def test_update_user(self, db_session): user = UserFactory.create() service = services.DatabaseUserService(db_session) new_name = "new username" service.update_user(user.id, username=new_name) user_from_db = service.get_user(user.id) assert user_from_db.username == user.username
def test_service_creation(self, monkeypatch): crypt_context_obj = pretend.stub() crypt_context_cls = pretend.call_recorder( lambda **kwargs: crypt_context_obj) monkeypatch.setattr(services, "CryptContext", crypt_context_cls) session = pretend.stub() service = services.DatabaseUserService(session) assert service.db is session assert service.hasher is crypt_context_obj assert crypt_context_cls.calls == [ pretend.call( schemes=[ "argon2", "bcrypt_sha256", "bcrypt", "django_bcrypt", "unix_disabled", ], deprecated=["auto"], truncate_error=True, argon2__memory_cost=1024, argon2__parallelism=6, argon2__time_cost=6, ) ]
def test_create_login_error(self, db_session): service = services.DatabaseUserService(db_session) user = service.create_user("test_user", "test_name", "test_password", "test_email") assert user.id is not None assert not service.check_password(user.id, "bad_password")
def test_create_login_success(self, db_session): service = services.DatabaseUserService(db_session) user = service.create_user("test_user", "test_name", "test_password", "test_email") assert user.id is not None # now make sure that we can log in as that user assert service.check_password(user.id, "test_password")
def test_verify_email(self, db_session): service = services.DatabaseUserService(db_session) user = UserFactory.create() EmailFactory.create(user=user, primary=True, verified=False) EmailFactory.create(user=user, primary=False, verified=False) service.verify_email(user.id, user.emails[0].email) assert user.emails[0].verified assert not user.emails[1].verified
def test_find_by_email(self, db_session): service = services.DatabaseUserService(db_session) user = UserFactory.create() EmailFactory.create(user=user, primary=True, verified=False) found_userid = service.find_userid_by_email(user.emails[0].email) db_session.flush() assert user.id == found_userid
def test_check_password_valid(self, db_session): user = UserFactory.create() service = services.DatabaseUserService(db_session) service.hasher = pretend.stub(verify_and_update=pretend.call_recorder( lambda l, r: (True, None)), ) assert service.check_password(user.id, "user password") assert service.hasher.verify_and_update.calls == [ pretend.call("user password", user.password), ]
def test_check_password_global_rate_limited(self): resets = pretend.stub() limiter = pretend.stub(test=lambda: False, resets_in=lambda: resets) service = services.DatabaseUserService( pretend.stub(), ratelimiters={"global": limiter}, ) with pytest.raises(TooManyFailedLogins) as excinfo: service.check_password(uuid.uuid4(), None) assert excinfo.value.resets_in is resets
def test_create_user(self, db_session): user = UserFactory.build() email = "*****@*****.**" service = services.DatabaseUserService(db_session) new_user = service.create_user(username=user.username, name=user.name, password=user.password, email=email) db_session.flush() user_from_db = service.get_user(new_user.id) assert user_from_db.username == user.username assert user_from_db.name == user.name assert user_from_db.email == email
def test_check_password_user_rate_limited(self, db_session): user = UserFactory.create() resets = pretend.stub() limiter = pretend.stub( test=pretend.call_recorder(lambda uid: False), resets_in=pretend.call_recorder(lambda uid: resets), ) service = services.DatabaseUserService( db_session, ratelimiters={"user": limiter}, ) with pytest.raises(TooManyFailedLogins) as excinfo: service.check_password(user.id, None) assert excinfo.value.resets_in is resets assert limiter.test.calls == [pretend.call(user.id)] assert limiter.resets_in.calls == [pretend.call(user.id)]
def test_service_creation(self, monkeypatch): crypt_context_obj = pretend.stub() crypt_context_cls = pretend.call_recorder( lambda schemes, deprecated: crypt_context_obj) monkeypatch.setattr(services, "CryptContext", crypt_context_cls) session = pretend.stub() service = services.DatabaseUserService(session) assert service.db is session assert service.hasher is crypt_context_obj assert crypt_context_cls.calls == [ pretend.call( schemes=[ "bcrypt_sha256", "bcrypt", "django_bcrypt", "unix_disabled", ], deprecated=["auto"], ), ]
def test_service_creation_ratelimiters(self, monkeypatch, remote_addr): crypt_context_obj = pretend.stub() crypt_context_cls = pretend.call_recorder( lambda **kwargs: crypt_context_obj) monkeypatch.setattr(services, "CryptContext", crypt_context_cls) ratelimiters = { "user.login": pretend.stub(), "global.login": pretend.stub() } session = pretend.stub() service = services.DatabaseUserService( session, metrics=NullMetrics(), remote_addr=remote_addr, ratelimiters=ratelimiters, ) assert service.db is session assert service.ratelimiters == ratelimiters assert service.hasher is crypt_context_obj assert crypt_context_cls.calls == [ pretend.call( schemes=[ "argon2", "bcrypt_sha256", "bcrypt", "django_bcrypt", "unix_disabled", ], deprecated=["auto"], truncate_error=True, argon2__memory_cost=1024, argon2__parallelism=6, argon2__time_cost=6, ) ]
def user_service(db_session, metrics, remote_addr): return account_services.DatabaseUserService(db_session, metrics=metrics, remote_addr=remote_addr)
def user_service(db_session, metrics): return account_services.DatabaseUserService(db_session, metrics=metrics)
def test_find_by_email_not_found(self, db_session): service = services.DatabaseUserService(db_session) assert service.find_userid_by_email("something") is None
def test_check_password_nonexistant_user(self, db_session): service = services.DatabaseUserService(db_session) assert not service.check_password(uuid.uuid4(), None)
def test_find_userid_existing_user(self, db_session): user = UserFactory.create() service = services.DatabaseUserService(db_session) assert service.find_userid(user.username) == user.id
def user_service(db_session, app_config): return services.DatabaseUserService(db_session, app_config.registry.settings)
def test_find_userid_nonexistant_user(self, db_session): service = services.DatabaseUserService(db_session) assert service.find_userid("my_username") is None