def test_forgot_my_password_invalid_recover(
client: FlaskClient,
captured_templates,
):
user = conftest.create_student_user(index=1)
conftest.reset_client_password(client, user.mail_address)
template, _ = captured_templates[-1]
assert template.name == "login.html"
token = generate_user_token(user)
unknown_id_recover_response = conftest.recover_client_password(
client,
user.id + 1,
token,
'different pass',
'different pass',
)
assert unknown_id_recover_response.status_code == 404
conftest.recover_client_password(
client,
user.id,
token,
'wrong pass',
'different pass',
)
template, _ = captured_templates[-1]
assert template.name == "recover-password.html"
def test_forgot_my_password(client: FlaskClient, captured_templates):
user = conftest.create_student_user(index=1)
conftest.reset_client_password(client, user.mail_address)
template, _ = captured_templates[-1]
assert template.name == "login.html"
token = generate_user_token(user)
conftest.recover_client_password(
client,
user.id,
token,
'new pass',
'new pass',
)
template, _ = captured_templates[-1]
assert template.name == "login.html"
second_try_response = conftest.recover_client_password(
client,
user.id,
token,
'new pass1',
'new pass1',
)
assert second_try_response.status_code == 404
conftest.login_client_user(client, user.username, 'fake pass')
template, _ = captured_templates[-1]
assert template.name == 'login.html'
conftest.login_client_user(client, user.username, 'new pass')
template, _ = captured_templates[-1]
assert template.name == 'exercises.html'
def test_expired_token(client: FlaskClient):
conftest.signup_client_user(
client, '*****@*****.**', 'some_user',
'some_name', 'some_password', 'some_password',
)
user = User.get_or_none(User.username == 'some_user')
token = generate_user_token(user)
fake_time = time.time() + CONFIRMATION_TIME + 1
with patch('time.time', Mock(return_value=fake_time)):
client.get(
f'/confirm-email/{user.id}/{token}', follow_redirects=True,
)
conftest.login_client_user(client, 'some_user', 'some_password')
fail_login_response = client.get('/exercises')
assert fail_login_response.status_code == 302
token = generate_user_token(user)
client.get(
f'/confirm-email/{user.id}/{token}', follow_redirects=True,
)
conftest.login_client_user(client, 'some_user', 'some_password')
success_login_response = client.get('/exercises')
assert success_login_response.status_code == 200
def test_use_token_twice(client: FlaskClient):
conftest.signup_client_user(
client, '*****@*****.**', 'some_user',
'some_name', 'some_password', 'some_password',
)
user = User.get_or_none(User.username == 'some_user')
token = generate_user_token(user)
success_token_response = client.get(
f'/confirm-email/{user.id}/{token}', follow_redirects=True,
)
assert success_token_response.status_code == 200
fail_token_response = client.get(
f'/confirm-email/{user.id}/{token}', follow_redirects=True,
)
assert fail_token_response.status_code == 403
def test_successful_registration(client: FlaskClient, captured_templates):
conftest.signup_client_user(
client, '*****@*****.**', 'some_user',
'some_name', 'some_password', 'some_password',
)
template, _ = captured_templates[-1]
assert template.name == 'login.html'
conftest.login_client_user(client, 'some_user', 'some_password')
fail_login_response = client.get('/exercises')
assert fail_login_response.status_code == 302
user = User.get_or_none(User.username == 'some_user')
token = generate_user_token(user)
client.get(f'/confirm-email/{user.id}/{token}', follow_redirects=True)
conftest.login_client_user(client, 'some_user', 'some_password')
success_login_response = client.get('/exercises')
assert success_login_response.status_code == 200
def send_reset_password_mail(user: User) -> Message:
token = generate_user_token(user)
subject = _(
'Reset password mail - %(site_name)s',
site_name=config.SITE_NAME,
)
msg = Message(subject, recipients=[user.mail_address])
link = url_for(
'recover_password',
user_id=user.id,
token=token,
_external=True,
)
msg.body = _(
'Hello %(fullname)s,\nYour reset password link is: %(link)s',
fullname=user.fullname,
link=link,
)
return msg
def send_confirmation_mail(user: User) -> Message:
token = generate_user_token(user)
subject = _(
'Confirmation mail - %(site_name)s',
site_name=config.SITE_NAME,
)
msg = Message(subject, recipients=[user.mail_address])
link = url_for(
'confirm_email',
user_id=user.id,
token=token,
_external=True,
)
msg.body = _(
'Hello %(fullname)s,\nYour confirmation link is: %(link)s',
fullname=user.fullname,
link=link,
)
return msg
def test_expired_token(client: FlaskClient):
user = conftest.create_student_user(index=1)
conftest.reset_client_password(client, user.mail_address)
token = generate_user_token(user)
fake_time = time.time() + CONFIRMATION_TIME + 1
with patch('time.time', Mock(return_value=fake_time)):
conftest.recover_client_password(
client,
user.id,
token,
'new pass1',
'new pass1',
)
conftest.login_client_user(client, user.username, 'new pass1')
fail_login_response = client.get('/exercises')
assert fail_login_response.status_code == 302
conftest.login_client_user(client, user.username, 'fake pass')
fail_login_response = client.get('/exercises')
assert fail_login_response.status_code == 200