def validate(self):
r = super(AdsClassicFallBackLoginForm, self).validate()
if r is True:
return r
cu = None
try:
cu = ClassicUserInfo(self.email.data, self.password.data)
except HTTPError:
return False # if we can't contact ADS Classic, make it non-fatal
if cu.is_authenticated(): # Classic did let them in....
if not hasattr(
self,
'user') or self.user is None: # User does not exist yet
user_manipulator.create(email=self.email.data,
password=self.password.data,
name=cu.get_name(),
active=True)
else:
if not self.user.password: # password not set
return False
if not self.user.validate_password(
self.password.data): # Invalid passwd
self.user.password = self.password.data
user_manipulator.save(self.user)
if requires_confirmation(self.user):
return False
if not self.user.is_active() and cu.is_real_user(
): # Disabled account
self.user.active = True
user_manipulator.save(self.user)
# revalidate
return super(AdsClassicFallBackLoginForm, self).validate()
elif cu.is_real_user(
): # they didn't get it, but the account at least exists...
if self.user is None:
user_manipulator.create(email=self.email.data,
password=gen_salt(12),
name=cu.get_name(),
active=False)
return False
def test_load_user_using_wrong_password(self):
user = ClassicUserInfo('*****@*****.**', 'foo')
self.assertFalse(user.is_authenticated())
self.assertTrue(user.is_real_user())
self.assertEqual(352401271, user.get_id())
self.assertEqual(user.passwd_info(), -1)
def test_load_user_wrong_data2(self):
user = ClassicUserInfo('*****@*****.**')
def test_load_nonexisting_user(self):
user = ClassicUserInfo('*****@*****.**', 'foo')
self.assertFalse(user.is_authenticated())
self.assertFalse(user.is_real_user())
self.assertEqual(0, user.get_id())
self.assertEqual(user.passwd_info(), -1)