def test_auth_passwordreset_reset(): """ password entered is less than 6 characters long """ server_data = Server_data() email = "*****@*****.**" auth_register(server_data, email, "abcde123", "Jay", "Chen") # get the user's full information by email # reset code should be empty user_full = server_data.get_user_by_email(email) old_password = user_full.password assert user_full.reset_code == "" # request to set a new password, will get a reset_code # after request send, user receive a secret reset_code auth_passwordreset_request(server_data, email) reset_code = user_full.reset_code assert reset_code != "" # reset the password by using valid code auth_passwordreset_reset(server_data, reset_code, "1234abc") # check if the password has change to the new one new_password = user_full.password assert new_password != old_password
def test_auth_passwordreset_reset_success_whitebox(): clear() auth_register('*****@*****.**', 'password23s', 'Box', 'White') for user in data.users: if user.email == '*****@*****.**': user.secret_key = '2Djk8' auth_passwordreset_reset('2Djk8', 'New_3dpassword')
def test_auth_passwordreset_reset_success(): clear() auth_register('*****@*****.**', 'password', 'Madeline', 'Younes') auth_passwordreset_request('*****@*****.**') for user in data.users: if user.email == '*****@*****.**': reset_code = user.secret_key auth_passwordreset_reset(reset_code, 'New_3dpassword')
def auth_passwordreset_reset(): ''' Route that takes in the reset_code and new_password, checks both parameters are valid and then resets the password for the user. ''' payload = request.get_json() reset_code = payload['reset_code'] new_password = payload['new_password'] auth.auth_passwordreset_reset(reset_code, new_password) return dumps({})
def test_exception_auth_passwordreset_reset(): clear() user_dict = auth_register("*****@*****.**", "password", "Nate", "Drake") user_token = user_dict["token"] auth_logout(user_token) with pytest.raises(InputError): auth_passwordreset_reset("99", "password")
def reset_password(): ''' A route to reset a user's password ''' payload = request.get_json() if not payload['reset_code'] or not payload['new_password']: raise RequestError(description="Missing data in request body") auth_passwordreset_reset(payload['reset_code'], payload['new_password']) return dumps({})
def test_auth_passwordreset_reset_invalid_reset_code(): ''' This is a test to ensure that the test fails due to the user inputting an invalid reset_code. ''' other.clear() auth_register("*****@*****.**", "abcd1081$#", "John", "Smith") auth_passwordreset_request("*****@*****.**") with pytest.raises(InputError): auth_passwordreset_reset(10, "abcd1234$")
def test_auth_passwordreset_reset_invalid_reset_code_manyuser(): clear() auth_register('*****@*****.**', 'password1', 'Test1', 'User') auth_register('*****@*****.**', 'password2', 'Test2', 'User') auth_register('*****@*****.**', 'password3', 'Test3', 'User') auth_register('*****@*****.**', 'password4', 'Test4', 'User') auth_register('*****@*****.**', 'password5', 'Test5', 'User') auth_passwordreset_request('*****@*****.**') auth_passwordreset_request('*****@*****.**') auth_passwordreset_request('*****@*****.**') with pytest.raises(InputError): auth_passwordreset_reset('incorrect_code', 'newpassword')
def test_incorrect_code_unsuccessful_reset(): """ Tests unsuccessful uses of passwordreset_reset, focusing on incorrect codes """ user1 = auth.auth_register('*****@*****.**', 'grobin?', 'Whedon', 'Gad') auth.auth_logout(user1['token']) auth.auth_passwordreset_request('*****@*****.**') with pytest.raises(InputError): assert auth.auth_passwordreset_reset('invalid_code', 'plsdontwork') assert auth.auth_passwordreset_reset('another_invalid_code', 'good night') other.clear()
def test_auth_password_reset_test(): clear() #resgistering user to test auth_register('*****@*****.**', '123abc!@#', 'Hayden', 'Everest', None) #requesting a password reset auth_passwordreset_request('*****@*****.**') for user in users: if user['u_id'] == 1: reset_code = user['reset_code'] break with pytest.raises(InputError): #raise error if incorrect code auth_passwordreset_reset('12345', 'Agoodpassowrd') #raise error if bad bassword auth_passwordreset_reset(reset_code, 'bad') #raise error if both incorrect auth_passwordreset_reset('12345', 'bad') #test correct inputs change passowrd auth_passwordreset_reset(reset_code, 'Agoodpassowrd') for user in users: if user['u_id'] == 1: assert user['password'] == hashlib.sha256( 'Agoodpassowrd'.encode()).hexdigest() break
def test_password_reset_invalid_reset_code(): '''reset_code is not a valid reset code''' clear() # Valid information has been summitted to register from the first user auth_register("*****@*****.**", "ihfeh3hgi00d", "Yilang", "W") # Vadid information has been summitted to register from the second user auth_register("*****@*****.**", "VukkFs", "Bill", "Gates") # Vadid information has been summitted to register from the third user auth_register("*****@*****.**", "RFVtgb45678", "M", "Johnson") # User 2 send a password reset request auth_passwordreset_request("*****@*****.**") # User 2 change the password with reset_code that has only 4 digits with pytest.raises(InputError): auth_passwordreset_reset(str(1234), "Qwerty567")
def test_invalid_new_password_unsuccessful_reset(): """ Tests unsuccessful uses of passwordreset_reset, focusing on invalid new passwords """ user1 = auth.auth_register('*****@*****.**', 'password', 'first', 'last') auth.auth_logout(user1['token']) auth.auth_passwordreset_request('*****@*****.**') time.sleep(2) code = get_code_from_email() with pytest.raises(InputError): assert auth.auth_passwordreset_reset(code, '') assert auth.auth_passwordreset_reset(code, '12345') other.clear()
def test_password_reset_wrong_reset_code1(): '''reset_code is not a valid reset code''' clear() # Valid information has been summitted to register from the first user auth_register("*****@*****.**", "ihfeh3hgi00d", "Yilang", "W") # Vadid information has been summitted to register from the second user auth_register("*****@*****.**", "VukkFs", "Bill", "Gates") # Vadid information has been summitted to register from the third user auth_register("*****@*****.**", "RFVtgb45678", "M", "Johnson") # User 2 send a password reset request auth_passwordreset_request("*****@*****.**") # User 2 change the password with wrong reset_code reset_code = data['users'][2]['reset_code'] with pytest.raises(InputError): auth_passwordreset_reset(reset_code, "Qwer7")
def test_password_reset_valid1(): '''Valid password reset by a member of flockr''' clear() # Valid information has been summitted to register from the first user auth_register("*****@*****.**", "ihfeh3hgi00d", "Yilang", "W") # Vadid information has been summitted to register from the second user auth_register("*****@*****.**", "VukkFs", "Bill", "Gates") # Vadid information has been summitted to register from the third user auth_register("*****@*****.**", "RFVtgb45678", "M", "Johnson") # User 2 send a password reset request auth_passwordreset_request("*****@*****.**") # User 2 change the password reset_code = data['users'][2]['reset_code'] auth_passwordreset_reset(reset_code, "Qwerty567") assert data['users'][2]['password'] == password_encode("Qwerty567")
def reset_reset(): """ Resets user's password using http """ data = request.get_json() code = data['reset_code'] password = data['new_password'] return auth.auth_passwordreset_reset(code, password)
def test_password_reset_invalid_password(): """ Trigger input error for invalid password. """ registered_email = "*****@*****.**" reset_string = jwt.encode({'email': registered_email}, 'changepassword', algorithm='HS256') with pytest.raises(InputError): assert auth_passwordreset_reset(reset_string, "p")
def test_auth_passwordreset_reset_invalid_new_password(): ''' This is a test to ensure that the test fails as a result of the new_password field not meeting the requirements for a valid password. ''' other.clear() test_user = auth_register("*****@*****.**", "abcd1081$#", "John", "Smith") #auth_passwordreset_request("*****@*****.**") # call a function to randomly generate the reset_code auth_passwordreset_request("*****@*****.**") code = '' for reset_code in data.reset_codes: if test_user['u_id'] == reset_code['u_id']: code = reset_code['reset_code'] with pytest.raises(InputError): new_password = "******" auth_passwordreset_reset(code, new_password)
def test_auth_passwordreset_reset_success_case(): ''' This test will be used to check whether or not the user receives the error_code that was sent out. (This test might be redundant). ''' other.clear() test_user = auth_register("*****@*****.**", "abcd1081$#", "John", "Smith") auth_passwordreset_request("*****@*****.**") code = '' for reset_code in data.reset_codes: if test_user['u_id'] == reset_code['u_id']: code = reset_code['reset_code'] auth_passwordreset_reset(code, "wxyz1081$#") auth_logout(test_user['token']) auth_login("*****@*****.**", "wxyz1081$#")
def test_reset_password_short(): """ password entered is less than 6 characters long """ server_data = Server_data() email = "*****@*****.**" auth_register(server_data, email, "abcde123", "Jay", "Chen") # get the user's full information by email # reset code should be empty user_full = server_data.get_user_by_email(email) assert user_full.reset_code == "" # request to set a new password, will get a reset_code # after request send, user receive a secret reset_code auth_passwordreset_request(server_data, email) reset_code = user_full.reset_code assert reset_code != "" with pytest.raises(InputError): auth_passwordreset_reset(server_data, reset_code, "abc")
def test_auth_passwordreset_reset_another_user(): ''' Test if another user can also reset their password ''' other.clear() auth_register("*****@*****.**", "abcd1081$#", "John", "Smith") user2 = auth_register("*****@*****.**", "abcd1081$", "Will", "Smith") auth_passwordreset_request("*****@*****.**") auth_passwordreset_request("*****@*****.**") code = '' for reset_code in data.reset_codes: if user2['u_id'] == reset_code['u_id']: code = reset_code['reset_code'] auth_passwordreset_reset(code, "wxyz1081$#") auth_logout(user2['token']) auth_login("*****@*****.**", "wxyz1081$#")
def test_password_reset(): """ Check if password reset works for valid inputs. """ registered_email = "*****@*****.**" return_1 = auth_passwordreset_request(registered_email) # String sent reset_string = jwt.encode({'email': registered_email}, 'changepassword', algorithm='HS256') new_password = "******" return_2 = auth_passwordreset_reset(reset_string, new_password) assert return_1 == {} and return_2 == {}
def test_successful_passwordreset_reset(): user1 = auth.auth_register('*****@*****.**', 'thistooksolong', 'one', 'hundred') auth.auth_logout(user1['token']) auth.auth_passwordreset_request('*****@*****.**') time.sleep(2) code = get_code_from_email() assert auth.auth_passwordreset_reset(code, 'new_password') == {} with pytest.raises(InputError): assert auth.auth_login('*****@*****.**', 'thistooksolong') user2 = auth.auth_login('*****@*****.**', 'new_password') assert user1['u_id'] == user2['u_id'] other.clear()
def test_auth_passwordreset_reset_password_not_valid(): clear() email = "*****@*****.**" auth_register(email, 'weiqiangpass1', 'Weiqiang1', 'Zhuang1') auth_passwordreset_request(email) reset_code = '' for user in USER_DATA: if user['email'] == email: reset_code = user['reset_code'] break new_pwd = "123" with pytest.raises(InputError): assert auth_passwordreset_reset(reset_code, new_pwd)
def http_auth_passwordreset_reset(): """ http_auth_passwordreset_request Given a user's email address, create a secret code for reseting the password and send to his/her email address. Input: - (JSON) {reset_code, new_password} Output: - (JSON) {} """ # Get input and server data input_data = request.get_json() server_data = get_server_data_obj() output_data = auth_passwordreset_reset(server_data, input_data["reset_code"], input_data["new_password"]) return dumps(output_data)
def test_auth_passwordreset_reset_code_not_valid(): clear() with pytest.raises(InputError): assert auth_passwordreset_reset("invalid_code", "newpassword2")
def test_auth_passwordreset_reset_invalid_password(): clear() with pytest.raises(InputError): auth_passwordreset_reset('correct_code', 'z.n')
def test_password_reset_invalid_reset_code(): """ Trigger input error for invalid reset code. """ with pytest.raises(InputError): assert auth_passwordreset_reset("aslkmdklsamdlka", "password")
def test_auth_passwordreset_reset_invalid_reset_code(): clear() with pytest.raises(InputError): auth_passwordreset_reset('incorrect_code', 'newpassword')
def password_reset(): reset_code = request.form.get('reset_code') new_password = request.form.get('new_password') auth.auth_passwordreset_reset(reset_code, new_password) return dumps({})
def auth_passwordreset_reset_http(): data = request.get_json() return_dict = auth_passwordreset_reset(data["reset_code"], data["new_password"]) return dumps(return_dict)