def verify_account_(request):
login.verify(token=request.web_input(token="").token, ip_address=request.client_addr)
return Response(define.errorpage(
request.userid,
"**Success!** Your email address has been verified "
"and you may now sign in to your account.",
[["Sign In", "/signin"], ["Return to the Home Page", "/"]]))
def GET(self):
login.verify(web.input(token="").token)
return define.errorpage(
self.user_id,
"**Success!** Your email address has been verified "
"and you may now sign in to your account.",
[["Sign In", "/signin"], ["Return to the Home Page", "/index"]])
def test_verify_success_if_valid_token_provided():
_create_pending_account()
login.verify(token)
userid = d.engine.scalar(
"SELECT userid FROM login WHERE login_name = %(name)s", name=username)
# Verify that each table gets the correct information added to it (checks for record's existence for brevity)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM authbcrypt WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM profile WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM userinfo WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM userstats WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM welcomecount WHERE userid = %(userid)s)",
userid=userid)
# The 'logincreate' record gets deleted on successful execution; verify this
assert not d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM logincreate WHERE token = %(token)s)",
token=token)
def test_verify_success_if_valid_token_provided():
_create_pending_account()
login.verify(token)
userid = d.engine.scalar("SELECT userid FROM login WHERE login_name = %(name)s", name=username)
# Verify that each table gets the correct information added to it (checks for record's existence for brevity)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM authbcrypt WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM profile WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM userinfo WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM userstats WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM welcomecount WHERE userid = %(userid)s)",
userid=userid)
# The 'logincreate' record gets deleted on successful execution; verify this
assert not d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM logincreate WHERE token = %(token)s)",
token=token)
def verify_account_(request):
login.verify(request.web_input(token="").token)
return Response(define.errorpage(
request.userid,
"**Success!** Your email address has been verified "
"and you may now sign in to your account.",
[["Sign In", "/signin"], ["Return to the Home Page", "/"]]))
def test_plausible_deniability_invalid_logincreate_record_does_not_create():
"""
A logincreate record with the 'invalid' field set should not create the account.
Expected result is a `raise WeasylError("logincreateRecordMissing")`
"""
_create_pending_account(invalid=True)
with pytest.raises(WeasylError) as err:
login.verify(token)
assert 'logincreateRecordMissing' == err.value.value
def test_plausible_deniability_invalid_logincreate_record_does_not_create():
"""
A logincreate record with the 'invalid' field set should not create the account.
Expected result is a `raise WeasylError("logincreateRecordMissing")`
"""
_create_pending_account(invalid=True)
with pytest.raises(WeasylError) as err:
login.verify(token)
assert 'logincreateRecordMissing' == err.value.value
def test_verify_success_if_valid_token_provided():
form = Bag(username=u'test',
password=u'0123456789',
passcheck=u'0123456789',
email=u'*****@*****.**',
emailcheck=u'*****@*****.**',
day=u'12',
month=u'12',
year=u'%d' % (arrow.now().year - 19, ))
d.engine.execute(
d.meta.tables["logincreate"].insert(), {
"token": token,
"username": form.username,
"login_name": form.username,
"hashpass": login.passhash(u'0123456789'),
"email": form.email,
"birthday": arrow.Arrow(2000, 1, 1),
"unixtime": arrow.now(),
})
login.verify(token)
userid = d.engine.scalar(
"SELECT userid FROM login WHERE login_name = %(name)s",
name=form.username)
# Verify that each table gets the correct information added to it (checks for record's existence for brevity)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM authbcrypt WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM profile WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM userinfo WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM userstats WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM welcomecount WHERE userid = %(userid)s)",
userid=userid)
# The 'logincreate' record gets deleted on successful execution; verify this
assert not d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM logincreate WHERE token = %(token)s)",
token=token)
def test_verify_success_if_valid_token_provided():
form = Bag(username=u'test', password=u'0123456789', passcheck=u'0123456789',
email=u'*****@*****.**', emailcheck=u'*****@*****.**',
day=u'12', month=u'12', year=u'%d' % (arrow.now().year - 19,))
d.engine.execute(d.meta.tables["logincreate"].insert(), {
"token": token,
"username": form.username,
"login_name": form.username,
"hashpass": login.passhash(u'0123456789'),
"email": form.email,
"birthday": arrow.Arrow(2000, 1, 1),
"unixtime": arrow.now(),
})
login.verify(token)
userid = d.engine.scalar("SELECT userid FROM login WHERE login_name = %(name)s", name=form.username)
# Verify that each table gets the correct information added to it (checks for record's existence for brevity)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM authbcrypt WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM profile WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM userinfo WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM userstats WHERE userid = %(userid)s)",
userid=userid)
assert d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM welcomecount WHERE userid = %(userid)s)",
userid=userid)
# The 'logincreate' record gets deleted on successful execution; verify this
assert not d.engine.scalar(
"SELECT EXISTS (SELECT 0 FROM logincreate WHERE token = %(token)s)",
token=token)
def test_error_raised_if_invalid_token_provided_to_function():
with pytest.raises(WeasylError) as err:
login.verify("qwe")
assert 'logincreateRecordMissing' == err.value.value
def GET(self):
login.verify(web.input(token="").token)
return define.errorpage(
self.user_id, "**Success!** Your email address has been verified "
"and you may now sign in to your account.",
[["Sign In", "/signin"], ["Return to the Home Page", "/index"]])
def test_error_raised_if_invalid_token_provided_to_function():
with pytest.raises(WeasylError) as err:
login.verify("qwe")
assert 'logincreateRecordMissing' == err.value.value
