Exemplo n.º 1
0
    def test_user_can_reset_password(self):
        url = reverse("password_new")
        beverly = UserFactory(username="******")
        beverly.set_password("jack")
        beverly.save()

        mismatch_password_data = {
            "uid": urlsafe_base64_encode(force_bytes(beverly.pk)).decode(),
            "token": default_token_generator.make_token(beverly),
            "password": encode_string("wesley"),
            "confirm_password": encode_string("WESLEY")
        }
        response = self.client.post(url, mismatch_password_data, format='json')
        self.assertEqual(response.status_code, 400)
        self.assertFalse(User.objects.get(username='******').check_password('wesley'))

        bad_uid_data = {
            "uid": urlsafe_base64_encode(force_bytes(UserFactory().pk)).decode(),
            "token": default_token_generator.make_token(beverly),
            "password": encode_string("wesley"),
            "confirm_password": encode_string("wesley")
        }
        response = self.client.post(url, bad_uid_data, format='json')
        self.assertEqual(response.status_code, 400)
        self.assertFalse(User.objects.get(username='******').check_password('wesley'))

        good_data = {
            "uid": urlsafe_base64_encode(force_bytes(beverly.pk)).decode(),
            "token": default_token_generator.make_token(beverly),
            "password": encode_string("wesley"),
            "confirm_password": encode_string("wesley")
        }
        self.assertSchemaPost(url, "$setPasswordRequest", "$userResponse", good_data, None, status_OK=True)
        self.assertTrue(User.objects.get(username='******').check_password('wesley'))
Exemplo n.º 2
0
    def test_user_can_change_password(self):
        felicia = UserFactory(username='******')
        felicia.set_password('password')
        felicia.save()
        url = reverse("password_change")

        data = {
            "old_password": base64.encodestring("password"),
            "password": base64.encodestring("felicia"),
            "confirm_password": base64.encodestring("felicia")
        }
        # Unauthenticated user can't change password
        self.assertSchemaPatch(url,
                               "$changePasswordRequest",
                               "$changePasswordResponse",
                               data,
                               None,
                               unauthorized=True)
        self.assertFalse(
            User.objects.get(pk=felicia.pk).check_password("felicia"))

        # User can't change password if the old / current password is incorrect
        bad_data = {
            "old_password": base64.encodestring("wrong_password"),
            "password": base64.encodestring("felicia"),
            "confirm_password": base64.encodestring("felicia")
        }
        self.assertSchemaPatch(url,
                               "$changePasswordRequest",
                               "$changePasswordResponse",
                               bad_data,
                               felicia,
                               unauthorized=True)
        self.assertFalse(
            User.objects.get(pk=felicia.pk).check_password("felicia"))

        # User can't change password if the two new passwords don't match
        mismatch_password_data = {
            "old_password": base64.encodestring("password"),
            "password": base64.encodestring("felicia"),
            "confirm_password": base64.encodestring("FELICIA")
        }
        self.add_credentials(felicia)
        response = self.client.patch(url,
                                     mismatch_password_data,
                                     format='json')
        self.assertEqual(response.status_code, 400)
        self.assertFalse(
            User.objects.get(pk=felicia.pk).check_password("felicia"))

        # User can change their own password
        self.assertSchemaPatch(url, "$changePasswordRequest",
                               "$changePasswordResponse", data, felicia)
        self.assertTrue(
            User.objects.get(pk=felicia.pk).check_password("felicia"))
Exemplo n.º 3
0
    def test_user_can_reset_password(self):
        url = reverse("password_new")
        beverly = UserFactory(username="******")
        beverly.set_password("jack")
        beverly.save()

        mismatch_password_data = {
            "uid": urlsafe_base64_encode(force_bytes(beverly.pk)).decode(),
            "token": default_token_generator.make_token(beverly),
            "password": encode_string("wesley"),
            "confirm_password": encode_string("WESLEY")
        }
        response = self.client.post(url, mismatch_password_data, format='json')
        self.assertEqual(response.status_code, 400)
        self.assertFalse(
            User.objects.get(username='******').check_password('wesley'))

        bad_uid_data = {
            "uid":
            urlsafe_base64_encode(force_bytes(UserFactory().pk)).decode(),
            "token": default_token_generator.make_token(beverly),
            "password": encode_string("wesley"),
            "confirm_password": encode_string("wesley")
        }
        response = self.client.post(url, bad_uid_data, format='json')
        self.assertEqual(response.status_code, 400)
        self.assertFalse(
            User.objects.get(username='******').check_password('wesley'))

        good_data = {
            "uid": urlsafe_base64_encode(force_bytes(beverly.pk)).decode(),
            "token": default_token_generator.make_token(beverly),
            "password": encode_string("wesley"),
            "confirm_password": encode_string("wesley")
        }
        self.assertSchemaPost(url,
                              "$setPasswordRequest",
                              "$userResponse",
                              good_data,
                              None,
                              status_OK=True)
        self.assertTrue(
            User.objects.get(username='******').check_password('wesley'))
Exemplo n.º 4
0
    def test_user_can_change_password(self):
        felicia = UserFactory(username='******')
        felicia.set_password('password')
        felicia.save()
        url = reverse("password_change")

        data = {
            "old_password": encode_string("password"),
            "password": encode_string("felicia"),
            "confirm_password": encode_string("felicia")
        }
        # Unauthenticated user can't change password
        self.assertSchemaPatch(url, "$changePasswordRequest", "$changePasswordResponse", data, None, unauthorized=True)
        self.assertFalse(User.objects.get(pk=felicia.pk).check_password("felicia"))

        # User can't change password if the old / current password is incorrect
        bad_data = {
            "old_password": encode_string("wrong_password"),
            "password": encode_string("felicia"),
            "confirm_password": encode_string("felicia")
        }
        self.assertSchemaPatch(url, "$changePasswordRequest", "$changePasswordResponse", bad_data, felicia,
                               unauthorized=True)
        self.assertFalse(User.objects.get(pk=felicia.pk).check_password("felicia"))

        # User can't change password if the two new passwords don't match
        mismatch_password_data = {
            "old_password": encode_string("password"),
            "password": encode_string("felicia"),
            "confirm_password": encode_string("FELICIA")
        }
        self.add_credentials(felicia)
        response = self.client.patch(url, mismatch_password_data, format='json')
        self.assertEqual(response.status_code, 400)
        self.assertFalse(User.objects.get(pk=felicia.pk).check_password("felicia"))

        # User can change their own password
        self.assertSchemaPatch(url, "$changePasswordRequest", "$changePasswordResponse", data, felicia)
        self.assertTrue(User.objects.get(pk=felicia.pk).check_password("felicia"))