def login_post(): """ Collects field data from the login screen and calls the requisite backend login functions to validate the user or reject their credentials. """ email = request.form.get('email') password = request.form.get('password') if not valid.validate_email_address(email) or not valid.validate_password( password): return render_template('login.html', message='email/password format is incorrect.') user = usr.login_user(email, password) if user: session['logged_in'] = user.email """ Session is an object that contains sharing information between browser and the end server. Typically it is encrypted and stored in the browser cookies. They will be past along between every request the browser made to this services. Here we store the user object into the session, so we can tell if the client has already login in the following sessions. """ # success! go back to the home page # code 303 is to force a 'GET' request return redirect('/', code=303) else: return render_template('login.html', message='email/password combination incorrect')
def register_post(): """ This function collects all of the necessary field data, validates the entered data to some standard, then uses the backend registration calls to save the new user to our database or requests valid data. """ # All of the inforamtion used to register a user gotten from the form email = request.form.get('email') name = request.form.get('name') password = request.form.get('password') password2 = request.form.get('password2') error_message = None # The users name with out spaces, to be used for validation nameNoSpace = name.replace(" ", "") ''' A series of conditionals checking if the user's registration input is valid or not. If it is not an accurate error message will be displayed. If it is valid the user will be registered and redirected to the login page. ''' # Check if passwords match if password != password2: error_message = "Passwords format is incorrect" # Check for valid email elif not valid.validate_email_address(email): error_message = "Email format is incorrect" # Check for valid password elif not valid.validate_password(password): error_message = "Password format is incorrect" # Check that the length of the name is proper length elif len(name) > 19 or len(name)<3: error_message = "Username format is incorrect" # Check that there are no non alphanumeric characters other then space elif not nameNoSpace.isalnum(): error_message = "Username format is incorrect" # Check that there is no space at begining or end elif name[0] == ' ' or name[len(name) - 1] == ' ': error_message = "Username format is incorrect" else: user = usr.get_user(email) # Check if email has already been used if user: error_message = "This email has ALREADY been used" # Register User elif usr.register_user(email, name, password, password2, 500000): error_message = "Failed to store user info." # if there is any error messages when registering new user # at the backend, go back to the register page. if error_message: return render_template('register.html', message=error_message) else: return redirect('/login')
def test_validation_password_empty(): test_password = '' assert valid.validate_password(test_password) is False
def test_validation_password_invalid_chars_(): test_password = '******' assert valid.validate_password(test_password) is False
def test_validation_password_invalid_short_no_special_and_no_lower(): test_password = '******' assert valid.validate_password(test_password) is False
def test_validation_password_invalid_short_special_only(): test_password = '******' assert valid.validate_password(test_password) is False
def test_validation_password_invalid_no_lower(): test_password = '******' assert valid.validate_password(test_password) is False
def test_validation_password_invalid_short_no_special_and_lowercase_password(): test_password = '******' assert valid.validate_password(test_password) is False
def test_validation_password_invalid_short_lowercase_password(): test_password = '******' assert valid.validate_password(test_password) is False
def test_validation_password_invalid_short_no_spec_password(): test_password = '******' assert valid.validate_password(test_password) is False
def test_validation_password_valid_password(): test_password = '******' assert valid.validate_password(test_password) is True