def test_register_ok(self):
data = self._get_register_user_data(password='******')
request = self.create_post_request(data)
with self.assert_one_mail_sent() as sent_emails, self.timer() as timer:
response = self.view_func(request)
self.assert_valid_response(response, status.HTTP_201_CREATED)
user_id = response.data['id']
# Check database state.
user = self.user_class.objects.get(id=user_id)
self.assertEqual(user.username, data['username'])
self.assertTrue(user.check_password(data['password']))
self.assertFalse(user.is_active)
# Check verification e-mail.
sent_email = sent_emails[0]
self.assertEqual(sent_email.from_email, VERIFICATION_FROM_EMAIL)
self.assertListEqual(sent_email.to, [data['email']])
url = self.assert_one_url_line_in_text(sent_email.body)
verification_data = self.assert_valid_verification_url(
url,
expected_path=REGISTER_VERIFICATION_URL,
expected_fields={'signature', 'user_id', 'timestamp'},
)
url_user_id = int(verification_data['user_id'])
self.assertEqual(url_user_id, user_id)
url_sig_timestamp = int(verification_data['timestamp'])
self.assertGreaterEqual(url_sig_timestamp, timer.start_time)
self.assertLessEqual(url_sig_timestamp, timer.end_time)
signer = RegisterSigner(verification_data)
signer.verify()
def test_signer_with_different_secret_keys(self):
user = self.create_test_user(is_active=False)
data_to_sign = {'user_id': user.pk}
secrets = [
'#0ka!t#6%28imjz+2t%l(()yu)tg93-1w%$du0*po)*@l+@+4h',
'feb7tjud7m=91$^mrk8dq&nz(0^!6+1xk)%gum#oe%(n)8jic7',
]
signatures = []
for secret in secrets:
with override_settings(SECRET_KEY=secret):
signer = RegisterSigner(data_to_sign)
data = signer.get_signed_data()
signatures.append(data[signer.SIGNATURE_FIELD])
assert signatures[0] != signatures[1]
def assert_valid_register_verification_email(sent_email, user, timer):
assert sent_email.from_email == VERIFICATION_FROM_EMAIL
assert sent_email.to == [user.email]
url = assert_one_url_line_in_text(sent_email.body)
verification_data = assert_valid_verification_url(
url,
expected_path=REGISTER_VERIFICATION_URL,
expected_fields={'signature', 'user_id', 'timestamp'},
)
url_user_id = int(verification_data['user_id'])
assert url_user_id == user.pk
url_sig_timestamp = int(verification_data['timestamp'])
assert timer.start_time <= url_sig_timestamp <= timer.end_time
signer = RegisterSigner(verification_data)
signer.verify()
def send_register_verification_email_notification(request, user):
signer = RegisterSigner({
'user_id': get_user_verification_id(user),
},
request=request)
template_config_data = registration_settings.REGISTER_VERIFICATION_EMAIL_TEMPLATES
notification_data = {
'params_signer': signer,
}
send_verification_notification(NotificationType.REGISTER_VERIFICATION,
user, notification_data,
template_config_data)
def send_register_verification_email_notification(
request: Request,
user: '******',
) -> None:
signer = RegisterSigner({
'user_id': get_user_verification_id(user),
}, request=request)
template_config_data = _get_email_template_config_data(
request, user, NotificationType.REGISTER_VERIFICATION)
notification_data = {
'params_signer': signer,
}
send_verification_notification(
NotificationType.REGISTER_VERIFICATION, user,
notification_data, template_config_data)
def process_verify_registration_data(input_data, serializer_context=None):
if serializer_context is None:
serializer_context = {}
if not registration_settings.REGISTER_VERIFICATION_ENABLED:
raise Http404()
serializer = VerifyRegistrationSerializer(
data=input_data,
context=serializer_context,
)
serializer.is_valid(raise_exception=True)
data = serializer.validated_data
signer = RegisterSigner(data)
verify_signer_or_bad_request(signer)
verification_flag_field = get_user_setting('VERIFICATION_FLAG_FIELD')
user = get_user_by_verification_id(data['user_id'], require_verified=False)
setattr(user, verification_flag_field, True)
user.save()
return user
