Exemplo n.º 1
0
def _validate_and_log_user(form):
    if form.validate_on_submit():
        mongo_user = mongo.db.users.find_one({'email': form.email.data})
        if mongo_user and bcrypt.check_password_hash(mongo_user['password'], form.password.data):
            login_user(User(mongo_user), remember=form.remember_me.data)
        else:
            flash('Utilisateur ou mot de passe non valide.')
Exemplo n.º 2
0
 def post(self):
     # get the post data
     post_data = request.get_json()
     try:
         # fetch the user data
         user = User.query.filter_by(email=post_data.get('email')).first()
         if user and bcrypt.check_password_hash(user.password,
                                                post_data.get('password')):
             refresh_token = user.encode_refresh_token(user.id)
             if refresh_token:
                 responseObject = {
                     'status':
                     'success',
                     'message':
                     'Successfully logged in.',
                     'refresh_token':
                     refresh_token.decode(),
                     'access_token':
                     (User.encode_access_token(user.id)).decode()
                 }
                 return make_response(jsonify(responseObject)), 200
         else:
             responseObject = {
                 'status': 'fail',
                 'message': 'User does not exist.'
             }
             return make_response(jsonify(responseObject)), 404
     except Exception as e:
         print(e)
         responseObject = {'status': 'fail', 'message': 'Try again'}
         return make_response(jsonify(responseObject)), 500
Exemplo n.º 3
0
    def test_change_password(self):
        self.client.post('/',
                         data=dict(email='*****@*****.**', password='******'))
        response = self.client.post('/profil/',
                                    data=dict(nickname='james',
                                              email='*****@*****.**',
                                              actual_password='******',
                                              new_password='******',
                                              confirm_new_password='******'))

        self.assert200(response)
        self.assertTemplateUsed('profil/index.html')
        self.assertEqual({
            'email': '*****@*****.**',
            'nickname': 'james'
        },
                         mongo.db.users.find_one({'email': '*****@*****.**'}, {
                             'password': 0,
                             '_id': 0
                         }))
        self.assertTrue(
            bcrypt.check_password_hash(
                mongo.db.users.find_one({'email': '*****@*****.**'},
                                        {'password': 1})['password'],
                'secret'))
Exemplo n.º 4
0
    def validate_actual_password(self, field):
        if self.new_password.data and not field.data:
            raise ValidationError(field.gettext(u'Ce champs est requis.'))

        if field.data:
            user = mongo.db.users.find_one({'_id': ObjectId(current_user.get_id())})
            if not bcrypt.check_password_hash(user['password'], field.data):
                raise ValidationError(field.gettext(u'Le mot de passe n\'est pas correct.'))
Exemplo n.º 5
0
    def test_change_password(self):
        self.client.post('/', data=dict(email='*****@*****.**', password='******'))
        response = self.client.post('/profil/', data=dict(nickname='james', email='*****@*****.**', actual_password='******', new_password='******', confirm_new_password='******'))

        self.assert200(response)
        self.assertTemplateUsed('profil/index.html')
        self.assertEqual({'email': '*****@*****.**', 'nickname': 'james'},
                         mongo.db.users.find_one({'email': '*****@*****.**'}, {'password': 0, '_id': 0}))
        self.assertTrue(bcrypt.check_password_hash(mongo.db.users.find_one({'email': '*****@*****.**'}, {'password': 1})['password'], 'secret'))
Exemplo n.º 6
0
    def test_change_all_values(self):
        self.client.post('/', data=dict(email='*****@*****.**', password='******'))
        response = self.client.post('/profil/', data=dict(nickname='tony', email='*****@*****.**', actual_password='******', new_password='******', confirm_new_password='******'))

        self.assert200(response)
        self.assertTemplateUsed('profil/index.html')
        self.assertEqual({'email': '*****@*****.**', 'nickname': 'tony'},
                         mongo.db.users.find_one({'email': '*****@*****.**'}, {'password': 0, '_id': 0}))
        self.assertTrue(bcrypt.check_password_hash(mongo.db.users.find_one({'email': '*****@*****.**'}, {'password': 1})['password'], 'secret'))
        self.assertEqual([{'url': 'http://www.bar.com', 'user': {'_id': ObjectId('5495f2a88766017d44130bb6'), 'email': '*****@*****.**', 'nickname': 'tony'}},
                          {'url': 'http://www.foo.com', 'user': {'_id': ObjectId('5495f2a88766017d44130bb6'), 'email': '*****@*****.**', 'nickname': 'tony'}}],
                         list(mongo.db.bookmarks.find({'user._id': ObjectId('5495f2a88766017d44130bb6')}, {'published': 0, '_id': 0}).sort('url')))
Exemplo n.º 7
0
    def test_change_all_values(self):
        self.client.post('/',
                         data=dict(email='*****@*****.**', password='******'))
        response = self.client.post('/profil/',
                                    data=dict(nickname='tony',
                                              email='*****@*****.**',
                                              actual_password='******',
                                              new_password='******',
                                              confirm_new_password='******'))

        self.assert200(response)
        self.assertTemplateUsed('profil/index.html')
        self.assertEqual({
            'email': '*****@*****.**',
            'nickname': 'tony'
        },
                         mongo.db.users.find_one({'email': '*****@*****.**'}, {
                             'password': 0,
                             '_id': 0
                         }))
        self.assertTrue(
            bcrypt.check_password_hash(
                mongo.db.users.find_one({'email': '*****@*****.**'},
                                        {'password': 1})['password'],
                'secret'))
        self.assertEqual(
            [{
                'url': 'http://www.bar.com',
                'user': {
                    '_id': ObjectId('5495f2a88766017d44130bb6'),
                    'email': '*****@*****.**',
                    'nickname': 'tony'
                }
            }, {
                'url': 'http://www.foo.com',
                'user': {
                    '_id': ObjectId('5495f2a88766017d44130bb6'),
                    'email': '*****@*****.**',
                    'nickname': 'tony'
                }
            }],
            list(
                mongo.db.bookmarks.find(
                    {
                        'user._id': ObjectId('5495f2a88766017d44130bb6')
                    }, {
                        'published': 0,
                        '_id': 0
                    }).sort('url')))