async def test_change_password(tmpcwd, app):
auth = NaasAuthenticator(db=app.db)
user = auth.get_or_create_user('johnsnow', 'password')
assert user.is_valid_password('password')
auth.change_password('johnsnow', 'newpassword')
assert not user.is_valid_password('password')
assert user.is_valid_password('newpassword')
async def test_change_password(tmpcwd, app):
auth = NaasAuthenticator(db=app.db)
user = auth.create_user("johnsnow", "password")
assert user.is_valid_password("password")
auth.change_password("johnsnow", "newpassword")
assert not user.is_valid_password("password")
assert user.is_valid_password("newpassword")
async def test_add_new_attempt_of_login(tmpcwd, app):
auth = NaasAuthenticator(db=app.db)
assert not auth.login_attempts
auth.add_login_attempt("username")
assert auth.login_attempts["username"]["count"] == 1
auth.add_login_attempt("username")
assert auth.login_attempts["username"]["count"] == 2
async def test_import_from_firstuse_invalid_password(user, pwd, tmpcwd, app):
with dbm.open('passwords.dbm', 'c', 0o600) as db:
db[user] = pwd
auth = NaasAuthenticator(db=app.db)
auth.check_common_password = True
with pytest.raises(ValueError):
auth.add_data_from_firstuse()
async def test_create_user_with_strong_passwords(password, min_len, expected,
tmpcwd, app):
'''Test if method get_or_create_user and strong passwords'''
auth = NaasAuthenticator(db=app.db)
auth.check_common_password = True
auth.minimum_password_length = min_len
user = auth.get_or_create_user('johnsnow', password)
assert bool(user) == expected
async def test_handlers(app):
'''Test if all handlers are available on the Authenticator'''
auth = NaasAuthenticator(db=app.db)
handlers = auth.get_handlers(app)
assert handlers[0][0] == '/login'
assert handlers[1][0] == '/signup'
assert handlers[2][0] == '/authorize'
assert handlers[4][0] == '/change-password'
async def test_add_new_attempt_of_login(tmpcwd, app):
auth = NaasAuthenticator(db=app.db)
assert not auth.login_attempts
auth.add_login_attempt('username')
assert auth.login_attempts['username']['count'] == 1
auth.add_login_attempt('username')
assert auth.login_attempts['username']['count'] == 2
async def test_delete_user(tmpcwd, app):
auth = NaasAuthenticator(db=app.db)
auth.create_user("johnsnow", "password")
user = type("User", (), {"name": "johnsnow"})
auth.delete_user(user)
user_info = UserInfo.find(app.db, "johnsnow")
assert not user_info
async def test_delete_user(tmpcwd, app):
auth = NaasAuthenticator(db=app.db)
auth.get_or_create_user('johnsnow', 'password')
user = type('User', (), {'name': 'johnsnow'})
auth.delete_user(user)
user_info = UserInfo.find(app.db, 'johnsnow')
assert not user_info
async def test_import_from_firstuse_dont_delete_db_after(tmpcwd, app):
with dbm.open('passwords.dbm', 'c', 0o600) as db:
db['user1'] = 'password'
auth = NaasAuthenticator(db=app.db)
auth.add_data_from_firstuse()
files = os.listdir()
assert UserInfo.find(app.db, 'user1')
assert ('passwords.dbm' in files) or ('passwords.dbm.db' in files)
async def test_import_from_firstuse_dont_delete_db_after(tmpcwd, app):
with dbm.open("passwords.dbm", "c", 0o600) as db:
db["user1"] = "password"
auth = NaasAuthenticator(db=app.db)
auth.add_data_from_firstuse()
files = os.listdir()
assert UserInfo.find(app.db, "user1")
assert ("passwords.dbm" in files) or ("passwords.dbm.db" in files)
async def test_list_users(tmpcwd, app):
auth = NaasAuthenticator(db=app.db)
auth.create_user("johnsnow", "password")
auth.create_user("johnsnow2", "password2")
res = auth.get_users()
users = [item.as_dict() for item in res]
assert len(users) == 2
user = dict(users[0])
assert type(user) == dict
async def test_authentication(username, password, authorized, expected,
tmpcwd, app):
'''Test if authentication fails with a unexistent user'''
auth = NaasAuthenticator(db=app.db)
auth.get_or_create_user('johnsnow', 'password')
if authorized:
UserInfo.change_authorization(app.db, 'johnsnow')
response = await auth.authenticate(app, {'username': username,
'password': password})
assert bool(response) == expected
async def test_authentication(username, password, authorized, expected, tmpcwd,
app):
"""Test if authentication fails with a unexistent user"""
auth = NaasAuthenticator(db=app.db)
auth.create_user("johnsnow", "password")
if authorized:
UserInfo.change_authorization(app.db, "johnsnow")
response = await auth.authenticate(app, {
"username": username,
"password": password
})
assert bool(response) == expected
async def test_handlers(app):
"""Test if all handlers are available on the Authenticator"""
auth = NaasAuthenticator(db=app.db)
handlers = auth.get_handlers(app)
assert handlers[0][0] == "/login"
assert handlers[1][0] == "/signup"
assert handlers[2][0] == "/authorize"
assert handlers[3][0] == "/authorize/([^/]*)"
assert handlers[4][0] == "/delete/([^/]*)"
assert handlers[5][0] == "/reset-password"
assert handlers[6][0] == "/change-password"
assert handlers[7][0] == "/change-password/([^/]+)"
async def test_create_user(is_admin, expected_authorization,
tmpcwd, app):
'''Test method get_or_create_user for new user and authorization '''
auth = NaasAuthenticator(db=app.db)
if is_admin:
auth.admin_users = ({'johnsnow'})
auth.get_or_create_user('johnsnow', 'password')
user_info = UserInfo.find(app.db, 'johnsnow')
assert user_info.username == 'johnsnow'
assert user_info.is_authorized == expected_authorization
async def test_authentication_with_exceed_atempts_of_login(tmpcwd, app):
auth = NaasAuthenticator(db=app.db)
auth.allowed_failed_logins = 3
auth.secs_before_next_try = 10
infos = {"username": "******", "password": "******"}
auth.create_user(infos["username"], "password")
UserInfo.change_authorization(app.db, "johnsnow")
for i in range(3):
response = await auth.authenticate(app, infos)
assert not response
infos["password"] = "******"
response = await auth.authenticate(app, infos)
assert not response
async def test_authentication_login_count(tmpcwd, app):
auth = NaasAuthenticator(db=app.db)
infos = {'username': '******', 'password': '******'}
wrong_infos = {'username': '******', 'password': '******'}
auth.get_or_create_user(infos['username'], infos['password'])
UserInfo.change_authorization(app.db, 'johnsnow')
assert not auth.login_attempts
await auth.authenticate(app, wrong_infos)
assert auth.login_attempts['johnsnow']['count'] == 1
await auth.authenticate(app, wrong_infos)
assert auth.login_attempts['johnsnow']['count'] == 2
await auth.authenticate(app, infos)
assert not auth.login_attempts.get('johnsnow')
async def test_authentication_login_count(tmpcwd, app):
auth = NaasAuthenticator(db=app.db)
infos = {"username": "******", "password": "******"}
wrong_infos = {"username": "******", "password": "******"}
auth.create_user(infos["username"], infos["password"])
UserInfo.change_authorization(app.db, "johnsnow")
assert not auth.login_attempts
await auth.authenticate(app, wrong_infos)
assert auth.login_attempts["johnsnow"]["count"] == 1
await auth.authenticate(app, wrong_infos)
assert auth.login_attempts["johnsnow"]["count"] == 2
await auth.authenticate(app, infos)
assert not auth.login_attempts.get("johnsnow")
async def test_authentication_with_exceed_atempts_of_login(tmpcwd, app):
auth = NaasAuthenticator(db=app.db)
auth.allowed_failed_logins = 3
auth.secs_before_next_try = 10
infos = {'username': '******', 'password': '******'}
auth.get_or_create_user(infos['username'], 'password')
UserInfo.change_authorization(app.db, 'johnsnow')
for i in range(3):
response = await auth.authenticate(app, infos)
assert not response
infos['password'] = '******'
response = await auth.authenticate(app, infos)
assert not response
time.sleep(12)
response = await auth.authenticate(app, infos)
assert response
async def test_create_user(is_admin, expected_authorization, tmpcwd, app):
"""Test method create_user for new user and authorization"""
auth = NaasAuthenticator(db=app.db)
if is_admin:
auth.admin_users = {"johnsnow"}
auth.create_user("johnsnow", "password")
if expected_authorization:
UserInfo.change_authorization(app.db, "johnsnow")
user_info = UserInfo.find(app.db, "johnsnow")
assert user_info.username == "johnsnow"
assert user_info.is_authorized == expected_authorization
assert user_info.is_authorized == UserInfo.get_authorization(
app.db, "johnsnow")
UserInfo.change_authorization(app.db, "johnsnow")
assert UserInfo.get_authorization(app.db,
"johnsnow") != expected_authorization
UserInfo.update_authorization(app.db, "johnsnow", expected_authorization)
assert UserInfo.get_authorization(app.db,
"johnsnow") == expected_authorization
async def test_create_user_bas_characters(tmpcwd, app):
'''Test method get_or_create_user with bad characters on username'''
auth = NaasAuthenticator(db=app.db)
assert not auth.get_or_create_user('john snow', 'password')
assert not auth.get_or_create_user('john,snow', 'password')
async def test_create_user_bas_characters(tmpcwd, app):
"""Test method create_user with bad characters on username"""
auth = NaasAuthenticator(db=app.db)
assert not auth.create_user("john snow", "password")
assert not auth.create_user("john,snow", "password")
