def test_properties(): ppr = PendingPasswordReset('abc') ppr.requestor_username = '******' ppr.verify_code = 'bibble' assert ppr.username == 'abc' assert ppr.requestor_username == 'dave' assert ppr.verify_code == 'bibble'
def test_none_listed_after_removal(): test_creation() all_list = PendingPasswordReset.ListAll() for ppr in all_list: ppr.delete() all_list = PendingPasswordReset.ListAll() assert len(all_list) == 0
def test_delete(): test_creation() ppr = PendingPasswordReset('abc') ppr.delete() assert not ppr.in_db ppr = PendingPasswordReset('abc') assert not ppr.in_db
def send_password_reset(requesting_user, userid): user_to_update = User.create_user(userid) if not requesting_user.can_administrate(user_to_update): return AUTHORIZATION_DENIED verify_code = helpers.create_verify_code(user_to_update.username, requesting_user.username) ppr = PendingPasswordReset(user_to_update.username) ppr.requestor_username = requesting_user.username ppr.verify_code = verify_code ppr.save() log_action('sending password reset', ppr) url = url_for('reset_password', username=user_to_update.username, code=verify_code, _external=True) ppr.send_reset_email( user_to_update.email, user_to_update.first_name, url, "{0} {1}".format(requesting_user.first_name, requesting_user.last_name), ) return "{}", 202
def test_post_by_blueshirt(self): params = {"username": "******", "password": "******"} r, data = test_helpers.server_post( "/send-password-reset/student_coll1_1", params) self.assertEqual(202, r.status, data) user = User('student_coll1_1') ps = test_helpers.last_email() toaddr = ps.toaddr self.assertEqual(user.email, toaddr) vars = ps.template_vars self.assertEqual(user.first_name, vars['name'], "Wrong first name") self.assertEqual('Blue Shirt', vars['requestor_name'], "Wrong requestor name") template = ps.template_name self.assertEqual('password_reset', template, "Wrong email template") test_helpers.assert_load_template(template, vars) ppr = PendingPasswordReset('student_coll1_1') self.assertTrue(ppr.in_db, "{0} should been in the database.".format(ppr)) self.assertEqual('blueshirt', ppr.requestor_username, "Wrong requestor username.") self.assertIn(ppr.verify_code, vars['password_reset_url'], "Wrong verify code")
def clear_old_password_resets(): # deliberately a larger delta than we restrict against to avoid # accidentally removing vaild entries password_reset_days = config.getint('nemesis', 'password_reset_days') password_reset_days += 0.5 max_age = timedelta(days=password_reset_days) for ppr in PendingPasswordReset.ListAll(): if ppr.age > max_age: log_action('expiring password reset', ppr) ppr.delete()
def reset_password(username, code): """ Resets a user's password after they've clicked a link in an email we sent them, then serves up a page for them to change their password. Not part of the documented API. """ ppr = PendingPasswordReset(username) if not ppr.in_db: return "No such user account", 404, PLAINTEXT_HEADER if ppr.age > timedelta(days=PASSWORD_RESET_DAYS): return "Request not valid", 410, PLAINTEXT_HEADER if ppr.verify_code != code: return "Invalid verification code", 403, PLAINTEXT_HEADER log_action('resetting user password', ppr) from libnemesis import srusers new_pass = srusers.users.GenPasswd() u = User(username) u.set_password(new_pass) # No need to save since set_password happens immediately ppr.delete() html = open(PATH + "/templates/password_reset.html").read() replacements = { 'first_name': u.first_name, 'last_name': u.last_name, 'password': new_pass, 'username': username, 'root': url_for('.index') } html = html.format(**replacements) return html, 200, CSP_HEADER
def reset_password(username, code): """ Resets a user's password after they've clicked a link in an email we sent them, then serves up a page for them to change their password. Not part of the documented API. """ ppr = PendingPasswordReset(username) if not ppr.in_db: return "No such user account", 404, PLAINTEXT_HEADER if ppr.age > timedelta(days = PASSWORD_RESET_DAYS): return "Request not valid", 410, PLAINTEXT_HEADER if ppr.verify_code != code: return "Invalid verification code", 403, PLAINTEXT_HEADER log_action('resetting user password', ppr) from libnemesis import srusers new_pass = srusers.users.GenPasswd() u = User(username) u.set_password(new_pass) # No need to save since set_password happens immediately ppr.delete() html = open(PATH + "/templates/password_reset.html").read() replacements = { 'first_name': u.first_name , 'last_name': u.last_name , 'password': new_pass , 'username': username , 'root': url_for('.index') } html = html.format(**replacements) return html, 200, CSP_HEADER
def test_creation(): ppr = PendingPasswordReset('abc') ppr.requestor_username = '******' ppr.verify_code = 'bibble' ppr.save() assert ppr.in_db ppr = PendingPasswordReset('abc') assert ppr.in_db assert ppr.username == 'abc' assert ppr.requestor_username == 'dave' assert ppr.verify_code == 'bibble' age = ppr.age assert age > timedelta() assert age < timedelta(minutes=1)
def test_send_email(): first_name = 'jim' verification_url = 'http://verify' email = '*****@*****.**' requestor_name = 'Dave Smith' ppr = PendingPasswordReset('abc') ppr.requestor_username = '******' ppr.send_reset_email(email, first_name, verification_url, requestor_name) ps = test_helpers.last_email() vars = ps.template_vars assert first_name == vars['name'] assert verification_url == vars['password_reset_url'] assert requestor_name == vars['requestor_name'] toaddr = ps.toaddr assert email == toaddr template = ps.template_name assert template == 'password_reset' test_helpers.assert_load_template(template, vars)
def test_send_email(): first_name = 'jim' verification_url = 'https://verify' email = '*****@*****.**' requestor_name = 'Dave Smith' ppr = PendingPasswordReset('abc') ppr.requestor_username = '******' ppr.send_reset_email(email, first_name, verification_url, requestor_name) ps = test_helpers.last_email() vars = ps.template_vars assert first_name == vars['name'] assert verification_url == vars['password_reset_url'] assert requestor_name == vars['requestor_name'] toaddr = ps.toaddr assert email == toaddr template = ps.template_name assert template == 'password_reset' test_helpers.assert_load_template(template, vars)
def test_one_listed(): test_creation() all_list = PendingPasswordReset.ListAll() assert len(all_list) == 1 ppr = all_list[0] assert type(ppr) == PendingPasswordReset assert ppr.in_db assert ppr.username == 'abc' assert ppr.requestor_username == 'dave' assert ppr.verify_code == 'bibble'
def test_creation(): ppr = PendingPasswordReset('abc') ppr.requestor_username = '******' ppr.verify_code = 'bibble' ppr.save() assert ppr.in_db ppr = PendingPasswordReset('abc') assert ppr.in_db assert ppr.username == 'abc' assert ppr.requestor_username == 'dave' assert ppr.verify_code == 'bibble' age = ppr.age assert age > timedelta() assert age < timedelta(minutes = 1)
def test_verify_success(self): username = "******" setup_password_reset(username, 'bees') r, data = test_helpers.server_get("/reset_password/" + username + "/bees") self.assertEqual(200, r.status, data) try: match = re.search(r'"password": "******"]+)"', data) self.assertTrue(match, "Failed to extract password") new_password = match.group(1) user = User.create_user(username, new_password) self.assertTrue( user.is_authenticated, "Wrong password ({0}) found in page!".format(new_password)) finally: User(username).set_password('cows') ppr = PendingPasswordReset('student_coll1_1') self.assertFalse(ppr.in_db, "{0} should no longer in the database.".format(ppr))
def test_none_listed_at_start(): all_list = PendingPasswordReset.ListAll() assert len(all_list) == 0
def test_empty_at_start(): ppr = PendingPasswordReset('abc') assert ppr.in_db == False assert ppr.requestor_username is None assert ppr.verify_code is None assert ppr.age == timedelta()
def test_invalid_property(): ppr = PendingPasswordReset('abc') print ppr.bacon
def test_clear_old_password_resets(self): ppr = PendingPasswordReset('old') ppr.requestor_username = '******' ppr.verify_code = 'bibble-old' ppr.save() self._make_old('password_resets', 'old') ppr = PendingPasswordReset('abc') ppr.requestor_username = '******' ppr.verify_code = 'bibble-new' ppr.save() helpers.clear_old_password_resets() ppr = PendingPasswordReset('old') assert not ppr.in_db ppr = PendingPasswordReset('abc') assert ppr.in_db
def setup_password_reset(for_user, verify_code): ppr = PendingPasswordReset(for_user) ppr.requestor_username = '******' ppr.verify_code = verify_code ppr.save()