def post(self):
parser = reqparse.RequestParser()
parser.add_argument("username",
required=True,
location='headers',
help="Username is required")
parser.add_argument("password",
required=True,
location='headers',
help="Password is required")
args = parser.parse_args()
username = args["username"]
password = args["password"]
try:
user = User.get_by_username(username)
if not user.check_password(password):
raise ValueError
except ValueError:
return error("Username and/or password is incorrect.", 401)
sess = Session.new_session(username)
db.session.add(sess)
db.session.commit()
return sess.json(), 200
def get(self, id):
try:
user = User.get_by_id(id)
except AttributeError as e:
return error(e, 400)
except ValueError as e:
return error(e, 404)
return user.json()
def test_new_user():
username = "******"
password = "******"
role = "admin"
user = User.new_user(username, password, role)
assert user.username == "test-new"
assert user.check_password(password)
assert user.json()["username"] == username
assert user.role == role
def test_user_backref(setup):
username = "******"
session = Session.new_session(username)
setup.session.add(session)
setup.session.commit()
user = User.get_by_username(username)
ids = [session.id for session in user.sessions]
assert session.id in ids
def new_employee(id, name, gender, tel, level=0) -> "Employee":
# Test that employee id exists in user table
user = User.get_by_id(id)
return Employee(
id=id,
name=name,
gender=gender,
tel=tel,
level=level,
# stat = stat
)
def post(self):
args = self.parser.parse_args()
username = args["username"]
password = args["password"]
role = args["role"]
if role == None:
role = "customer"
if username == None or password == None:
return error("Request must contain username and password.", 400)
if not User.username_available(username):
return error(f"Username '{username}' has been taken.", 400)
try:
user = User.new_user(username, password, role)
db.session.add(user)
db.session.commit()
return user.json(), 201
except Exception as e:
return error(str(e), 400)
from uuid import uuid4
import itertools
from backend.session.model import User
from backend.generator_utils import fake
def generate_user(ids, first_username, password, role):
for i, current_id in enumerate(ids):
if i == 0:
yield (current_id, first_username, password, role)
else:
yield (current_id, fake.user_name(), password, role)
admin_ids = [str(uuid4()) for i in range(1)]
customer_ids = [str(uuid4()) for i in range(20)]
employee_ids = [str(uuid4()) for i in range(10)]
users = itertools.chain(
generate_user(admin_ids, "admin", "pass", "admin"),
generate_user(customer_ids, "customer", "pass", "customer"),
generate_user(employee_ids, "employee", "pass", "employee"),
)
UsersGenerator = (User.new_user_with_id(id, name, pwd, role)
for id, name, pwd, role in users)
def test_salt():
a = User.new_user("a", "pass")
b = User.new_user("b", "pass")
assert a.hash != b.hash