Exemplos de PasswordService em Python

Exemplo n.º 1

Arquivo: test_password_service.py Projeto: SO1T/honey-money

def test_check_password(user_account):
    user = user_account()
    user.set_password("CORRECT_PASSWORD")
    user.save(update_fields=("password", ))

    with pytest.raises(WrongPasswordError):
        PasswordService.check_password(user, "INCORRECT_PASSWORD")

Exemplo n.º 2

class ConfirmResetPasswordSerializer(serializers.Serializer):

    password = serializers.CharField(max_length=128,
                                     write_only=True,
                                     style={"input_type": "password"})
    signature = serializers.CharField(max_length=71, write_only=True)

    def __init__(self, *args, **kwargs):
        super(ConfirmResetPasswordSerializer, self).__init__(*args, **kwargs)
        self.password_service = PasswordService()

    def validate_password(self, password):
        try:
            self.password_service.validate_password(password)
        except InvalidPasswordError as e:
            raise ValidationError(e) from e
        return password

    def save(self, **kwargs):
        new_password = self.validated_data["password"]
        signature = self.validated_data["signature"]
        try:
            self.password_service.reset_password(signature, new_password)
        except InvalidResetPasswordSignatureError as e:
            raise ValidationError({"signature": e.message}) from e

    def create(self, validated_data):
        assert False, "Do not use update directly"

    def update(self, instance, validated_data):
        assert False, "Do not use update directly"

Exemplo n.º 3

Arquivo: test_password_service.py Projeto: SO1T/honey-money

def test_send_reset_password_link_success(settings, user_account, mocker):
    user = user_account()
    domain_name = "test_send_reset_password_link_success.com"
    signature = "signature"
    site = Site.objects.create(domain=domain_name, name=domain_name)
    settings.SITE_ID = site.pk
    mocked_generate_reset_password_signature = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}._generate_reset_password_signature",
        return_value=signature)
    mocked_send_notification = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}._send_notification")

    PasswordService.send_reset_password_link(user.email)

    mocked_generate_reset_password_signature.assert_called_once_with(user)
    mocked_send_notification.assert_called_once_with(
        user.pk,
        {
            "user_notification_salutation":
            "Dear client",
            "domain_name":
            domain_name,
            "reset_password_link":
            f"https://{domain_name}/reset-password/{signature}",
        },
    )

Exemplo n.º 4

Arquivo: test_password_service.py Projeto: SO1T/honey-money

def test_reset_password_success(user_account, mocker):
    new_password = "******"  # nosec
    user = user_account()
    reset_password_signature = TimestampSigner().sign(user.pk)
    mocked_change_password = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}.change_password")

    PasswordService.reset_password(reset_password_signature, new_password)

    mocked_change_password.assert_called_once_with(user, new_password)

Exemplo n.º 5

Arquivo: test_password_service.py Projeto: SO1T/honey-money

def test_reset_password_user_failure(mocker):
    new_password = "******"  # nosec
    assert UserAccount.objects.count() == 0
    reset_password_signature = TimestampSigner().sign(uuid.uuid4())
    mocked_change_password = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}.change_password")

    with pytest.raises(InvalidResetPasswordSignatureError):
        PasswordService.reset_password(reset_password_signature, new_password)

    assert mocked_change_password.call_count == 0

Exemplo n.º 6

Arquivo: test_password_service.py Projeto: SO1T/honey-money

def test_send_reset_password_link_failure(mocker):
    assert UserAccount.objects.count() == 0
    mocked_generate_reset_password_signature = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}._generate_reset_password_signature")
    mocked_send_notification = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}._send_notification")

    PasswordService.send_reset_password_link("*****@*****.**")

    assert mocked_generate_reset_password_signature.call_count == 0
    assert mocked_send_notification.call_count == 0

Exemplo n.º 7

Arquivo: test_password_service.py Projeto: SO1T/honey-money

def test_reset_password_signature_failure(mocker, settings, exception):
    new_password = "******"  # nosec
    reset_password_signature = "reset_password_signature"  # nosec
    mocker.patch("django.core.signing.TimestampSigner.unsign",
                 side_effect=exception("Some message"))
    settings.HONEY_MONEY_RESET_PASSWORD_EXPIRATION_DELTA = 42
    mocked_change_password = mocker.patch(
        f"{PASSWORD_SERVICE_PATH}.change_password")

    with pytest.raises(InvalidResetPasswordSignatureError):
        PasswordService.reset_password(reset_password_signature, new_password)

    assert mocked_change_password.call_count == 0

Exemplo n.º 8

Arquivo: test_password_service.py Projeto: SO1T/honey-money

def test_change_password(user_account):
    old_password = "******"  # nosec
    new_password = "******"  # nosec

    user = user_account()
    user.set_password(old_password)
    user.save(update_fields=("password", ))
    assert user.check_password(old_password)

    PasswordService.change_password(user, new_password)

    user.refresh_from_db()
    assert user.check_password(new_password)

Exemplo n.º 9

class ResetPasswordSerializer(serializers.Serializer):

    email = serializers.EmailField(max_length=128, write_only=True)

    def __init__(self, *args, **kwargs):
        super(ResetPasswordSerializer, self).__init__(*args, **kwargs)
        self.password_service = PasswordService()

    def save(self, **kwargs):
        email = self.validated_data["email"]
        self.password_service.send_reset_password_link(email)

    def create(self, validated_data):
        assert False, "Do not use update directly"

    def update(self, instance, validated_data):
        assert False, "Do not use update directly"

Exemplo n.º 10

class ChangePasswordSerializer(serializers.Serializer):

    old_password = serializers.CharField(max_length=128,
                                         write_only=True,
                                         style={"input_type": "password"})
    new_password = serializers.CharField(max_length=128,
                                         write_only=True,
                                         style={"input_type": "password"})

    def __init__(self, *args, **kwargs):
        super(ChangePasswordSerializer, self).__init__(*args, **kwargs)
        self.request = self.context.get("request")
        self.user = getattr(self.request, "user", None)
        self.password_service = PasswordService()

    def validate_old_password(self, old_password):
        try:
            self.password_service.check_password(self.user, old_password)
        except WrongPasswordError as e:
            raise serializers.ValidationError(e.message) from e
        return old_password

    def validate_new_password(self, new_password):
        try:
            self.password_service.validate_password(new_password,
                                                    user=self.user)
        except InvalidPasswordError as e:
            raise serializers.ValidationError(e.messages) from e
        return new_password

    def create(self, validated_data):
        assert False, "Do not use update directly"

    def update(self, instance, validated_data):
        assert False, "Do not use update directly"

    def save(self, **kwargs):
        self.password_service.change_password(
            self.user, self.validated_data["new_password"])

Exemplo n.º 11

 def __init__(self, *args, **kwargs):
     super(ResetPasswordSerializer, self).__init__(*args, **kwargs)
     self.password_service = PasswordService()

Exemplo n.º 12

 def __init__(self, *args, **kwargs):
     super(ChangePasswordSerializer, self).__init__(*args, **kwargs)
     self.request = self.context.get("request")
     self.user = getattr(self.request, "user", None)
     self.password_service = PasswordService()

Exemplo n.º 13

class RegistrationSerializer(serializers.ModelSerializer):
    email = serializers.EmailField(write_only=True, max_length=128)
    password = serializers.CharField(write_only=True, max_length=128)
    first_name = serializers.CharField(required=True, max_length=30)
    last_name = serializers.CharField(required=True, max_length=30)
    family_uuid = serializers.UUIDField(write_only=True,
                                        required=True,
                                        allow_null=True)
    family_name = serializers.CharField(write_only=True,
                                        required=False,
                                        allow_null=True)

    class Meta:
        model = UserAccount
        fields = ("email", "first_name", "last_name", "password",
                  "family_uuid", "family_name")

    def __init__(self, *args, **kwargs):
        super(RegistrationSerializer, self).__init__(*args, **kwargs)
        self.password_service = PasswordService()

    def validate_email(self, email):
        if UserAccount.objects.filter(email=email).exists():
            raise ValidationError(
                gettext("Could not create account with this email."))
        return super().validate(email)

    def validate_family_uuid(self, family_uuid):
        if family_uuid is not None and not Family.objects.filter(
                uuid=family_uuid).exists():
            raise ValidationError(
                gettext("Could not find family with that uuid"))
        return family_uuid

    def validate_password(self, new_password):
        try:
            self.password_service.validate_password(new_password)
        except InvalidPasswordError as e:
            raise serializers.ValidationError(e.messages) from e
        return new_password

    def save(self, **kwargs):
        self.instance = UserAccount.objects.create_user(
            self.validated_data.get("email"),
            self.validated_data.get("password"))
        self.instance.first_name = self.validated_data.get("first_name")
        self.instance.last_name = self.validated_data.get("last_name")
        family_uuid = self.validated_data.pop("family_uuid")
        if family_uuid is None:
            family = Family.create_family(
                name=self.validated_data.get(
                    "family_name", f"{self.instance.get_full_name()} Family"),
                creator=self.instance,
            )
        else:
            family = Family.objects.get(pk=family_uuid)
        self.instance.family = family
        raw_password = self.validated_data.get("password")
        self.instance.set_password(raw_password)
        self.instance.save()
        return self.instance

Exemplo n.º 14

Arquivo: test_password_service.py Projeto: SO1T/honey-money

def test_generate_reset_password_signature(user_account):
    user = user_account()
    expected_reset_password_signature = TimestampSigner().sign(user.pk)

    assert PasswordService._generate_reset_password_signature(
        user) == expected_reset_password_signature

Exemplo n.º 15

Arquivo: test_password_service.py Projeto: SO1T/honey-money

def test_validate_password(mocker):
    mocker.patch("django.contrib.auth.password_validation.validate_password",
                 side_effect=ValidationError("exception"))

    with pytest.raises(InvalidPasswordError):
        PasswordService.validate_password("SOME_PASSWORD")