def test_auth_login():
'''
Test functions for auth_login
'''
data.initialise_all()
# Register a user and then log in
auth.auth_register("*****@*****.**", "registered_password", "a", "b")
# A registered user is logged in
login = auth.auth_login("*****@*****.**", "registered_password") \
# Check database for id and token
user_id = get_user_by_email("*****@*****.**").u_id
user_token = get_user_token_by_u_id(user_id)
assert login == {"u_id": user_id, "token": user_token}
# An invalid email is given
with pytest.raises(ValueError, match="Invalid Email"):
auth.auth_login("invalid_email", "valid_password")
# Email is not a registered email
with pytest.raises(ValueError, match="Email not registered"):
auth.auth_login("*****@*****.**", "valid_password")
# Password is incorrect
with pytest.raises(ValueError, match="Password Incorrect"):
auth.auth_login("*****@*****.**", "bpas")
def auth_passwordreset_request(email):
'''
Given an email address, if the user is a registered user, send's them an
email containing a specific secret code, that when entered in
auth_passwordreset_reset, shows that the user trying to reset the password
is the one who got sent this email.
'''
if not valid_email(email):
raise ValueError("Email is not valid")
# Preparing reset code
user = get_user_by_email(email)
reset_code = generate_reset_code(user)
try:
redirect_url = f"{request.headers['Origin']}/reset_password"
except:
redirect_url = "http://127.0.0.1:8001/reset_password"
# Creating mail to send
msg = Message("Website Reset Request",
sender="*****@*****.**",
recipients=[email])
msg.html = ("<p>Your reset code is:</p>"
f"<p>\n<b>{reset_code}</b>\n</p>"
f"<p>Copy this code into the field at {redirect_url}</p>")
# Empty dictionary is manually returned in server.py
return msg
def test_get_user_by_email():
'''
Ensures the correct user is returned by email
'''
# Initialisation
global_var.initialise_all()
# Testing unsuccessful case
assert helpers.get_user_by_email("*****@*****.**") is None
# Testing successful case
user = auth.auth_register("*****@*****.**", "pass123", "Raydon", "Smith")
u_id = user["u_id"]
user_object = helpers.get_user_by_email("*****@*****.**")
assert u_id == user_object.u_id
def test_auth_register():
'''
Test functions for auth_register
'''
data.initialise_all()
#A user is registered
user = auth.auth_register("*****@*****.**", "valid_password", "a", "b")
# Check database for id and token
user_id = get_user_by_email("*****@*****.**").u_id
user_token = get_user_token_by_u_id(user_id)
# confirm that register returned the correct ID and token
assert user == {"u_id": user_id, "token": user_token}
# A invalid email is given
with pytest.raises(ValueError, match="Invalid Email"):
auth.auth_register("invalid_email", "valid_password", "a", "b")
# Email given is already in use
with pytest.raises(ValueError, match="Email Already Registered"):
auth.auth_register("*****@*****.**", "valid_password", "a", "b")
# Password provided is not strong enough
with pytest.raises(ValueError, match="Password Not Strong"):
auth.auth_register("*****@*****.**", "bpas", "a", "b")
# First name is invalid
with pytest.raises(ValueError, match="Invalid First Name"):
invalid = "a" * 51
auth.auth_register("*****@*****.**", "valid_password", invalid,
"b")
# Last name is invalid
with pytest.raises(ValueError, match="Invalid Last Name"):
auth.auth_register("*****@*****.**", "valid_password", "a",
invalid)
# Testing unique handle
# Creating user: first_name="asd", last_name="dsa"
user1 = auth.auth_register("*****@*****.**", "valid_password", "asd", "dsa")
user1 = get_user_by_token(user1["token"])
assert user1.handle == "asddsa"
# Creating user: first_name="asd", last_name="dsa"
user2 = auth.auth_register("*****@*****.**", "valid_password", "asd", "dsa")
user2 = get_user_by_token(user2["token"])
assert user2.handle == "2asddsa"
def auth_register(email, password, name_first, name_last):
'''
Given a user's first and last name, email address, and password, create a
new account for them and return a new token for authentication in their
session. A handle is generated that is the concatentation of a
lowercase-only first name and last name. If the concatenation is longer
than 20 characters, it is cutoff at 20 characters. If the handle is already
taken, you may modify the handle in any way you see fit to make it unique.
'''
# Checking if registration details are valid
user = get_user_by_email(email)
if not valid_email(email):
raise ValueError("Invalid Email")
if user:
raise ValueError("Email Already Registered")
if not valid_password(password):
raise ValueError("Password Not Strong")
if not valid_name(name_first):
raise ValueError("Invalid First Name")
if not valid_name(name_last):
raise ValueError("Invalid Last Name")
# Adding new user details
new_u_id = get_new_u_id()
token = encode_token_for_u_id(new_u_id)
user = data.User(new_u_id, email, hash_password(password), \
name_first, name_last)
# Make the first user slackr owner
if new_u_id == 0:
user.change_permissions(SLACKR_OWNER)
# Appends user to data
add_user(user)
# Sets token as active (user is logged in)
activate_token(token)
return {"u_id": new_u_id, "token": token}
def auth_login(email, password):
'''
Given a registered user's email and password function generates and
returns a user_id and token assigned to the account
'''
user = get_user_by_email(email)
# Check validity of login
if not valid_email(email):
raise ValueError("Invalid Email")
if not user:
raise ValueError("Email not registered")
if not user.password == hash_password(password):
raise ValueError("Password Incorrect")
token = encode_token_for_u_id(user.u_id)
# Sets token as an active token
activate_token(token)
return {"u_id": user.u_id, "token": token}
def user_profile_setemail(token, email):
'''
Updates the authorised user's email address
ValueError:
- Email entered is not a valid email
- Email address is already being used by another user
'''
user = get_user_by_email(email)
if valid_email(email) is False:
raise ValueError("Invalid email")
if user:
raise ValueError("Email already in use")
# Changes user's email in database
user = get_user_by_token(token)
# Update user's email
user.update_email(email)
return {}