def test_creating_user(test_ctx, fake_datetime):
with fake_datetime('1969-02-12'):
result = test_ctx.api.post(
test_ctx.context_factory(
input={
'name': 'chewie1',
'email': '*****@*****.**',
'password': '******',
},
user=test_ctx.user_factory(rank='regular_user')))
assert result == {
'user': {
'avatarStyle': 'gravatar',
'avatarUrl': 'http://gravatar.com/avatar/' +
'6f370c8c7109534c3d5c394123a477d7?d=retro&s=200',
'creationTime': datetime.datetime(1969, 2, 12),
'lastLoginTime': None,
'name': 'chewie1',
'rank': 'admin',
'rankName': 'Unknown',
}
}
user = get_user('chewie1')
assert user.name == 'chewie1'
assert user.email == '*****@*****.**'
assert user.rank == 'admin'
assert auth.is_valid_password(user, 'oks') is True
assert auth.is_valid_password(user, 'invalid') is False
def test_creating_user(test_ctx, fake_datetime):
with fake_datetime('1969-02-12'):
result = test_ctx.api.post(
test_ctx.context_factory(
input={
'name': 'chewie1',
'email': '*****@*****.**',
'password': '******',
},
user=test_ctx.user_factory(rank=db.User.RANK_REGULAR)))
assert result == {
'user': {
'avatarStyle': 'gravatar',
'avatarUrl': 'http://gravatar.com/avatar/' +
'6f370c8c7109534c3d5c394123a477d7?d=retro&s=200',
'creationTime': datetime.datetime(1969, 2, 12),
'lastLoginTime': None,
'name': 'chewie1',
'rank': 'administrator',
'email': '*****@*****.**',
}
}
user = users.get_user_by_name('chewie1')
assert user.name == 'chewie1'
assert user.email == '*****@*****.**'
assert user.rank == db.User.RANK_ADMINISTRATOR
assert auth.is_valid_password(user, 'oks') is True
assert auth.is_valid_password(user, 'invalid') is False
def test_updating_user(test_ctx):
user = test_ctx.user_factory(name='u1', rank=db.User.RANK_ADMINISTRATOR)
db.session.add(user)
result = test_ctx.api.put(
test_ctx.context_factory(input={
'name': 'chewie',
'email': '*****@*****.**',
'password': '******',
'rank': 'moderator',
'avatarStyle': 'gravatar',
},
user=user), 'u1')
assert result == {
'user': {
'avatarStyle': 'gravatar',
'avatarUrl': 'http://gravatar.com/avatar/' +
'6f370c8c7109534c3d5c394123a477d7?d=retro&s=200',
'creationTime': datetime.datetime(1997, 1, 1),
'lastLoginTime': None,
'email': '*****@*****.**',
'name': 'chewie',
'rank': 'moderator',
}
}
user = users.get_user_by_name('chewie')
assert user.name == 'chewie'
assert user.email == '*****@*****.**'
assert user.rank == db.User.RANK_MODERATOR
assert user.avatar_style == user.AVATAR_GRAVATAR
assert auth.is_valid_password(user, 'oks') is True
assert auth.is_valid_password(user, 'invalid') is False
def test_updating_user(test_ctx):
user = test_ctx.user_factory(name='u1', rank=db.User.RANK_ADMINISTRATOR)
db.session.add(user)
result = test_ctx.api.put(
test_ctx.context_factory(
input={
'name': 'chewie',
'email': '*****@*****.**',
'password': '******',
'rank': 'moderator',
'avatarStyle': 'gravatar',
},
user=user),
'u1')
assert result == {
'user': {
'avatarStyle': 'gravatar',
'avatarUrl': 'http://gravatar.com/avatar/' +
'6f370c8c7109534c3d5c394123a477d7?d=retro&s=200',
'creationTime': datetime.datetime(1997, 1, 1),
'lastLoginTime': None,
'email': '*****@*****.**',
'name': 'chewie',
'rank': 'moderator',
}
}
user = users.get_user_by_name('chewie')
assert user.name == 'chewie'
assert user.email == '*****@*****.**'
assert user.rank == db.User.RANK_MODERATOR
assert user.avatar_style == user.AVATAR_GRAVATAR
assert auth.is_valid_password(user, 'oks') is True
assert auth.is_valid_password(user, 'invalid') is False
def _authenticate(self, username, password):
''' Try to authenticate user. Throw AuthError for invalid users. '''
user = users.get_user_by_name(username)
if not user:
raise errors.AuthError('No such user.')
if not auth.is_valid_password(user, password):
raise errors.AuthError('Invalid password.')
return user
def test_is_valid_password_auto_upgrades_user_password_hash(user_factory):
salt, password = ('testSalt', 'pass')
hash, revision = auth.get_sha256_legacy_password_hash(salt, password)
user = user_factory(password_salt=salt, password_hash=hash)
result = auth.is_valid_password(user, password)
assert result is True
assert user.password_hash != hash
assert user.password_revision > revision
def _authenticate(self, username, password):
''' Try to authenticate user. Throw AuthError for invalid users. '''
user = users.get_user_by_name(username)
if not user:
raise errors.AuthError('No such user.')
if not auth.is_valid_password(user, password):
raise errors.AuthError('Invalid password.')
return user
def test_confirming_with_good_token(
password_reset_api, context_factory, user_factory):
user = user_factory(
name='u1', rank='regular_user', email='*****@*****.**')
old_hash = user.password_hash
db.session.add(user)
context = context_factory(
input={'token': '4ac0be176fb364f13ee6b634c43220e2'})
result = password_reset_api.post(context, 'u1')
assert user.password_hash != old_hash
assert auth.is_valid_password(user, result['password']) is True
def test_confirming_with_good_token(
password_reset_api, context_factory, user_factory):
user = user_factory(
name='u1', rank=db.User.RANK_REGULAR, email='*****@*****.**')
old_hash = user.password_hash
db.session.add(user)
context = context_factory(
input={'token': '4ac0be176fb364f13ee6b634c43220e2'})
result = password_reset_api.post(context, 'u1')
assert user.password_hash != old_hash
assert auth.is_valid_password(user, result['password']) is True
def test_confirming_with_good_token(context_factory, user_factory):
user = user_factory(
name='u1', rank=db.User.RANK_REGULAR, email='*****@*****.**')
old_hash = user.password_hash
db.session.add(user)
db.session.flush()
context = context_factory(
params={'token': '4ac0be176fb364f13ee6b634c43220e2'})
result = api.password_reset_api.finish_password_reset(
context, {'user_name': 'u1'})
assert user.password_hash != old_hash
assert auth.is_valid_password(user, result['password']) is True
def test_confirming_with_good_token(context_factory, user_factory):
user = user_factory(
name='u1', rank=model.User.RANK_REGULAR, email='*****@*****.**')
old_hash = user.password_hash
db.session.add(user)
db.session.flush()
context = context_factory(
params={'token': '4ac0be176fb364f13ee6b634c43220e2'})
result = api.password_reset_api.finish_password_reset(
context, {'user_name': 'u1'})
assert user.password_hash != old_hash
assert auth.is_valid_password(user, result['password']) is True
def test_confirming_with_good_token(context_factory, user_factory):
user = user_factory(name="u1",
rank=model.User.RANK_REGULAR,
email="*****@*****.**")
old_hash = user.password_hash
db.session.add(user)
db.session.flush()
context = context_factory(
params={"token": "4ac0be176fb364f13ee6b634c43220e2"})
result = api.password_reset_api.finish_password_reset(
context, {"user_name": "u1"})
assert user.password_hash != old_hash
assert auth.is_valid_password(user, result["password"]) is True
def _authenticate(username: str, password: str) -> model.User:
''' Try to authenticate user. Throw AuthError for invalid users. '''
user = users.get_user_by_name(username)
if not auth.is_valid_password(user, password):
raise errors.AuthError('Invalid password.')
return user
def _authenticate_basic_auth(username: str, password: str) -> model.User:
''' Try to authenticate user. Throw AuthError for invalid users. '''
user = users.get_user_by_name(username)
if not auth.is_valid_password(user, password):
raise errors.AuthError('Invalid password.')
return user
def _authenticate_basic_auth(username: str, password: str) -> model.User:
""" Try to authenticate user. Throw AuthError for invalid users. """
user = users.get_user_by_name(username)
if not auth.is_valid_password(user, password):
raise errors.AuthError("Invalid password.")
return user
