def test_get(self):
        username = uuid.uuid4().hex
        password = uuid.uuid4().hex
        user = User.create(username, password)
        user_by_id = User.get(user.id)
        self.assertEqual(user_by_id.id, user.id)
        user_by_name = User.get(user.username)
        self.assertEqual(user_by_name.id, user.id)

        with self.assertRaises(TypeError):
            User.get(None)
    def test_get(self):
        username = uuid.uuid4().hex
        password = uuid.uuid4().hex
        user = User.create(username, password)
        user_by_id = User.get(user.id)
        self.assertEqual(user_by_id.id, user.id)
        user_by_name = User.get(user.username)
        self.assertEqual(user_by_name.id, user.id)

        with self.assertRaises(TypeError):
            User.get(None)
Exemplo n.º 3
0
    def validate_password(self, field):
        if self.dbuser is False:
            self.dbuser = User.get(request.form["username"])

        if self.dbuser:
            password = str(field.data)
            if self.dbuser.hash_password(password) != self.dbuser.password:
                raise ValidationError("invalid password")
Exemplo n.º 4
0
def load_user(user):
    """
    callback for :func:`flask_login.LoginManager.user_loader`

    When the user id is is not present in the session this function
    is used to load the user from the database directly.
    """
    return User.get(user)
Exemplo n.º 5
0
    def validate_password(self, field):
        if self.dbuser is False:
            self.dbuser = User.get(request.form["username"])

        if self.dbuser:
            password = str(field.data)
            if self.dbuser.hash_password(password) != self.dbuser.password:
                raise ValidationError("invalid password")
Exemplo n.º 6
0
def load_user(user):
    """
    callback for :func:`flask_login.LoginManager.user_loader`

    When the user id is is not present in the session this function
    is used to load the user from the database directly.
    """
    return User.get(user)
Exemplo n.º 7
0
def load_token(token):
    """
    callback for :func:`flask_login.LoginManager.token_loader`

    When a user is already loaded check the token provided to be sure
    the password matches and that the token has not expired.
    """
    # The token was encrypted using itsdangerous.URLSafeTimedSerializer which
    # allows us to have a max_age on the token itself.  When the cookie is
    # stored on the users computer it also has a expiry date, but could be
    # changed by the user, so this feature allows us to enforce the exipry
    # date of the token server side and not rely on the users cookie to expire.
    try:
        userid, password = login_serializer.loads(
            token,
            max_age=app.config["REMEMBER_COOKIE_DURATION"].total_seconds())
        user = User.get(userid)
        return user if user and user.password == password else None

    except BadTimeSignature:
        return None
Exemplo n.º 8
0
def login_page():
    """display and process the login for or action"""
    if request.method == "POST" and request.content_type == "application/json":
        user = User.get(request.json["username"])

        if user and user.check_password(request.json["password"]):
            login_user(user, remember=True)
            return jsonify(None)

        return jsonify(None), UNAUTHORIZED

    form = LoginForm(request.form)
    if request.method == "POST" and form.validate():
        login_user(form.dbuser, remember=True)
        return redirect(request.args.get("next") or "/")

    if request.content_type == "application/json":
        abort(BAD_REQUEST)

    return render_template("pyfarm/login.html", form=form,
                           next=request.args.get("next") or "/")
Exemplo n.º 9
0
def load_token(token):
    """
    callback for :func:`flask_login.LoginManager.token_loader`

    When a user is already loaded check the token provided to be sure
    the password matches and that the token has not expired.
    """
    # The token was encrypted using itsdangerous.URLSafeTimedSerializer which
    # allows us to have a max_age on the token itself.  When the cookie is
    # stored on the users computer it also has a expiry date, but could be
    # changed by the user, so this feature allows us to enforce the exipry
    # date of the token server side and not rely on the users cookie to expire.
    try:
        userid, password = login_serializer.loads(
            token,
            max_age=app.config["REMEMBER_COOKIE_DURATION"].total_seconds())
        user = User.get(userid)
        return user if user and user.password == password else None

    except BadTimeSignature:
        return None
Exemplo n.º 10
0
def login_page():
    """display and process the login for or action"""
    if request.method == "POST" and request.content_type == "application/json":
        user = User.get(request.json["username"])

        if user and user.check_password(request.json["password"]):
            login_user(user, remember=True)
            return jsonify(None)

        return jsonify(None), UNAUTHORIZED

    form = LoginForm(request.form)
    if request.method == "POST" and form.validate():
        login_user(form.dbuser, remember=True)
        return redirect(request.args.get("next") or "/")

    if request.content_type == "application/json":
        abort(BAD_REQUEST)

    return render_template("pyfarm/login.html",
                           form=form,
                           next=request.args.get("next") or "/")
Exemplo n.º 11
0
    def validate_username(self, field):
        if self.dbuser is False:
            self.dbuser = User.get(request.form["username"])

        if self.dbuser is None:
            raise ValidationError("invalid username")
Exemplo n.º 12
0
 def validate_username(self, field):
     user = User.get(request.form["username"])
     if user is not None:
         raise ValidationError("%s already exists" %
                               request.form["username"])
Exemplo n.º 13
0
    def validate_username(self, field):
        if self.dbuser is False:
            self.dbuser = User.get(request.form["username"])

        if self.dbuser is None:
            raise ValidationError("invalid username")
Exemplo n.º 14
0
 def validate_username(self, field):
     user = User.get(request.form["username"])
     if user is not None:
         raise ValidationError(
             "%s already exists" % request.form["username"])