async def create_user(data=None) -> UserDict:
data = data or {}
password = get_random_string(10)
params = {
"name": get_random_string(10),
"email": "{}@gmail.com".format(get_random_string(10)),
"password_hash": encrypt_password(password),
}
params.update(data)
params.setdefault("status", UserStatus.ACTIVE.name)
params.setdefault("role", UserRole.USER.name)
params.setdefault("created_ip", "127.0.0.1")
user = await cfg.STORAGE.create_user(params)
user["raw_password"] = password
return user
async def create_user(data=None):
data = data or {}
password = get_random_string(10)
params = {
'name': get_random_string(10),
'email': '{}@gmail.com'.format(get_random_string(10)),
'password_hash': encrypt_password(password)
}
params.update(data)
params.setdefault('status', UserStatus.ACTIVE.name)
params.setdefault('role', UserRole.USER.name)
params.setdefault('created_ip', '127.0.0.1')
user = await cfg.STORAGE.create_user(params)
user['raw_password'] = password
return user
async def create_token_in_db(engine, **data):
# TODO change by faker?
params = {
"user_id": random.randint(0, 3),
"token_service": get_random_string(5),
"token_data": {
"token_secret": get_random_string(3),
"token_key": get_random_string(4),
}
}
params.update(data)
async with engine.acquire() as conn:
stmt = tokens.insert().values(**params)
result = await conn.execute(stmt)
row = await result.first()
return dict(row)
async def test_reset_and_confirm(client: TestClient, cfg: LoginOptions,
capsys):
async with NewUser(app=client.app) as user:
reset_url = client.app.router["auth_reset_password"].url_for()
rp = await client.post(
reset_url,
json={
"email": user["email"],
},
)
assert rp.url.path == reset_url.path
await assert_status(rp, web.HTTPOk, cfg.MSG_EMAIL_SENT.format(**user))
out, err = capsys.readouterr()
confirmation_url = parse_link(out)
code = URL(confirmation_url).parts[-1]
# emulates user click on email url
rp = await client.get(confirmation_url)
assert rp.status == 200
assert (rp.url.path_qs == URL(cfg.LOGIN_REDIRECT).with_fragment(
"reset-password?code=%s" % code).path_qs)
# api/specs/webserver/v0/components/schemas/auth.yaml#/ResetPasswordForm
reset_allowed_url = client.app.router[
"auth_reset_password_allowed"].url_for(code=code)
new_password = get_random_string(5, 10)
rp = await client.post(
reset_allowed_url,
json={
"password": new_password,
"confirm": new_password,
},
)
payload = await rp.json()
assert rp.status == 200, payload
assert rp.url.path == reset_allowed_url.path
await assert_status(rp, web.HTTPOk, cfg.MSG_PASSWORD_CHANGED)
# TODO: multiple flash messages
# Try new password
logout_url = client.app.router["auth_logout"].url_for()
rp = await client.post(logout_url)
assert rp.url.path == logout_url.path
await assert_status(rp, web.HTTPUnauthorized, "Unauthorized")
login_url = client.app.router["auth_login"].url_for()
rp = await client.post(
login_url,
json={
"email": user["email"],
"password": new_password,
},
)
assert rp.url.path == login_url.path
await assert_status(rp, web.HTTPOk, cfg.MSG_LOGGED_IN)
async def test_reset_and_confirm(client, capsys, cfg):
async with NewUser() as user:
reset_url = client.app.router['auth_reset_password'].url_for()
rp = await client.post(reset_url, json={
'email': user['email'],
})
assert rp.url_obj.path == reset_url.path
await assert_status(rp, web.HTTPOk, cfg.MSG_EMAIL_SENT.format(**user))
out, err = capsys.readouterr()
confirmation_url = parse_link(out)
code = URL(confirmation_url).parts[-1]
# emulates user click on email url
rp = await client.get(confirmation_url)
assert rp.status == 200
assert rp.url_obj.path_qs == URL(cfg.LOGIN_REDIRECT).with_fragment(
"page=reset-password;code=%s" % code).path_qs
# api/specs/webserver/v0/components/schemas/auth.yaml#/ResetPasswordForm
reset_allowed_url = client.app.router[
'auth_reset_password_allowed'].url_for(code=code)
new_password = get_random_string(5, 10)
rp = await client.post(reset_allowed_url,
json={
'password': new_password,
'confirm': new_password,
})
payload = await rp.json()
assert rp.status == 200, payload
assert rp.url_obj.path == reset_allowed_url.path
await assert_status(rp, web.HTTPOk, cfg.MSG_PASSWORD_CHANGED)
# TODO: multiple flash messages
# Try new password
logout_url = client.app.router['auth_logout'].url_for()
rp = await client.get(logout_url)
assert rp.url_obj.path == logout_url.path
await assert_status(rp, web.HTTPOk, cfg.MSG_LOGGED_OUT)
login_url = client.app.router['auth_login'].url_for()
rp = await client.post(login_url,
json={
'email': user['email'],
'password': new_password,
})
assert rp.url_obj.path == login_url.path
await assert_status(rp, web.HTTPOk, cfg.MSG_LOGGED_IN)
with _open(file_path) as fh:
print("code,user_id,action,data,created_at", file=fh)
for n, code in enumerate(mock_codes, start=1):
print(f'{code},{uid},INVITATION,"{{', file=fh)
print(
f'""guest"": ""invitation-{today.year:04d}{today.month:02d}{today.day:02d}-{n}"" ,',
file=fh,
)
print('""issuer"" : ""*****@*****.**""', file=fh)
print('}",%s' % datetime.now().isoformat(sep=" "), file=fh)
if __name__ == "__main__":
parser = argparse.ArgumentParser(
description="Generates some material for demos")
parser.add_argument(
"--renew-invitation-codes",
"-c",
action="store_true",
help="Regenerates codes for invitations",
)
parser.add_argument("--user-id", "-u", default=1)
args = parser.parse_args()
codes = default_mock_codes
if args.renew_invitation_codes:
codes = [get_random_string(len(c)) for c in default_mock_codes]
main(codes, uid=args.user_id)
def __init__(self, client, guest="", host=None):
super().__init__(host, client.app)
self.client = client
self.guest = guest or get_random_string(10)
self.confirmation = None
