert.assert_called_with({"username":struct["username"],"password":hashed_pw,
                     "access_tokens":[{"created_timestamp":utcnow,"token":testtoken}]},
                         safe=True)
             # Test writing email to DB
             struct["email"] = "*****@*****.**"
             del struct["password"]
             backend.add_user(struct)
             db.users.insert.assert_called_with({"username":struct["username"],"email":struct["email"], 
                 "access_tokens":[{"created_timestamp":utcnow,"token":testtoken}]},
                     safe=True)
예제 #8
0
    def test_add_user(self, connection_mock):
        # Test bad username
        struct = {"username": "******"}
        conn = connection_mock.instance()
        connection_mock.return_value = conn
        db = conn[self.settings["mongodb.db_name"]]
        backend = MongoDBRegistrationBackend(self.settings, self.config)
        self.assertRaises(colander.Invalid, backend.add_user, struct)
        # Test good username that already exists in DB
        struct["username"] = "******"
        db.users.find_one.return_value = {"username": struct["username"]}
        self.assertRaises(colander.Invalid, backend.add_user, struct)
        # Test good, available username, writing it to DB
        db.users.find_one.return_value = None
        utcnow = datetime.datetime.utcnow()
        with patch("pyramid_registration.mongodb.make_access_token"):
            with patch("datetime.datetime"):
                testtoken = "testtoken"
                datetime.datetime.utcnow.return_value = utcnow
                mongodb.make_access_token.return_value = testtoken

                backend.add_user(struct)
                db.users.insert.assert_called_once_with(
                    {
                        "username":
                        struct["username"],
                        "access_tokens": [{
                            "created_timestamp": utcnow,
                            "token": testtoken
                        }]
                    },
                    safe=True)
                # Test writing bcrypted password value to DB
                struct["password"] = "******"
                hashed_pw = _hash_pw(struct["password"])
                # patch bcrypt module to return the hash we just generated
                with patch("pyramid_registration.mongodb.bcrypt.hashpw"):
                    mongodb.bcrypt.hashpw.return_value = hashed_pw
                    backend.add_user(struct)
                    db.users.insert.assert_called_with(
                        {
                            "username":
                            struct["username"],
                            "password":
                            hashed_pw,
                            "access_tokens": [{
                                "created_timestamp": utcnow,
                                "token": testtoken
                            }]
                        },
                        safe=True)
                # Test writing email to DB
                struct["email"] = "*****@*****.**"
                del struct["password"]
                backend.add_user(struct)
                db.users.insert.assert_called_with(
                    {
                        "username":
                        struct["username"],
                        "email":
                        struct["email"],
                        "access_tokens": [{
                            "created_timestamp": utcnow,
                            "token": testtoken
                        }]
                    },
                    safe=True)