def test_reset_user_password(self, testdir_class, test_utils): testdir_class.activate() username = test_utils.random_string(5) Users.create_user(username, '123456') hashed_password = Users.get_user_by_username(username).password errors = Users.reset_user_password(username, '234567') assert errors == [] new_hashed_password = Users.get_user_by_username(username).password assert hashed_password != new_hashed_password
def test_edit_user_email(self, testdir_class, test_utils): testdir_class.activate() username = test_utils.random_string(5) email = test_utils.random_email() Users.create_user(username, '123456', email) # Do not edit user email Users.edit_user(username, new_email=False) assert Users.get_user_by_username(username).email == email # '' is converted to None Users.edit_user(username, new_email='') assert Users.get_user_by_username(username).email is None Users.edit_user(username, new_email=email) assert Users.get_user_by_username(username).email == email # Email is saved as None Users.edit_user(username, new_email=None) assert Users.get_user_by_username(username).email is None
def login(): if current_user is not None and current_user.is_authenticated: return redirect(url_for('webapp.index')) if request.method == 'POST': errors = [] username = request.form['username'] password = request.form['password'] next_url = request.form['next'] if not username: errors.append('Username is required') elif not password: errors.append('Password is required') elif not Users.user_exists(username): errors.append('Username does not exists') elif not Users.verify_password(username, password): errors.append('Username and password do not match') if errors: return render_template('login.html', next_url=next_url, errors=errors) else: login_user(Users.get_user_by_username(username)) if not next_url or not is_safe_url(next_url): next_url = '/' return redirect(next_url) else: next_url = request.args.get('next') if not next_url or not is_safe_url(next_url): next_url = '/' return render_template('login.html', next_url=next_url, errors=[])
def test_project_weight(self, project_class, test_utils): testdir, project = project_class.activate() username = test_utils.random_string(5) Users.create_user(username, '123456') Users.add_project_to_user(username, project, Permissions.ADMIN) user = Users.get_user_by_username(username) assert user.project_weight(project) == Permissions.weights[ Permissions.ADMIN]
def test_add_project_to_user(self, project_function_clean, test_utils): testdir, project = project_function_clean.activate() username = test_utils.random_string(5) Users.create_user(username, '123456') Users.add_project_to_user(username, project, Permissions.SUPER_USER) user = Users.get_user_by_username(username) assert project in user.projects assert user.projects[project] == Permissions.SUPER_USER
def test_verify_password(self, testdir_class, test_utils): testdir_class.activate() username = test_utils.random_string(5) password = '******' Users.create_user(username, password) user = Users.get_user_by_username(username) assert user.password != password assert user.verify_password(password) assert not user.verify_password('invalid_password')
def test_verify_auth_token(self, testdir_class, test_utils): testdir_class.activate() username = test_utils.random_string(5) password = '******' Users.create_user(username, password) app = create_app() token = Users.get_user_by_username(username).generate_auth_token( app.secret_key) user = Users.verify_auth_token(app.secret_key, token) assert user.username == username
def test_edit_user(self, testdir_class, test_utils): testdir_class.activate() username = test_utils.random_string(5) email = test_utils.random_email() Users.create_user(username, '123456', email) new_username = test_utils.random_string(5) new_email = test_utils.random_email() errors = Users.edit_user(username, new_username, new_email) assert errors == [] user = Users.get_user_by_username(new_username) assert user.email == new_email
def test_verify_auth_token_expired_token(self, testdir_class, test_utils): testdir_class.activate() username = test_utils.random_string(5) password = '******' Users.create_user(username, password) app = create_app() user = Users.get_user_by_username(username) token = user.generate_auth_token(app.secret_key, expiration=1) time.sleep(2) with pytest.raises(SignatureExpired): Users.verify_auth_token(app.secret_key, token)
def test_create_superuser_command_no_email(self, testdir_class, test_utils): testdir_class.activate() username = test_utils.random_string(5) password = test_utils.random_string(5) commands.createsuperuser_command(username, None, password, no_input=True) user = Users.get_user_by_username(username) assert user.email is None
def auth_token(): username = request.json['username'] password = request.json['password'] user = Users.get_user_by_username(username=username) if user is None: abort(401, 'User does not exist') elif not user.verify_password(password): abort(401, 'Incorrect password') else: token = user.generate_auth_token(current_app.secret_key) return jsonify(token.decode())
def test_create_superuser_command(self, testdir_class, test_utils, capsys): testdir_class.activate() username = test_utils.random_string(5) email = test_utils.random_email() password = test_utils.random_string(5) commands.createsuperuser_command(username, email, password, no_input=True) out, err = capsys.readouterr() assert f'Superuser {username} was created successfully.' in out assert Users.user_exists(username) user = Users.get_user_by_username(username) assert user.email == email
def test_create_user_password_is_hashed(self, testdir_class, test_utils): testdir_class.activate() username = test_utils.random_string(5) password = '******' Users.create_user(username, password) assert Users.get_user_by_username(username).password != password
def test_create_super_user(self, testdir_function, test_utils): testdir_function.activate() username = test_utils.random_string(10) Users.create_super_user(username, '123456') user = Users.get_user_by_username(username) assert user.is_superuser
def edit_user_view(username): user = Users.get_user_by_username(username) return render_template('users/user_form.html', edition_mode=True, edit_user=user)