def test_check_logged_user_props(self):
u = {
'type': 'admin',
'first_name': 'Admin',
'last_name': '1',
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
keys = ['_id', 'public_id', 'token', 'username', 'exp', 'login_time']
User().insert(u)
user = User().find({'username': '******'})
logged_user = Login().login(Auth('admin1', 'admin1'))
self.assertNotEqual(logged_user, None, 'Logged user obj not created')
self.assertIsInstance(logged_user.data, dict,
'User data is not a dict')
self.assertListEqual(list(logged_user.data.keys()), keys,
'Keys are not equal')
self.assertEqual(logged_user.data['public_id'], user.data['public_id'],
'Public id not equal')
self.assertEqual(logged_user.data['username'], user.data['username'],
'Username not equal')
def loop(self):
print("Are you an existing user? (y/n): ")
ans = input()
if ans.lower() != 'y':
print_header('Registration')
while not self.create_user():
pass
psuccess('User successfully created')
self.current_user = User()
tmp = sp.call('clear', shell=True)
f = Figlet(font='slant')
print(f.renderText('User Login'))
while True:
if self.login_user():
break
try:
while True:
print_header('User Interface')
for i in range(len(self.options)):
print('{}. {}'.format(i + 1, self.options[i]))
repeat_and_error(self.choose_options)()
print(self.curr_opt)
if self.curr_opt == len(self.options):
return
else:
self.functions[self.curr_opt - 1]()
except ValueError as e:
perror(e)
def post():
user = Login().get_username(request.headers['x-access-token'])
if user and User().is_admin(user):
data = validate_or_abort(UserSchema, request.get_json())
return response_by_success(User().insert(data))
return response_by_success(False)
def test_find_user(self):
u = {
'type': 'admin',
'first_name': 'Admin',
'last_name': '1',
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
keys = [
'_id', 'type', 'first_name', 'last_name', 'username', 'email',
'password', 'public_id', 'enabled', 'deleted'
]
User().insert(u)
user = User().find()
self.assertNotEqual(user, None, 'User obj not created')
self.assertIsInstance(user.data, dict, 'User data is not a dict')
self.assertListEqual(list(user.data.keys()), keys,
'Keys are not equal')
self.assertEqual(user.data['type'], u['type'], 'Type not equal')
self.assertEqual(user.data['first_name'], u['first_name'],
'first_name not equal')
self.assertEqual(user.data['last_name'], u['last_name'],
'last_name not equal')
self.assertEqual(user.data['username'], u['username'],
'username not equal')
self.assertEqual(user.data['email'], u['email'], 'email not equal')
def put():
user = Login().get_username(request.headers['x-access-token'])
if user and User().is_admin(user):
data = validate_or_abort(UserSchemaPut, request.get_json())
return response_by_success(User().update(
criteria={'email': data['email']}, data=data['data']))
return response_by_success(False)
def delete():
user = Login().get_username(request.headers['x-access-token'])
if user and User().is_admin(user):
data = validate_or_abort(UserSchemaDelete, request.get_json())
return response_by_success(
User().remove(criteria={'email': data['email']}),
is_remove=True)
return response_by_success(False)
def create_user(self):
try:
self.current_user = User()
query = self.current_user.create()
self.db.execute_query([query])
return True
except Exception as e:
perror('An error occurred')
inp = input('Press Enter to continue >> ')
def post():
user = Login().get_username(request.headers['x-access-token'])
if user and User().is_admin(user):
data = validate_or_abort(QuerySchema, request.get_json())
user = User().find(
criteria=data['query'],
projection=data['filter'] if 'filter' in data.keys() else {})
return parse_data(UserSchema, user.data)
return response_by_success(False)
def delete_account():
""" Handle POST /deleteAccount request, User account deletion function """
if globals.user is None:
return redirect(url_for('home_page'))
if request.method == 'POST':
if "password" in request.form:
User.delete(globals.user.name, request.form['password'],
globals.user)
globals.user = None
return redirect(url_for("home_page"))
return redirect(url_for("user_page"))
def register_page():
""" Handle GET /register and POST /register request, Register page function """
if globals.user is not None:
return redirect(url_for('user_page'))
error_messages = list()
if request.method == 'POST':
if 'username_input' and 'password_input' and 'password_confirm_input' in request.form:
if request.form['password_input'] == request.form[
'password_confirm_input']:
register = User.register(request.form['username_input'],
request.form['password_input'])
if isinstance(register, User):
globals.user = register
return redirect(url_for('user_page'))
else:
error_messages.append(register)
else:
error_messages.append(
"password confirmation must match password")
return render_template('register.html',
user=globals.user,
error_messages=error_messages)
def logout(self, username):
user = User().find({'username': username})
if not user.data:
return False
return self.remove({'username': username}, force=True)
def test_token(self):
u = {
'type': 'admin',
'first_name': 'Admin',
'last_name': '1',
'username': '******',
'email': '*****@*****.**',
'password': '******'
}
keys = ['_id', 'public_id', 'token', 'username', 'exp',
'login_time']
User().insert(u)
logged_user = Login().login(Auth('admin1', 'admin1'))
self.assertNotEqual(logged_user, None, 'Logged user obj not created')
self.assertIsInstance(logged_user.data, dict,
'User data is not a dict')
self.assertListEqual(list(logged_user.data.keys()), keys,
'Keys are not equal')
token = logged_user.data['token']
data = jwt.decode(token, JWT_ENC_KEY, algorithms=['HS256'])
self.assertEqual(logged_user.data['public_id'],
data['public_id'], 'Public id from token not equal')
def test_status(self):
Customer().set_customer(TESTING_DATABASE)
User().insert({
'type': 'admin',
'first_name': 'status',
'last_name': 'status',
'username': '******',
'email': 'status',
'password': '******'
})
logged_user = Login().login(Auth('status', 'status'))
self.headers = {
'Content-Type': 'application/json',
'x-access-token': logged_user.data['token']
}
response = self.app.get('/status', headers=self.headers)
self.assertEqual(response.status_code, 200, 'Status not found')
data = json.loads(response.data)
keys = ['is_up', 'data_usage', 'info']
self.assertEqual('docker' in data, True, 'Missing docker status')
self.assertEqual('mongo' in data, True, 'Missing mongo status')
for key in keys:
self.assertEqual(key in data['docker'], True,
key + ' missing in docker status')
self.assertEqual(key in data['mongo'], True,
key + ' missing in mongo status')
def get():
user = Login().get_username(request.headers['x-access-token'])
is_admin = User().is_admin(user)
return {
'mongo': MongoEngine().status(is_admin),
'docker': DockerEngine().status()
}, 200
def test_password_is_encrypted(self):
User().insert({
'type': 'admin',
'first_name': 'Admin',
'last_name': '1',
'username': '******',
'email': '*****@*****.**',
'password': '******'
})
f = Fernet(ENC_KEY)
user = User().find({'username': '******'})
self.assertNotEqual(f.decrypt(user.data['password'].encode()),
'admin1', 'Pass not encrypted')
self.assertEqual(
f.decrypt(user.data['password'].encode()).decode(), 'admin1',
'Pass decryption gone wrong')
def setUp(self):
Customer().set_customer(TESTING_DATABASE)
MongoEngine().drop_collection(TESTING_DATABASE, 'users')
User().insert({
'type': 'admin',
'first_name': 'admin',
'last_name': 'admin',
'username': '******',
'email': '*****@*****.**',
'password': '******'
})
def test_create_duplicated_customer(self):
User().insert({
'type': 'admin',
'first_name': 'Admin',
'last_name': '1',
'username': '******',
'email': '*****@*****.**',
'password': '******'
})
status = User().insert({
'type': 'admin',
'first_name': 'Admin',
'last_name': '1',
'username': '******',
'email': '*****@*****.**',
'password': '******'
})
self.assertEqual(status, False, 'Added duplicated user')
def test_create_users(self):
status = User().insert({
'type': 'admin',
'first_name': 'Admin',
'last_name': '1',
'username': '******',
'email': '*****@*****.**',
'password': '******'
})
self.assertEqual(status, True, 'User (admin) not added')
status2 = User().insert({
'type': 'regular',
'first_name': 'User',
'last_name': '1',
'username': '******',
'email': '*****@*****.**',
'password': '******'
})
self.assertEqual(status2, True, 'User (regular) not added')
def test_login_existing_user(self):
User().insert({
'type': 'admin',
'first_name': 'Admin',
'last_name': '1',
'username': '******',
'email': '*****@*****.**',
'password': '******'
})
logged_user = Login().login(Auth('admin1', 'admin1'))
self.assertNotEqual(logged_user, None, 'Existing user not logged in')
def __init__(self, db):
self.current_user = User()
self.db = db
self.options = [
'Discover Services',
'Book a Service',
'Cancel a Booking',
'Provide Feedback for Service',
'Provide Feedback for a Feature',
'Update your Profile',
'Find Nearby Features',
'Exit'
]
self.functions = [
self.discover,
self.do_a_booking,
self.cancel_booking,
self.give_service_feedback,
self.give_feature_feedback,
self.update_user,
self.nearby
]
self.curr_opt = 0
def signIn(username, password, mensaje, canvas):
try:
if username != '' and password != '':
res = mainSignIn(username, password)
if res:
changeMensaje(mensaje, "Logueado exitosamene", "green")
printMainFrame(canvas, User(res[0], res[1], username))
else:
changeMensaje(mensaje, "Ingrese sus datos correctamente", "red")
else:
changeMensaje(mensaje, "Rellene todos los campos", "red")
except Exception as e:
print(e)
changeMensaje(mensaje, "Error en la base de datos", "red")
def test_find_all_users(self):
User().insert({
'type': 'admin',
'first_name': 'Admin',
'last_name': '1',
'username': '******',
'email': '*****@*****.**',
'password': '******'
})
User().insert({
'type': 'regular',
'first_name': 'User',
'last_name': '1',
'username': '******',
'email': '*****@*****.**',
'password': '******'
})
users = User().find()
self.assertIsInstance(users.data, list, 'User data is not a list')
self.assertEqual(len(users.data), 2, 'There are more than 2 users')
def test_get_current_user(self):
User().insert({
'type': 'admin',
'first_name': 'admin',
'last_name': 'admin',
'username': '******',
'email': '*****@*****.**',
'password': '******'
})
response = self.app.get(self.path, headers=self.headers)
self.assertEqual(response.status_code, 200, 'User not found')
self.assertEqual(
json.loads(response.data)['username'], 'admin',
'Wrong current user')
def setUp(self):
Customer().set_customer(TESTING_DATABASE)
MongoEngine().drop_collection(TESTING_DATABASE, 'customers')
User().insert({
'type': 'admin',
'first_name': 'admin-user',
'last_name': 'admin-user',
'username': '******',
'email': 'admin-user',
'password': '******'
})
logged_user = Login().login(Auth('admin-user', 'admin-user'))
self.headers = {
'Content-Type': 'application/json',
'x-access-token': logged_user.data['token']
}
def update_user(self):
print_header("Update Profile")
newUser = User()
repeat_and_error(newUser.get_name)()
repeat_and_error(newUser.get_password)()
repeat_and_error(newUser.get_contact)()
query = ["UPDATE User SET username = '******' , password = '******' , " \
"contact_number = '{}' where user_id = {}".format(
newUser.username, newUser.password,
newUser.contact_number, self.current_user.user_id)]
res = self.db.execute_query(query)
if res:
self.current_user.username = newUser.username
self.current_user.password = newUser.password
self.current_user.contact_number = newUser.contact_number
inp = input('\nPress ENTER to continue >> ')
def login_page():
""" Handle GET /login and POST /login request, Login page function """
if globals.user is not None:
return redirect(url_for('user_page'))
error_messages = list()
if request.method == 'POST':
if 'username_input' and 'password_input' in request.form:
login = User.login(request.form['username_input'],
request.form['password_input'])
if not isinstance(login, User):
error_messages.append(login)
else:
globals.user = login
return redirect(url_for('user_page'))
return render_template('login.html',
user=globals.user,
error_messages=error_messages)
def __new__(cls, *args, **kwargs):
if not cls.engine:
cls.engine = super(TestingLogin, cls).__new__(cls, *args, **kwargs)
Customer().set_customer(TESTING_DATABASE)
MongoEngine().drop(TESTING_DATABASE)
User().insert({
'type': 'admin',
'first_name': 'admin',
'last_name': 'admin',
'username': '******',
'email': '*****@*****.**',
'password': '******'
})
logged_user = Login().login(Auth('admin', 'admin'))
cls.headers = {
'Content-Type': 'application/json',
'x-access-token': logged_user.data['token']
}
return cls.engine
def login(self, auth):
user = User().find({'username': auth.username})
if not user.data:
return False
f = Fernet(ENC_KEY)
if f.decrypt(user.data['password'].encode()).decode() == auth.password:
login_time = round(dt.datetime.utcnow().timestamp())
exp = dt.datetime.utcnow() + dt.timedelta(hours=12)
exp = round(exp.timestamp())
token = jwt.encode({
'public_id': user.data['public_id'],
'exp': exp
}, JWT_ENC_KEY)
existing = self.find({'username': auth.username})
if existing.data is None:
self.insert(data={
'public_id': user.data['public_id'],
'token': token.decode('UTF-8'),
'username': auth.username,
'exp': exp,
'login_time': login_time
})
else:
self.update(criteria={'username': auth.username}, data={
'public_id': user.data['public_id'],
'token': token.decode('UTF-8'),
'username': auth.username,
'exp': exp,
'login_time': login_time
})
return self.find({'public_id': user.data['public_id']})
return False
def test_login_and_logout(self):
Customer().set_customer(TESTING_DATABASE)
User().insert({
'type': 'admin',
'first_name': 'usertest',
'last_name': 'usertest',
'username': '******',
'email': '*****@*****.**',
'password': '******'
})
response = self.app.get(
'/login',
headers={"Authorization": "Basic dXNlcnRlc3Q6dXNlcnRlc3Q="})
self.assertEqual(response.status_code, 200)
data = json.loads(response.data)
self.assertNotEqual(data, "", 'There is no token')
headers = {
'Content-Type': 'application/json',
'x-access-token': data['token']
}
response = self.app.get('/logout', headers=headers)
self.assertEqual(response.status_code, 200, 'Logout failed')
def create_user(u, c):
if Customer().is_customer(c) is not None:
Customer().set_customer(c)
return User().insert(u)
return False
