async def test_delete_user(tmpcwd, app): auth = NativeAuthenticator(db=app.db) auth.create_user('johnsnow', 'password') user = type('User', (), {'name': 'johnsnow'}) auth.delete_user(user) user_info = UserInfo.find(app.db, 'johnsnow') assert not user_info
async def test_get_user(tmpcwd, app): auth = NativeAuthenticator(db=app.db) auth.create_user('johnsnow', 'password') # Getting existing user is successful. assert auth.get_user('johnsnow') != None # Getting non-existing user fails. assert auth.get_user('samwelltarly') == None
async def test_delete_user(tmpcwd, app): auth = NativeAuthenticator(db=app.db) auth.get_or_create_user('johnsnow', 'password') user = User.find(app.db, 'johnsnow') auth.delete_user(user) user_info = UserInfo.find(app.db, 'johnsnow') assert not user_info
async def test_create_user(is_admin, open_signup, expected_authorization, tmpcwd, app): """Test method create_user for new user and authorization""" auth = NativeAuthenticator(db=app.db) if is_admin: auth.admin_users = {"johnsnow"} if open_signup: auth.open_signup = True auth.create_user("johnsnow", "password") user_info = UserInfo.find(app.db, "johnsnow") assert user_info.username == "johnsnow" assert user_info.is_authorized == expected_authorization
async def test_create_user(is_admin, open_signup, expected_authorization, tmpcwd, app): '''Test method create_user for new user and authorization ''' auth = NativeAuthenticator(db=app.db) if is_admin: auth.admin_users = ({'johnsnow'}) if open_signup: auth.open_signup = True auth.create_user('johnsnow', 'password') user_info = UserInfo.find(app.db, 'johnsnow') assert user_info.username == 'johnsnow' assert user_info.is_authorized == expected_authorization
async def test_approval_url(app): auth = NativeAuthenticator(db=app.db) auth.allow_self_approval_for = ".*@example.com$" auth.secret_key = "very long and kind-of random asdgaisgfjbafksdgasg" auth.setup_self_approval() # confirm that a forged slug cannot be used with pytest.raises(ValueError): EmailAuthorizationHandler.validate_slug("foo", auth.secret_key) # confirm that an expired URL cannot be used expiration = datetime.datetime.now(tz.utc) - datetime.timedelta(days=2) url = auth.generate_approval_url("somebody", when=expiration) slug = url.split("/")[-1] with pytest.raises(ValueError): EmailAuthorizationHandler.validate_slug(slug, auth.secret_key) # confirm that a non-expired, correctly signed URL can be used expiration = datetime.datetime.now(tz.utc) + datetime.timedelta(days=2) url = auth.generate_approval_url("somebody", when=expiration) slug = url.split("/")[-1] out = EmailAuthorizationHandler.validate_slug(slug, auth.secret_key) assert out["username"] == "somebody" assert out["expire"] == expiration
async def test_authentication_with_exceed_atempts_of_login(tmpcwd, app): auth = NativeAuthenticator(db=app.db) auth.allowed_failed_logins = 3 auth.secs_before_next_try = 10 infos = {"username": "******", "password": "******"} auth.create_user(infos["username"], "password") UserInfo.change_authorization(app.db, "johnsnow") for i in range(3): response = await auth.authenticate(app, infos) assert not response infos["password"] = "******" response = await auth.authenticate(app, infos) assert not response time.sleep(12) response = await auth.authenticate(app, infos) assert response
async def test_authentication_with_exceed_atempts_of_login(tmpcwd, app): auth = NativeAuthenticator(db=app.db) auth.allowed_failed_logins = 3 auth.secs_before_next_try = 10 infos = {'username': '******', 'password': '******'} auth.create_user(infos['username'], 'password') UserInfo.change_authorization(app.db, 'johnsnow') for i in range(3): response = await auth.authenticate(app, infos) assert not response infos['password'] = '******' response = await auth.authenticate(app, infos) assert not response time.sleep(12) response = await auth.authenticate(app, infos) assert response
async def test_handlers(app): '''Test if all handlers are available on the Authenticator''' auth = NativeAuthenticator(db=app.db) handlers = auth.get_handlers(app) assert handlers[1][0] == '/signup' assert handlers[2][0] == '/authorize'
async def test_create_user(tmpcwd, app): '''Test if method get_or_create_user creates a new user''' auth = NativeAuthenticator(db=app.db) auth.get_or_create_user('John Snow', 'password') user_info = UserInfo.find(app.db, 'John Snow') assert user_info.username == 'John Snow'
async def test_get_unauthed_amount(tmpcwd, app): """Test if get_unauthed_amount returns the proper amount.""" auth = NativeAuthenticator(db=app.db) auth.admin_users = set() assert auth.get_unauthed_amount() == 0 auth.create_user("johnsnow", "password") assert auth.get_unauthed_amount() == 1 UserInfo.change_authorization(app.db, "johnsnow") assert auth.get_unauthed_amount() == 0 auth.create_user("daenerystargaryen", "anotherpassword") assert auth.get_unauthed_amount() == 1 auth.create_user("tyrionlannister", "yetanotherpassword") assert auth.get_unauthed_amount() == 2 auth.admin_users = set({"daenerystargaryen"}) assert auth.get_unauthed_amount() == 1
async def test_get_authed_users(tmpcwd, app): """Test if get_authed_users returns the proper set of users.""" auth = NativeAuthenticator(db=app.db) auth.admin_users = set() assert auth.get_authed_users() == set() auth.create_user("johnsnow", "password") assert auth.get_authed_users() == set() UserInfo.change_authorization(app.db, "johnsnow") assert auth.get_authed_users() == set({"johnsnow"}) auth.create_user("daenerystargaryen", "anotherpassword") assert auth.get_authed_users() == set({"johnsnow"}) auth.admin_users = set({"daenerystargaryen"}) assert "johnsnow" in auth.get_authed_users() assert "daenerystargaryen" in auth.get_authed_users()
async def test_create_user_bad_characters(tmpcwd, app): """Test method create_user with bad characters on username""" auth = NativeAuthenticator(db=app.db) assert not auth.create_user("john snow", "password") assert not auth.create_user("john,snow", "password")
async def test_no_change_to_bad_password(tmpcwd, app): """Test that changing password doesn't bypass password requirements""" auth = NativeAuthenticator(db=app.db) auth.check_common_password = True auth.minimum_password_length = 8 auth.create_user("johnsnow", "ironwood") # Can't change password of nonexistent users. assert auth.change_password("samwelltarly", "palanquin") is None assert auth.get_user("johnsnow").is_valid_password("ironwood") # Can't change password to something too short. assert auth.change_password("johnsnow", "mummer") is None assert auth.get_user("johnsnow").is_valid_password("ironwood") # Can't change password to something too common. assert auth.change_password("johnsnow", "dragon") is None assert auth.get_user("johnsnow").is_valid_password("ironwood") # CAN change password to something fulfilling criteria. assert auth.change_password("johnsnow", "Daenerys") is not None assert not auth.get_user("johnsnow").is_valid_password("ironwood") assert auth.get_user("johnsnow").is_valid_password("Daenerys")
async def test_create_user_bad_characters(tmpcwd, app): '''Test method create_user with bad characters on username''' auth = NativeAuthenticator(db=app.db) assert not auth.create_user('john snow', 'password') assert not auth.create_user('john,snow', 'password')