def test_activate_ok(self): with self.client: add_user('existing', '*****@*****.**', 'existingexisting', active=False) add_user('test', '*****@*****.**', 'testtest', cbl_member=True) token = encode_url_token('invite', '*****@*****.**') url = 'auth/activate?id={}'.format(token) response = self.client.post( url, data=json.dumps(dict( email='*****@*****.**', username='******', password='******' )), content_type='application/json' ) data = json.loads(response.data.decode()) self.assertTrue(data['msg'] == 'Account activated') self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 200) access_csrf, refresh_csrf, access_token = login_user(self.client, '*****@*****.**', 'testtest') response = self.client.post('/sanity/protected', headers={'X-CSRF-TOKEN': access_csrf}) data = json.loads(response.data.decode()) self.assertTrue(data['msg'] == 'success') self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 200)
def test_activate_duplicate_username(self): with self.client: add_user('existing', '*****@*****.**', 'existingexisting', active=False) add_user('test', '*****@*****.**', 'testtest', cbl_member=True) token = encode_url_token('invite', '*****@*****.**') url = 'auth/activate?id={}'.format(token) response = self.client.post( url, data=json.dumps(dict( email='*****@*****.**', username='******', password='******' )), content_type='application/json' ) data = json.loads(response.data.decode()) self.assertTrue(data['msg'] == 'Username already in use') self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 400)
def test_reset_password_change(self): with self.client: user = add_user('test', '*****@*****.**', 'testtest') token = encode_url_token('password', user.email) url = 'auth/resetpassword?id={}'.format(token) response = self.client.post( url, data=json.dumps(dict( email='*****@*****.**', password='******' )), content_type='application/json' ) data = json.loads(response.data.decode()) self.assertTrue(data['msg'] == 'Password changed successfully') response = self.client.post( '/auth/login', data=json.dumps(dict( email='*****@*****.**', password='******' )), content_type='application/json' ) data = json.loads(response.data.decode()) self.assertTrue(data['login'])
def create_invite(): data = request.get_json() email = data.get('email', None) name = data.get('name', None) message = data.get('message', None) suppress_email = data.get('suppress_email', None) if not email or not name: return jsonify({'msg': 'Invalid Data'}), 400 token = encode_url_token('invite', email) active, disabled = register_invite(invited_by=current_user.id, email=email) if disabled: return jsonify({'msg': 'User banned!'}), 403 if active: return jsonify({'msg': 'User already exists'}), 409 if not suppress_email: send_invite(invited_by_username=current_user.username, invited_by_email=current_user.email, email=email, name=name, message=message if message else '', token=token) return jsonify({'msg': 'Invite sent'}), 200
def test_reset_password_get(self): with self.client: user = add_user('test', '*****@*****.**', 'testtest') token = encode_url_token('password', user.email) url = 'auth/resetpassword?id={}'.format(token) response = self.client.get(url) data = json.loads(response.data.decode()) self.assertTrue(data['token'] == token)
def forgot_password(): data = request.get_json() email = data.get('email', None) if not email: return jsonify({'msg': 'Invalid Data'}), 400 user = get_active_by_email(email) if user: token = encode_url_token('password', email) send_password_reset(email, user.username, token) return jsonify({ 'msg': 'If it was recognised, an email was sent to the address provided' }), 200
def test_reset_password_email_mismatch(self): with self.client: user = add_user('test', '*****@*****.**', 'testtest') token = encode_url_token('password', user.email) url = 'auth/resetpassword?id={}'.format(token) response = self.client.post( url, data=json.dumps(dict( email='*****@*****.**', password='******' )), content_type='application/json' ) data = json.loads(response.data.decode()) self.assertTrue(data['msg'] == 'email mismatch')