def _populate(self, app): from zope.password.password import SSHAPasswordManager pwd_mgr = SSHAPasswordManager() encoded = pwd_mgr.encodePassword('password') cartouche = app.cartouche = FauxCartouche() cartouche.by_uuid['UUID'] = Dummy(uuid='UUID', password=encoded) cartouche.by_login['login'] = '******'
def sendGeneratedPassword(request, uuid, confirmed): record = confirmed.get(uuid) if record is None: raise KeyError pwd_mgr = SSHAPasswordManager() generator = request.registry.queryUtility(IPasswordGenerator, default=randomPassword) new_password = generator() encoded = pwd_mgr.encodePassword(new_password) confirmed.set(uuid, email=record.email, login=record.login, password=encoded, security_question=record.security_question, security_answer=record.security_answer, token=record.token, ) from_addr = request.registry.settings['cartouche.from_addr'] delivery = request.registry.queryUtility(IMailDelivery, default=localhost_mta) login_url = view_url(request.context, request, 'login_url', 'login.html') body = PASSWORD_EMAIL % {'password': new_password, 'login_url': login_url} message = Message() message['Subject'] = 'Your new site password' message.set_payload(body) delivery.send(from_addr, [record.email], message)
def sendGeneratedPassword(request, uuid, confirmed): record = confirmed.get(uuid) if record is None: raise KeyError pwd_mgr = SSHAPasswordManager() generator = request.registry.queryUtility(IPasswordGenerator, default=randomPassword) new_password = generator() encoded = pwd_mgr.encodePassword(new_password) confirmed.set( uuid, email=record.email, login=record.login, password=encoded, security_question=record.security_question, security_answer=record.security_answer, token=record.token, ) from_addr = request.registry.settings['cartouche.from_addr'] delivery = request.registry.queryUtility(IMailDelivery, default=localhost_mta) login_url = view_url(request.context, request, 'login_url', 'login.html') body = PASSWORD_EMAIL % {'password': new_password, 'login_url': login_url} message = Message() message['Subject'] = 'Your new site password' message.set_payload(body) delivery.send(from_addr, [record.email], message)
def edit_account_view(context, request): confirmed = request.registry.queryAdapter(context, IRegistrations, name='confirmed') if confirmed is None: #pragma NO COVERAGE confirmed = ConfirmedRegistrations(context) identity = request.environ.get('repoze.who.identity') if identity is None: return HTTPUnauthorized() userid = identity['repoze.who.userid'] account_info = confirmed.get(userid) if account_info is None: return HTTPForbidden() appstruct = {'login_name': account_info.login, 'email': account_info.email, 'security': {'question': account_info.security_question or '', 'answer': account_info.security_answer or '', }, } schema = EditAccount().bind(current_login_name=account_info.login, confirmed=confirmed, old_password=account_info.password) form = Form(schema, buttons=('update',)) rendered_form = form.render(appstruct) if 'update' in request.POST: try: appstruct = form.validate(request.POST.items()) except ValidationFailure as e: rendered_form = e.render() else: login = appstruct['login_name'] email = appstruct['email'] pwd_mgr = SSHAPasswordManager() password = pwd_mgr.encodePassword(appstruct['password']) security_question = appstruct['security']['question'] security_answer = appstruct['security']['answer'] confirmed.set(userid, email=email, login=login, password=password, security_question=security_question, security_answer=security_answer, ) return HTTPFound( location=view_url(context, request, 'after_edit_url', request.view_name, )) main_template = get_renderer('templates/main.pt') return {'main_template': main_template.implementation(), 'rendered_form': rendered_form, }
def edit_account_view(context, request): confirmed = request.registry.queryAdapter(context, IRegistrations, name='confirmed') if confirmed is None: #pragma NO COVERAGE confirmed = ConfirmedRegistrations(context) identity = request.environ.get('repoze.who.identity') if identity is None: return HTTPUnauthorized() userid = identity['repoze.who.userid'] account_info = confirmed.get(userid) if account_info is None: return HTTPForbidden() appstruct = { 'login_name': account_info.login, 'email': account_info.email, 'security': { 'question': account_info.security_question or '', 'answer': account_info.security_answer or '', }, } schema = EditAccount().bind(current_login_name=account_info.login, confirmed=confirmed, old_password=account_info.password) form = Form(schema, buttons=('update', )) rendered_form = form.render(appstruct) if 'update' in request.POST: try: appstruct = form.validate(request.POST.items()) except ValidationFailure, e: rendered_form = e.render() else: login = appstruct['login_name'] email = appstruct['email'] pwd_mgr = SSHAPasswordManager() password = pwd_mgr.encodePassword(appstruct['password']) security_question = appstruct['security']['question'] security_answer = appstruct['security']['answer'] confirmed.set( userid, email=email, login=login, password=password, security_question=security_question, security_answer=security_answer, ) return HTTPFound(location=view_url( context, request, 'after_edit_url', request.view_name, ))
def test_POST_w_password_match_w_after_edit_url(self): from webob.exc import HTTPFound from webob.multidict import MultiDict from zope.password.password import SSHAPasswordManager AFTER = '/' OLD_EMAIL = '*****@*****.**' NEW_EMAIL = '*****@*****.**' ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}} self.config.registry.settings['cartouche.after_edit_url'] = AFTER pwd_mgr = SSHAPasswordManager() encoded = pwd_mgr.encodePassword('old_password') by_uuid, by_login, by_email = self._registerConfirmed() by_uuid['UUID'] = Dummy(login='******', email=OLD_EMAIL, password=encoded, security_question='borncity', security_answer='FXBG') by_email[OLD_EMAIL] = by_login['before'] = 'UUID' POST = MultiDict([ ('login_name', 'after'), ('email', NEW_EMAIL), ('old_password', 'old_password'), ('__start__', 'password:mapping'), ('value', 'newpassword'), ('confirm', 'newpassword'), ('__end__', 'password:mapping'), ('__start__', 'security:mapping'), ('question', 'petname'), ('answer', 'Fido'), ('__end__', 'security:mapping'), ('update', ''), ]) request = self._makeRequest(POST=POST, environ=ENVIRON, view_name='edit_account.html') response = self._callFUT(request=request) self.failUnless(isinstance(response, HTTPFound)) self.assertEqual(response.location, 'http://example.com/') new_record = by_uuid['UUID'] self.assertEqual(new_record.login, 'after') self.failUnless( pwd_mgr.checkPassword(new_record.password, 'newpassword')) self.assertEqual(new_record.security_question, 'petname') self.assertEqual(new_record.security_answer, 'Fido') self.failIf(OLD_EMAIL in by_email) self.assertEqual(by_email[NEW_EMAIL], 'UUID') self.failIf('before' in by_login) self.assertEqual(by_login['after'], 'UUID')
def test_POST_w_password_match_w_after_edit_url(self): from webob.exc import HTTPFound from webob.multidict import MultiDict from zope.password.password import SSHAPasswordManager AFTER = '/' OLD_EMAIL = '*****@*****.**' NEW_EMAIL = '*****@*****.**' ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}} self.config.registry.settings['cartouche.after_edit_url'] = AFTER pwd_mgr = SSHAPasswordManager() encoded = pwd_mgr.encodePassword('old_password') by_uuid, by_login, by_email = self._registerConfirmed() by_uuid['UUID'] = Dummy(login='******', email=OLD_EMAIL, password=encoded, security_question='borncity', security_answer='FXBG') by_email[OLD_EMAIL] = by_login['before'] = 'UUID' POST = MultiDict([('login_name', 'after'), ('email', NEW_EMAIL), ('old_password', 'old_password'), ('__start__', 'password:mapping'), ('password', 'newpassword'), ('password-confirm', 'newpassword'), ('__end__', 'password:mapping'), ('__start__', 'security:mapping'), ('question', 'petname'), ('answer', 'Fido'), ('__end__', 'security:mapping'), ('update', ''), ]) request = self._makeRequest(POST=POST, environ=ENVIRON, view_name='edit_account.html') response = self._callFUT(request=request) self.failUnless(isinstance(response, HTTPFound)) self.assertEqual(response.location, 'http://example.com/') new_record = by_uuid['UUID'] self.assertEqual(new_record.login, 'after') self.failUnless(pwd_mgr.checkPassword(new_record.password, 'newpassword')) self.assertEqual(new_record.security_question, 'petname') self.assertEqual(new_record.security_answer, 'Fido') self.failIf(OLD_EMAIL in by_email) self.assertEqual(by_email[NEW_EMAIL], 'UUID') self.failIf('before' in by_login) self.assertEqual(by_login['after'], 'UUID')
def _registerConfirmed(self): from zope.password.password import SSHAPasswordManager from cartouche.interfaces import IRegistrations pwd_mgr = SSHAPasswordManager() encoded = pwd_mgr.encodePassword('password') class DummyConfirmed: def __init__(self, context): pass def get_by_login(self, login, default=None): if login == 'login': return Dummy(uuid='UUID', password=encoded) return default self.config.registry.registerAdapter(DummyConfirmed, (None,), IRegistrations, name='confirmed')
def test_POST_w_password_match_new_login_not_unique(self): import re from webob.multidict import MultiDict from zope.password.password import SSHAPasswordManager SUMMARY_ERROR = re.compile('<h3[^>]*>There was a problem', re.MULTILINE) FIELD_ERROR = re.compile('<p class="errorMsg"', re.MULTILINE) OLD_EMAIL = '*****@*****.**' NEW_EMAIL = '*****@*****.**' ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}} pwd_mgr = SSHAPasswordManager() encoded = pwd_mgr.encodePassword('old_password') by_uuid, by_login, by_email = self._registerConfirmed() by_uuid['UUID'] = Dummy(login='******', email=OLD_EMAIL, password=encoded, security_question='borncity', security_answer='FXBG') by_email[OLD_EMAIL] = by_login['before'] = 'UUID' by_uuid['OTHER_UUID'] = Dummy(login='******') by_login['taken'] = 'OTHER_UUID' POST = MultiDict([ ('login_name', 'taken'), ('email', NEW_EMAIL), ('old_password', 'old_password'), ('__start__', 'password:mapping'), ('value', 'newpassword'), ('confirm', 'newpassword'), ('__end__', 'password:mapping'), ('__start__', 'security:mapping'), ('question', 'petname'), ('answer', 'Fido'), ('__end__', 'security:mapping'), ('update', ''), ]) request = self._makeRequest(POST=POST, environ=ENVIRON) info = self._callFUT(request=request) rendered_form = info['rendered_form'] self.failUnless(SUMMARY_ERROR.search(rendered_form)) self.failUnless(FIELD_ERROR.search(rendered_form)) self.failUnless(OLD_EMAIL in by_email) self.failIf(NEW_EMAIL in by_email) self.assertEqual(by_login['before'], 'UUID') self.assertEqual(by_login['taken'], 'OTHER_UUID')
def test_POST_w_password_match_new_login_not_unique(self): import re from webob.multidict import MultiDict from zope.password.password import SSHAPasswordManager SUMMARY_ERROR = re.compile('<div class="errorMsgLbl[^>]*>' 'There was a problem', re.MULTILINE) FIELD_ERROR = re.compile('<p class="errorMsg"', re.MULTILINE) OLD_EMAIL = '*****@*****.**' NEW_EMAIL = '*****@*****.**' ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}} pwd_mgr = SSHAPasswordManager() encoded = pwd_mgr.encodePassword('old_password') by_uuid, by_login, by_email = self._registerConfirmed() by_uuid['UUID'] = Dummy(login='******', email=OLD_EMAIL, password=encoded, security_question='borncity', security_answer='FXBG') by_email[OLD_EMAIL] = by_login['before'] = 'UUID' by_uuid['OTHER_UUID'] = Dummy(login='******') by_login['taken'] = 'OTHER_UUID' POST = MultiDict([('login_name', 'taken'), ('email', NEW_EMAIL), ('old_password', 'old_password'), ('__start__', 'password:mapping'), ('password', 'newpassword'), ('password-confirm', 'newpassword'), ('__end__', 'password:mapping'), ('__start__', 'security:mapping'), ('question', 'petname'), ('answer', 'Fido'), ('__end__', 'security:mapping'), ('update', ''), ]) request = self._makeRequest(POST=POST, environ=ENVIRON) info = self._callFUT(request=request) rendered_form = info['rendered_form'] self.assertTrue(SUMMARY_ERROR.search(rendered_form)) self.assertTrue(FIELD_ERROR.search(rendered_form)) self.assertTrue(OLD_EMAIL in by_email) self.assertFalse(NEW_EMAIL in by_email) self.assertEqual(by_login['before'], 'UUID') self.assertEqual(by_login['taken'], 'OTHER_UUID')
def _registerConfirmed(self): from zope.password.password import SSHAPasswordManager from cartouche.interfaces import IRegistrations pwd_mgr = SSHAPasswordManager() encoded = pwd_mgr.encodePassword('password') class DummyConfirmed: def __init__(self, context): pass def get_by_login(self, login, default=None): if login == 'login': return Dummy(uuid='UUID', password=encoded) return default self.config.registry.registerAdapter(DummyConfirmed, (None, ), IRegistrations, name='confirmed')
def test_GET_w_known_credentials_later_edit(self): from io import StringIO from xml.etree import ElementTree as ET from zope.password.password import SSHAPasswordManager from .._compat import u BLANK = u('') BEFORE = u('before') FXBG = u('FXBG') EMAIL = u('*****@*****.**') ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}} pwd_mgr = SSHAPasswordManager() encoded = pwd_mgr.encodePassword('old_password') by_uuid, by_login, by_email = self._registerConfirmed() by_uuid['UUID'] = Dummy(login=BEFORE, email=EMAIL, password=encoded, security_question='borncity', security_answer=FXBG, ) by_email[EMAIL] = by_login['login'] = '******' mtr = self.config.testing_add_template('templates/main.pt') request = self._makeRequest(environ=ENVIRON) info = self._callFUT(request=request) self.assertTrue(info['main_template'] is mtr.implementation()) rendered_form = info['rendered_form'] form_tree = ET.parse(StringIO(rendered_form)) inputs = [(x.get('name'), x.get('value')) for x in form_tree.findall('.//input')] inputs = [x for x in inputs if not x[0].startswith('_')] self.assertEqual(inputs, [('login_name', BEFORE), ('email', EMAIL), ('old_password', BLANK), ('password', BLANK), ('password-confirm', BLANK), ('answer', FXBG), ]) selects = [x.get('name') for x in form_tree.findall('.//select')] self.assertEqual(selects, ['question'])
def test_GET_w_known_credentials_later_edit(self): import re from zope.password.password import SSHAPasswordManager INPUT = re.compile( '<input.* name="(?P<name>\w+)" ' 'value="(?P<value>[^"]*)"', re.MULTILINE) SELECT = re.compile('<select.* name="(?P<name>\w+)"', re.MULTILINE) EMAIL = '*****@*****.**' ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}} pwd_mgr = SSHAPasswordManager() encoded = pwd_mgr.encodePassword('old_password') by_uuid, by_login, by_email = self._registerConfirmed() by_uuid['UUID'] = Dummy( login='******', email=EMAIL, password=encoded, security_question='borncity', security_answer='FXBG', ) by_email[EMAIL] = by_login['login'] = '******' mtr = self.config.testing_add_template('templates/main.pt') request = self._makeRequest(environ=ENVIRON) info = self._callFUT(request=request) self.failUnless(info['main_template'] is mtr.implementation()) rendered_form = info['rendered_form'] inputs = [ x for x in INPUT.findall(rendered_form) if not x[0].startswith('_') ] self.assertEqual(inputs, [ ('login_name', 'before'), ('email', EMAIL), ('old_password', ''), ('value', ''), ('confirm', ''), ('answer', 'FXBG'), ]) selects = [x for x in SELECT.findall(rendered_form)] self.assertEqual(selects, ['question'])
def test_GET_w_known_credentials_later_edit(self): import re from zope.password.password import SSHAPasswordManager INPUT = re.compile('<input.* name="(?P<name>[\w-]+)" ' 'value="(?P<value>[^"]*)"', re.MULTILINE) SELECT = re.compile('<select.* name="(?P<name>\w+)"', re.MULTILINE) EMAIL = '*****@*****.**' ENVIRON = {'repoze.who.identity': {'repoze.who.userid': 'UUID'}} pwd_mgr = SSHAPasswordManager() encoded = pwd_mgr.encodePassword('old_password') by_uuid, by_login, by_email = self._registerConfirmed() by_uuid['UUID'] = Dummy(login='******', email=EMAIL, password=encoded, security_question='borncity', security_answer='FXBG', ) by_email[EMAIL] = by_login['login'] = '******' mtr = self.config.testing_add_template('templates/main.pt') request = self._makeRequest(environ=ENVIRON) info = self._callFUT(request=request) self.failUnless(info['main_template'] is mtr.implementation()) rendered_form = info['rendered_form'] inputs = [x for x in INPUT.findall(rendered_form) if not x[0].startswith('_')] self.assertEqual(inputs, [('login_name', 'before'), ('email', EMAIL), ('old_password', ''), ('password', ''), ('password-confirm', ''), ('answer', 'FXBG'), ]) selects = [x for x in SELECT.findall(rendered_form)] self.assertEqual(selects, ['question'])