def handler(event, context):
params = event.get(
"queryStringParameters") or dict() # can be None in event
email, code = params.get("email"), params.get("code")
try:
cognito.confirm_sign_up(
ClientId=CLIENT_ID,
Username=email,
ConfirmationCode=code,
)
except cognito.exceptions.ExpiredCodeException:
user = cognito.admin_get_user(UserPoolId=USER_POOL_ID, Username=email)
# check if email is already verified
email_verified = [
attr["Value"] for attr in user["UserAttributes"]
if attr["Name"] == "email_verified"
][0]
if email_verified == "true":
redirect_to(REDIRECT_WHEN_ALREADY_CONFIRMED)
return redirect_to(REDIRECT_WHEN_CODE_EXPIRED)
except (cognito.exceptions.CodeMismatchException,
cognito.exceptions.LimitExceededException) as e:
# here should be some page with "Oops, something went wrong. Please request another verification link later"
logging.warning(repr(e))
return redirect_to(REDIRECT_WHEN_CODE_EXPIRED)
return redirect_to(REDIRECT_AFTER_VERIFICATION)
def test_get_delete_user(client, admin, user):
login(client, admin)
assert redirect_to(client.get(url_for('admin.delete_user', user_id=str(user.id)))) == \
real_url('admin.registered_users')
with pytest.raises(DoesNotExist):
User.objects.get(id=user.id)
assert redirect_to(client.get(url_for('admin.delete_user', user_id=str(admin.id)))) == \
real_url('admin.registered_users')
assert User.objects.get(id=admin.id) == admin
def test_post_reset_password_request_failure(client, admin, monkeypatch):
assert redirect_to(client.post(
url_for('account.reset_password_request'))) == real_url('main.index')
login(client, admin)
monkeypatch.setattr(User, 'generate_password_reset_token',
lambda s: 'token')
assert redirect_to(
client.post(
url_for('account.reset_password_request'),
data={'email': '*****@*****.**'})) == real_url('account.login')
def test_post_delete_doc_meta_success_for_author(client, user, doc):
login(client, user)
assert redirect_to(
client.post(url_for('task.delete_doc_meta', doc_meta_id=str(
doc.id)))) == real_url('task.my_doc_meta')
assert not DocumentMeta.objects(theme=doc.theme).first()
def test_post_update_doc_meta_success(client, admin, doc):
login(client, admin)
with captured_templates(client.application) as templates:
assert client.get(
url_for('task.update_doc_meta',
doc_meta_id=str(doc.id))).status_code == 200
template, context = templates.pop()
assert template.name == 'task/manage_document.html'
assert context['action'] == 'Update'
assert context['data_type'] == str(doc)
form = context['form']
assert isinstance(form, DocMetaForm)
form.theme.data = 'new theme'
form.category.data = Category.LONG_TERM.value
form.url.data = 'https://www.newtest.com'
form.priority.data = 3
assert redirect_to(client.post(url_for('task.update_doc_meta', doc_meta_id=str(doc.id)), data=form.data)) == \
real_url('task.update_doc_meta', doc_meta_id=str(doc.id))
doc.reload()
assert doc.theme == 'new theme'
assert doc.category == Category.LONG_TERM.value
assert doc.url == 'https://www.newtest.com'
assert doc.priority == 3
def test_get_confirm_failure(client, admin):
login(client, admin)
admin.confirmed = False
admin.save()
admin.generate_confirmation_token()
assert redirect_to(
client.get(url_for('account.confirm',
token='invalid'))) == real_url('main.index')
admin.reload()
assert not admin.confirmed
admin.confirmed = True
admin.save()
assert redirect_to(
client.get(url_for('account.confirm',
token='invalid'))) == real_url('main.index')
def test_login_with_valid_next_endpoint(client, admin):
assert redirect_to(
client.post(
url_for('account.login', next='/task/doc_meta/my_documents'),
data={
'email': admin.email,
'password': '******'
})) == real_url('task.my_doc_meta')
def test_get_change_email_success(client, admin):
login(client, admin)
token = admin.generate_email_change_token('*****@*****.**')
assert redirect_to(
client.get(url_for('account.change_email',
token=token))) == real_url('main.index')
admin.reload()
assert admin.email == '*****@*****.**'
def test_get_change_email_failure(client, admin):
login(client, admin)
admin.generate_email_change_token('*****@*****.**')
assert redirect_to(
client.get(url_for('account.change_email',
token='notvalid'))) == real_url('main.index')
admin.reload()
assert admin.email == '*****@*****.**'
def test_get_confirm_success(client, admin):
login(client, admin)
admin.confirmed = False
admin.save()
token = admin.generate_confirmation_token()
assert redirect_to(client.get(url_for(
'account.confirm', token=token))) == real_url('main.index')
admin.reload()
assert admin.confirmed
def test_get_confirm_request(client, admin, monkeypatch):
login(client, admin)
monkeypatch.setattr(User, 'generate_confirmation_token', lambda s: 'token')
assert redirect_to(client.get(
url_for('account.confirm_request'))) == real_url('main.index')
queued_object = rq.get_queue(MessageQueue.email.value).get_kwargs()
assert queued_object['recipient'] == admin.email
assert queued_object['user'] == admin
assert queued_object['confirm_link'] == url_for(
'account.confirm', token='token', _external=True)
def test_post_reset_password_failure(client, admin):
data = {
'email': admin.email,
'new_password': '******',
'new_password2': '54321t'
}
login(client, admin)
assert redirect_to(
client.post(
url_for('account.reset_password', token='valid'),
data=data)) == real_url('main.index')
logout(client)
assert redirect_to(
client.post(
url_for('account.reset_password', token='not valid'),
data=data)) == real_url('main.index')
admin.reload()
assert not admin.verify_password(data['new_password'])
def test_post_join_from_invite_failure(client, admin, monkeypatch):
new_user = User(email='*****@*****.**')
new_user.save()
token = new_user.generate_confirmation_token()
login(client, admin)
assert redirect_to(
client.post(
url_for(
'account.join_from_invite',
user_id=str(new_user.id),
token=token))) == real_url('main.index')
logout(client)
assert client.post(
url_for(
'account.join_from_invite', user_id=INVALID_OBJECT_ID,
token=token)).status_code == 404
assert redirect_to(
client.post(
url_for(
'account.join_from_invite', user_id=str(admin.id),
token=token))) == real_url('main.index')
monkeypatch.setattr(User, 'generate_confirmation_token',
lambda s: 'new_token')
assert redirect_to(
client.post(
url_for(
'account.join_from_invite',
user_id=str(new_user.id),
token='invalid'))) == real_url('main.index')
queued_object = rq.get_queue(MessageQueue.email.value).get_kwargs()
assert queued_object['recipient'] == new_user.email
assert queued_object['user'] == new_user
assert queued_object['invite_link'] == url_for(
'account.join_from_invite',
user_id=str(new_user.id),
token='new_token',
_external=True)
def test_post_new_doc_meta_success(client, admin):
login(client, admin)
data = {
'theme': 'whats up',
'category': Category.SHORT_TERM.value,
'url': 'https://www.helloword.com',
}
assert redirect_to(client.post(url_for('task.new_doc_meta'),
data=data)) == real_url('task.new_doc_meta')
assert DocumentMeta.objects.get(theme=data['theme']).url == data['url']
assert DocumentMeta.objects(theme=data['theme']).first()
def test_post_change_password_success(client, admin):
login(client, admin)
data = {
'old_password': '******',
'new_password': '******',
'new_password2': 't12345'
}
assert redirect_to(
client.post(url_for('account.change_password'),
data=data)) == real_url('main.index')
admin.reload()
assert admin.verify_password(data['new_password'])
def test_post_reset_password_success(client, admin):
data = {
'email': admin.email,
'new_password': '******',
'new_password2': '54321t'
}
token = admin.generate_password_reset_token()
assert redirect_to(
client.post(url_for('account.reset_password', token=token),
data=data)) == real_url('account.login')
admin.reload()
assert admin.verify_password(data['new_password'])
def test_get_unconfirmed(client, admin):
login(client, admin)
admin.confirmed = False
admin.save()
with captured_templates(client.application) as templates:
assert client.get(url_for('account.unconfirmed')).status_code == 200
template, context = templates.pop()
assert template.name == 'account/unconfirmed.html'
admin.confirmed = True
admin.save()
assert redirect_to(client.get(
url_for('account.unconfirmed'))) == real_url('main.index')
def test_post_reset_password_request_success(client, admin, monkeypatch):
login(client, admin)
monkeypatch.setattr(User, 'generate_password_reset_token',
lambda s: 'token')
assert redirect_to(
client.post(
url_for('account.reset_password_request'),
data={'email': admin.email})) == real_url('account.login')
queued_object = rq.get_queue(MessageQueue.email.value).get_kwargs()
assert queued_object['recipient'] == admin.email
assert queued_object['user'] == admin
assert queued_object['reset_link'] == url_for(
'account.reset_password', token='token', _external=True)
def test_post_join_from_invite_success(client):
new_user = User(email='*****@*****.**')
new_user.save()
token = new_user.generate_confirmation_token()
data = {'password': '******', 'password2': 't12345'}
assert redirect_to(
client.post(
url_for(
'account.join_from_invite',
user_id=str(new_user.id),
token=token),
data=data)) == real_url('account.login')
new_user.reload()
assert new_user.verify_password('t12345')
new_user.delete()
def test_post_change_email_request_success(client, admin, monkeypatch):
login(client, admin)
monkeypatch.setattr(User, 'generate_email_change_token',
lambda s, e: 'token')
data = {
'email': '*****@*****.**',
'password': '******',
}
assert redirect_to(
client.post(url_for('account.change_email_request'),
data=data)) == real_url('main.index')
admin.reload()
queued_object = rq.get_queue(MessageQueue.email.value).get_kwargs()
assert queued_object['recipient'] == data['email']
assert queued_object['user'] == admin
assert queued_object['change_email_link'] == url_for(
'account.change_email', token='token', _external=True)
def test_post_register(client, monkeypatch):
monkeypatch.setattr(User, 'generate_confirmation_token', lambda s: 'token')
data = {
'first_name': 'first',
'last_name': 'last',
'email': '*****@*****.**',
'password': '******',
'password2': 't12345',
}
assert redirect_to(client.post(url_for('account.register'),
data=data)) == real_url('main.index')
user = User.objects(email=data['email']).first()
assert user.first_name == data['first_name']
assert user.last_name == data['last_name']
assert user.verify_password(data['password'])
queued_object = rq.get_queue(MessageQueue.email.value).get_kwargs()
assert queued_object['recipient'] == data['email']
assert queued_object['user'] == user
assert queued_object['confirm_link'] == url_for(
'account.confirm', token='token', _external=True)
def test_post_change_account_type(client, admin, user):
login(client, admin)
admin_role = Role.objects(name='Administrator').first()
data = {'role': str(admin_role.id)}
with captured_templates(client.application) as templates:
assert client.post(
url_for('admin.change_account_type', user_id=str(user.id)),
data=data).status_code == 200
template, context = templates.pop()
assert template.name == 'admin/manage_user.html'
assert context['user'] == user
assert isinstance(context['form'], ChangeAccountTypeForm)
user.reload()
assert user.role == admin_role
assert redirect_to(client.post(url_for('admin.change_account_type', user_id=str(admin.id)), data=data)) == \
real_url('admin.user_info', user_id=admin.id)
assert client.post(
url_for('admin.change_account_type', user_id=INVALID_OBJECT_ID),
data=data).status_code == 404
def test_api_require_login(client, endpoint, arguments):
assert redirect_to(client.get(url_for(
endpoint, **arguments))) == real_url('account.login')
def test_logout(client, admin):
login(client, admin)
assert current_user == admin
assert redirect_to(client.get(
url_for('account.logout'))) == real_url('main.index')
assert current_user.is_anonymous
