def test_single_like_per_user(self): """Tests if user has current like for an image in likes table. And if a like is stored, then tests that user can dislike - removing like(s) in the likes table under that user""" filename = self.images[0][0] for password, nick, avatar in self.users: users.generate_session(self.db, nick) sessionid = self.get_cookie_value(users.COOKIE_NAME) request.cookies[users.COOKIE_NAME] = sessionid user = users.session_user(self.db) # adds like if user has not yet liked the image if not interface.like_exists(self.db, filename, user): interface.add_like(self.db, filename, user) # there should be a like stored by the user for the image self.assertTrue(interface.like_exists(self.db, filename, user)) # records current number of likes for the image like_count = interface.count_likes(self.db, filename) # unlike the image interface.unlike(self.db, filename, user) # checks that number of likes for image has decremented by 1 # and that the user no longer likes the image self.assertTrue(like_count - 1, interface.count_likes(self.db, filename)) self.assertFalse(interface.like_exists(self.db, filename, user))
def test_single_like_per_user(self): """Tests if user has current like for an image in likes table. And if a like is stored, then tests that user can dislike - removing like(s) in the likes table under that user""" filename = self.images[0][0] for password, nick, avatar in self.users: users.generate_session(self.db, nick) sessionid = self.get_cookie_value(users.COOKIE_NAME) request.cookies[users.COOKIE_NAME] = sessionid user = users.session_user(self.db) # adds like if user has not yet liked the image if not interface.like_exists(self.db, filename, user): interface.add_like(self.db, filename, user) # there should be a like stored by the user for the image self.assertTrue(interface.like_exists(self.db, filename, user)) # records current number of likes for the image like_count = interface.count_likes(self.db, filename) # unlike the image interface.unlike(self.db, filename, user) # checks that number of likes for image has decremented by 1 # and that the user no longer likes the image self.assertTrue(like_count-1, interface.count_likes(self.db, filename)) self.assertFalse(interface.like_exists(self.db, filename, user))
def login(): """Display this page if any invalid user identification""" db = COMP249Db() list = interface.post_list(db, usernick=None, limit=50) content = "" http = "" str = "" # display previous posts for item in list: content = interface.post_to_html(item[3]) http = interface.post_to_html(content) dt = datetime.datetime.strptime(item[1],"%Y-%m-%d %H:%M:%S") dt_string = dt.strftime("%b %d, %Y %I:%M%p").upper() str = str + "<div class='entry'><a href='/users/" + item[2] + "'><div class='item'><img src='" + item[4] + "'> <p>" + item[2].upper() + "</p></div></a><div class='date'><p>" + dt_string + "</p></div>" + http + "<hr></div>" # contents display # if there are something within the login field... if 'nick' in request.forms: username = request.forms['nick'] # get username from the 'nick' field password = request.forms['password'] # get password from the 'password' field str2 = "<p style='color:red;font-size:small;'>Invaild username or password</p>" loginString = "<h3>member login</h3></br><form id='loginform' method='POST' action ='/login'><input type='text' name='nick' placeholder='username' class='focus' onKeyPress='return submitenter(this,event)'><input type='password' name='password' placeholder='password' class='focus' onKeyPress='return submitenter(this,event)'></form>" if not check_login(db, username, password): return template('base.tpl', base=str, validate=str2, login=loginString) # display 'Failed' if invaild user identification generate_session(db, username) # generate the user session response.set_header('Location', '/') response.status = 303 return "Redirect to /" # redirect to /
def test_session_user(self): """The session_user procedure finds the name of the logged in user from the session cookie if present Test relies on working generate_session """ # first test with no cookie nick_from_cookie = users.session_user(self.db) self.assertEqual(nick_from_cookie, None, "Expected None in case with no cookie, got %s" % str(nick_from_cookie)) request.cookies[users.COOKIE_NAME] = 'fake sessionid' nick_from_cookie = users.session_user(self.db) self.assertEqual(nick_from_cookie, None, "Expected None in case with invalid session id, got %s" % str(nick_from_cookie)) # run tests for all test users for password, nick, avatar in self.users: users.generate_session(self.db, nick) sessionid = self.get_cookie_value(users.COOKIE_NAME) request.cookies[users.COOKIE_NAME] = sessionid nick_from_cookie = users.session_user(self.db) self.assertEqual(nick_from_cookie, nick)
def test_session_user(self): """The session_user procedure finds the name of the logged in user from the session cookie if present Test relies on working generate_session """ # first test with no cookie nick_from_cookie = users.session_user(self.db) self.assertEqual( nick_from_cookie, None, "Expected None in case with no cookie, got %s" % str(nick_from_cookie)) request.cookies[users.COOKIE_NAME] = 'fake sessionid' nick_from_cookie = users.session_user(self.db) self.assertEqual( nick_from_cookie, None, "Expected None in case with invalid session id, got %s" % str(nick_from_cookie)) # run tests for all test users for password, nick, avatar in self.users: users.generate_session(self.db, nick) sessionid = self.get_cookie_value(users.COOKIE_NAME) request.cookies[users.COOKIE_NAME] = sessionid nick_from_cookie = users.session_user(self.db) self.assertEqual(nick_from_cookie, nick)
def route(db): """handles login of users, form data is proccessed (taken from the login form), from here data is checked to see if user is valid, if so a session is generated for the user and then the user is redirected to the index page otherwise they are redirected to a page where they must enter their credentials again, the user is kept on this page until correct credentials are entered at which point they are redirected to the index page logged in, A cookie is assigned to each valid user once they login through the function users.generate_session() in order to track whether they are logged in or not """ info = { 'title': 'Login Error, please try to login again or create an account' } name = request.forms.get("name") password = request.forms.get("password") log = users.check_login(db, name, password) if (log): # if user is valid users.generate_session(db, name) return {'result': 'true'} else: return { 'result': 'false', 'bannerMessage': banner_messages['LoginFail'] }
def test_generate_session(self): """The generate_session procedure makes a new session cookie to be returned to the client """ # run tests for all test users for password, nick, avatar in self.users: users.generate_session(self.db, nick) # get the sessionid from the response cookie sessionid = self.get_cookie_value(users.COOKIE_NAME) self.assertFalse(sessionid is None) cursor = self.db.cursor() cursor.execute('select usernick from sessions where sessionid=?', (sessionid, )) query_result = cursor.fetchone() if query_result is None: self.fail("No entry for session id %s in sessions table" % (sessionid, )) self.assertEqual(nick, query_result[0])
def test_login(db): nickname = request.forms.get('nick') password = request.forms.get('password') if users.check_login(db, nickname, password): users.generate_session(db, nickname) redirect('/') else: return template('error_login.html')
def login(db): username = request.forms.get('nick') password = request.forms.get('password') if users.check_login(db, username, password): users.generate_session(db, username) message = str("Logged in as " + username) redirect('/') return message else: return template('failedlogin')
def check_login(db): """Checking the Username and Password against the user's database Generate a session for the user and display index.html, else create a session and redirect to /""" user = request.forms.nick password = request.forms.password if users.check_login(db, user, password) is True: users.generate_session(db, user) redirect('/') else: return template("login_error")
def route(db): password_flag = False empty_flag = False username = request.forms.get("username") password = request.forms.get("password") name = request.forms.get("name") email = request.forms.get("email") suburb = request.forms.get("suburb") image = request.files.get("image") skills = request.forms.get("tags") if (username.isspace() or not username) or (len(password) == 0) or ( len(email) == 0) or (len(suburb) == 0) or (len(name) == 0): empty_flag = True if not password_test(password): password_flag = True if empty_flag: return { 'result': 'false', 'bannerMessage': banner_messages['UpdateAccountDetailsFailEmpty'] } if password_flag: return { 'result': 'false', 'bannerMessage': banner_messages['UpdateAccountDetailsFailPassword'] } valid_user = database.add_user(db, username, email, password, name, suburb, skills) if valid_user: # if user is valid if image is not None: uid = users.return_userID(db, username) imagePath = userImage_upload(uid, image) database.update_avatar(db, uid, imagePath) users.generate_session(db, username) return { 'result': 'true', 'bannerMessage': banner_messages['CreateAccountSuccess'] } else: return { 'result': 'false', 'bannerMessage': banner_messages['CreateAccountFailUsername'] }
def loginform(): """""" db = COMP249Db() nick = request.forms.get('nick') password = request.forms.get('password') session_user = users.session_user(db) if users.check_login(db, nick, password) == True: users.generate_session(db, nick) return redirect('/', code=302) else: info = {'title': "Failed Login"} return template('failed', info, session_user=session_user)
def test_generate_session(self): """The generate_session procedure makes a new session cookie to be returned to the client If there is already a session active for this user, return the same session key in the cookie""" # run tests for all test users for email, password, nick, avatar in self.users: cookie = users.generate_session(self.db, email) self.assertIsInstance(cookie, SimpleCookie, "Return value of generate_session is not a cookie") # look for the cookie self.assertTrue( users.COOKIE_NAME in cookie, "Cookie from generate_session has no entry for defined cookie name" ) # get the value and verify that it is in the sessions table sessionid = cookie[users.COOKIE_NAME].value cursor = self.db.cursor() cursor.execute("select useremail from sessions where sessionid=?", (sessionid,)) query_result = cursor.fetchone() if query_result == None: self.fail("No entry for session id %s in sessions table" % (sessionid,)) self.assertEqual(email, query_result[0]) # now try to make a new session for one of the users cookie2 = users.generate_session(self.db, email) self.assertIsInstance( cookie2, SimpleCookie, "Return value of generate_session is not a cookie for second call" ) # look for the cookie self.assertTrue( users.COOKIE_NAME in cookie2, "Cookie from generate_session has no entry for defined cookie name" ) # sessionid should be the same as before self.assertEqual(cookie2[users.COOKIE_NAME].value, sessionid) # try to generate a session for an invalid user cookie = users.generate_session(self.db, "*****@*****.**") self.assertEqual(cookie, None, "Invalid user should return None from generate_session")
def login(): db = COMP249Db() usernick = request.forms.get('nick') password = request.forms.get('password') if users.check_login(db, usernick, password): users.generate_session(db, usernick) response.set_header('Location', '/') response.status = 303 return 'Redirect to /' else: response.status = 200 return index(True)
def login(): db = COMP249Db() usernick = request.forms.get('nick') password = request.forms.get('password') if users.check_login(db, usernick, password): users.generate_session(db, usernick) response.set_header('Location', '/') response.status = 303 return 'Redirect to /' else: response.status = 200 return index(True)
def login(db): # Method to handle login action of form. # Field values are validated for null values by html required property. #First checking if the login is succes for the provided username and password combination. If success, then create # a session and redirect it to the index page. # If username - password combination is invalid, then redirect the request to fail.html username = request.forms.get('nick') password = request.forms.get('password') login_check = users.check_login(db,username,password) if login_check: users.generate_session(db,username) #calling generate_session method from users module return redirect("/") else: return template("fail" , title = "Login Failed")
def login(): """ Attempts to login with provided form data. If valid set cookie and redirect to homepage. If invalid redirect to homepage with login failed message. :return: Home page """ username = request.forms.get("nick") password = request.forms.get("password") if users.valid_user(db, username) & users.check_login( db, username, password): code = 302 users.generate_session(db, username) return redirect('/', code) else: dic = {"loginFailed": "Login Failed, please try again"} return index(dic)
def test_generate_session_invalid_user(self): """Test generate_session in the case when the user is not known""" sessionid = users.generate_session(self.db, "Unknown") self.assertEqual( sessionid, None, "Invalid user should return None from generate_session")
def login_req(db): """Authenticate user. If it is a valid user redirect to customized home page else redirect to mainpage""" #get post parameter username = request.forms.get("nick") password = request.forms.get("password") #check if user is valid if yes append username to greeting message else indicate login error message if (users.check_login(db, username, password)): users.generate_session(db, username) info['message'] = 'Logged in as ' + str(username) redirect('/') else: data = interface.position_list(db, 10) info['rows'] = data info['message'] = 'Login Failed, please try again' return template("index", info)
def determine_user(): """ Determines if the current request contains a session id cookie. If so append the user details to a dictionary. :return: User details in dictionary """ user = users.session_user(db) result = {"logged_in": "False"} if user is not None: users.generate_session(db, user) pic = interface.user_get(db, user)[2] result = { "logged_in": "True", "nickname": user, "username": user, "picture": pic } return result
def test_generate_session_twice(self): """Test generate_session in the case when there is already a session in place for a user""" password, nick, avatar = self.users[0] # make a first session users.generate_session(self.db, nick) sessionid = self.get_cookie_value(users.COOKIE_NAME) self.assertFalse(sessionid is None) # now try to make a new session users.generate_session(self.db, nick) sessionid2 = self.get_cookie_value(users.COOKIE_NAME) # sessionid should be the same as before self.assertEqual(sessionid, sessionid2)
def test_delete_session(self): """The delete_session procedure should remove all sessions for a given user in the sessions table. Test relies on working generate_session""" # run tests for all test users for passwd, nick, avatar in self.users: users.generate_session(self.db, nick) # now remove the session users.delete_session(self.db, nick) # now check that the session is not present cursor = self.db.cursor() cursor.execute('select sessionid from sessions where usernick=?', (nick,)) rows = cursor.fetchall() self.assertEqual(rows, [], "Expected no results for sessions query from deleted session, got %s" % (rows,))
def test_generate_session(self): """The generate_session procedure makes a new session cookie to be returned to the client If there is already a session active for this user, return the same session key in the cookie""" # run tests for all test users for password, nick, avatar in self.users: users.generate_session(self.db, nick) # get the sessionid from the response cookie sessionid = self.get_cookie_value(users.COOKIE_NAME) self.assertFalse(sessionid is None) cursor = self.db.cursor() cursor.execute('select usernick from sessions where sessionid=?', (sessionid, )) query_result = cursor.fetchone() if query_result is None: self.fail("No entry for session id %s in sessions table" % (sessionid, )) self.assertEqual(nick, query_result[0]) # now try to make a new session for one of the users users.generate_session(self.db, nick) sessionid2 = self.get_cookie_value(users.COOKIE_NAME) # sessionid should be the same as before self.assertEqual(sessionid, sessionid2) # try to generate a session for an invalid user sessionid3 = users.generate_session(self.db, "Unknown") self.assertEqual( sessionid3, None, "Invalid user should return None from generate_session")
def test_delete_session(self): """The delete_session procedure should remove all sessions for a given user in the sessions table. Test relies on working generate_session""" # run tests for all test users for passwd, nick, avatar in self.users: users.generate_session(self.db, nick) # now remove the session users.delete_session(self.db, nick) # now check that the session is not present cursor = self.db.cursor() cursor.execute('select sessionid from sessions where usernick=?', (nick, )) rows = cursor.fetchall() self.assertEqual( rows, [], "Expected no results for sessions query from deleted session, got %s" % (rows, ))
def login(): usern = request.forms.get('nick') passw = request.forms.get('password') if users.check_login(COMP249Db(), usern, passw) is True: users.delete_session(COMP249Db(), usern) session = users.generate_session(COMP249Db(), usern) return redirect('/') return index(False)
def flowtow_app(environ, start_response): headers = [('content-type', 'text/html')] # about page if environ['PATH_INFO'] == '/about': start_response("200 OK", headers) return page_about(environ) # action comment elif environ['PATH_INFO'] == '/comment': action_comment(environ) headers.append(('location', '/')) start_response("303 See Other", headers) return page_index(environ) # action upload elif environ['PATH_INFO'] == '/upload': action_upload(environ) start_response("200 OK", headers) return page_my_images(environ, start_response) # action login elif environ['PATH_INFO'] == '/login': form = cgi.FieldStorage(environ=environ, fp=environ['wsgi.input']) if 'email' in form and 'password' in form: useremail = form.getvalue('email') can_login = check_login(db, useremail, form.getvalue('password')) if can_login: cookie = generate_session(db, useremail) headers.append(('Set-Cookie', cookie[COOKIE_NAME].OutputString())) headers.append(('location', '/')) start_response("303 See Other", headers) return page_index(environ) headers.append(('location', '/?login_failed')) start_response("303 See Other", headers) return page_index(environ) # action logout elif environ['PATH_INFO'] == '/logout': logged_user = user_from_cookie(db, environ) if logged_user: delete_session(db, logged_user) headers.append(('location', '/')) start_response("303 See Other", headers) return page_index(environ) # my images elif environ['PATH_INFO'] == '/my_images': start_response("200 OK", headers) return page_my_images(environ, start_response) # index page elif environ['PATH_INFO'] == '/': start_response("200 OK", headers) return page_index(environ) # 404 else: return page_404(start_response)
def do_login(db): nick = request.forms.get('nick') password = request.forms.get('password') if check_login(db, nick, password): generate_session(db, nick) redirect("/") else: form_data = ''' <form action="/login" method="post" id="loginform"> Nick: <input name="nick" type="text" /> Password: <input name="password" type="password" /> <input value="Login" type="submit" /> </form> ''' info = { 'title': 'Home', 'position_list': [], 'form_data': form_data, 'fail': 'Login Failed, please try again <hr>' } return template('index', info)
def test_generate_session(self): """The generate_session procedure makes a new session cookie to be returned to the client If there is already a session active for this user, return the same session key in the cookie""" # run tests for all test users for password, nick, avatar in self.users: users.generate_session(self.db, nick) # get the sessionid from the response cookie sessionid = self.get_cookie_value(users.COOKIE_NAME) self.assertFalse(sessionid is None) cursor = self.db.cursor() cursor.execute('select usernick from sessions where sessionid=?', (sessionid,)) query_result = cursor.fetchone() if query_result is None: self.fail("No entry for session id %s in sessions table" % (sessionid,)) self.assertEqual(nick, query_result[0]) # now try to make a new session for one of the users users.generate_session(self.db, nick) sessionid2 = self.get_cookie_value(users.COOKIE_NAME) # sessionid should be the same as before self.assertEqual(sessionid, sessionid2) # try to generate a session for an invalid user sessionid3 = users.generate_session(self.db, "Unknown") self.assertEqual(sessionid3, None, "Invalid user should return None from generate_session")
def login(): """ As a Registered user i am able to insert my username and password to log into PSST! When a user logs in, check if the username and password is valid If so then add there session, and set cookie value If not then display an page saying failed login """ db = PsstDb() username = request.forms.get('nick') password = request.forms.get('password') if users.check_login(db, username, password) == True: users.generate_session(db, username) redirect('/') else: info = { 'login': has_visited(), 'searchVal': "", 'usernamed': users.session_user(db), 'title': "Welcome to Psst", 'content': 'Login Failed, Please try again. Error', 'posts': [] } return template('index', info)
def login(): """Display this page if any invalid user identification""" db = COMP249Db() list = interface.post_list(db, usernick=None, limit=50) private = "#private" # string that makes the post private content = "" http = "" str = "<h2><b>Welcome to Psst.</b> Latest pssts:</h2>" # title str = str + "<table>" # display previous posts for item in list: content = interface.post_to_html(item[3]) http = interface.post_to_html(content) # not display the posts with the '#private' tag if(bool(private.lower() in http.lower())==False): # only display the messages without '#private' str = str + "<tr>" str = str + "<td valign='top'><img src='" + item[4] + "' width='45'></td>" # user avatar str = str + "<td valign='bottom'><a href='/users/" + item[2] + "'>@" + item[2] + ": </a>" + http + " - <i>posted on " + item[ 1] + "</i></br></br></td></tr>" # username and contents users(item[2]) # generate /users/username page by users() function mentions(item[2]) # generate /mentions/username page by mentions function str = str + "</table>" # if there are something within the login field... if 'nick' in request.forms: username = request.forms['nick'] # get username from the 'nick' field password = request.forms['password'] # get password from the 'password' field str2 = "<p style='color:red'>Failed.</p>" loginString = "<form id='loginform' method='POST' action ='/login'><input type='text' name='nick' placeholder='username' class='focus' onKeyPress='return submitenter(this,event)'><input type='password' name='password' placeholder='password' class='focus' onKeyPress='return submitenter(this,event)'></form>" if not check_login(db, username, password): return template('base.tpl', base=str, validate=str2, login=loginString) # display 'Failed' if invaild user identification generate_session(db, username) # generate the user session response.set_header('Location', '/') response.status = 303 return "Redirect to /" # redirect to /
def login(): """Post request for Login; Retrieves user inputted details from the login form. Upon successful login, a cookie is set and the user is redirected to the homepage. If login fails, user is presented with the failed login display.""" db = COMP249Db() in_user = request.forms['nick'] in_password = request.forms['password'] if users.check_login(db, in_user, in_password): curr_session = users.generate_session(db, in_user) if curr_session: response.set_cookie(COOKIE_NAME, curr_session) redirect('/') else: return template('loginfail.html', title="Login Error", session=None, name=None)
def login(): """Post request for Login; Retrieves user inputted details from the login form. Upon successful login, a cookie is set and the user is redirected to the homepage. If login fails, user is presented with the failed login display.""" db = COMP249Db() in_user = request.forms['nick'] in_password = request.forms['password'] if users.check_login(db, in_user, in_password): curr_session = users.generate_session(db, in_user) if curr_session: response.set_cookie(COOKIE_NAME, curr_session) redirect('/') else: return template('loginfail.html', title="Login Error", session=None, name=None)
def login(environ, start_response): success = False headers = [("content-type", "text/html")] formdata = cgi.FieldStorage(environ=environ, fp=environ["wsgi.input"]) if "password" in formdata: email = formdata.getvalue("email", "") password = formdata.getvalue("password", "") success = users.check_login(db, email, password) # login is successful, creates a cookie if success: cookie = users.generate_session(db, email) headers.append(("Set-Cookie", cookie["sessionid"].OutputString())) headers.append(("Location", "/")) start_response("303 See Other", headers) return [redirect_page.encode()] else: content = "Login problem" mapping = {"title": "Login", "content": content, "navbar": get_navbar(environ)} start_response("200 OK", headers) return render("login.html", mapping)
def login(): """ 处理登录 :return: """ userNick = request.POST.get('nick') password = request.POST.get('password') flowTowDataBase = COMP249Db() if users.check_login(db=flowTowDataBase, usernick=userNick, password=password): if users.generate_session(db=flowTowDataBase, usernick=userNick): return redirect('/') renderDict = { "title": "Login Failed!", "homeActive": False, "aboutActive": True, "userNick": None } return template("loginFailed", renderDict)
def test_user_from_cookie(self): """The user_from_cookie procedure finds the name of the logged in user from the session cookie if present Test relies on working generate_cookie """ # first test with no cookie environ = dict() email_from_cookie = users.user_from_cookie(self.db, environ) self.assertEqual( email_from_cookie, None, "Expected None in case with no cookie, got %s" % str(email_from_cookie) ) cookie = SimpleCookie() cookie[users.COOKIE_NAME] = "fake sessionid" environ = {"HTTP_COOKIE": cookie[users.COOKIE_NAME].OutputString()} email_from_cookie = users.user_from_cookie(self.db, environ) self.assertEqual( email_from_cookie, None, "Expected None in case with invalid session id, got %s" % str(email_from_cookie) ) # run tests for all test users for email, password, nick, avatar in self.users: cookie = users.generate_session(self.db, email) self.assertIsInstance(cookie, SimpleCookie, "generate_session failing, can't run user_from_cookie tests") environ = {"HTTP_COOKIE": cookie[users.COOKIE_NAME].OutputString()} email_from_cookie = users.user_from_cookie(self.db, environ) self.assertEqual(email_from_cookie, email)
def test_delete_session(self): """The delete_session procedure should remove all sessions for a given user in the sessions table. Test relies on working generate_session""" # run tests for all test users for email, password, first, last in self.users: cookie = users.generate_session(self.db, email) self.assertIsInstance(cookie, SimpleCookie, "generate_session failing, can't run delete_session tests") # get the value and verify that it is in the sessions table sessionid = cookie[users.COOKIE_NAME].value # now remove the session users.delete_session(self.db, email) # now check that the session is not present cursor = self.db.cursor() cursor.execute("select sessionid from sessions where useremail=?", (email,)) rows = cursor.fetchall() self.assertEqual(rows, [], "Expected no results for sessions query from deleted session, got %s" % (rows,))