def test_cant_change_password_for_non_existent_user(postgresql_db):
session = postgresql_db.session
create_all(session)
insert_test_user(session)
sut = UserPersistence(postgresql_db)
user = sut.get_user_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
with pytest.raises(UserNotFoundException):
sut.change_password_for_user('*****@*****.**', 'password')
def test_cant_change_password_for_firebase_user(postgresql_db):
session = postgresql_db.session
create_all(session)
insert_firebase_test_user(session)
sut = UserPersistence(postgresql_db)
user = sut.get_user_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
with pytest.raises(CantChangePasswordForFirebaseUser):
sut.change_password_for_user('*****@*****.**', 'password')
def test_change_password_successfully(postgresql_db):
session = postgresql_db.session
create_all(session)
insert_test_user(session)
sut = UserPersistence(postgresql_db)
user = sut.get_user_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
old_hash = user.hash
sut.change_password_for_user('*****@*****.**', 'password')
user = sut.get_user_by_email('*****@*****.**')
assert user.email == '*****@*****.**'
assert not user.hash == old_hash
def _reset_password(user_email):
logger.debug('Reset password request from user:{0}'.format(user_email))
data = request.json
token_received = data['token']
password_received = data['new_password']
reset_password_persistence = ResetPasswordPersistence(current_app.db)
try:
reset_password_obtained = reset_password_persistence.get_reset_password_by_email(
user_email)
if reset_password_obtained.token == token_received:
if reset_password_obtained.is_token_expired():
logger.debug('Token is expired')
result = {'Error': 'token expired. Already sent new one'}
status_code = HTTPStatus.UNAUTHORIZED
_forgot_password(user_email)
else:
logger.debug('Valid token')
user_persistence = UserPersistence(current_app.db)
try:
user_persistence.change_password_for_user(
user_email, password_received)
reset_password_persistence.delete(user_email)
result = {
'Reset password':
'******'.format(user_email)
}
status_code = HTTPStatus.OK
logger.debug('Password updated')
except CantChangePasswordForFirebaseUser:
logger.critical(
'Trying to change password for firebase user!')
result = {
'Error':
'user {0} is a firebase user'.format(user_email)
}
status_code = HTTPStatus.INTERNAL_SERVER_ERROR
except UserNotFoundException:
logger.critical('Cant find user!')
result = {
'Error': 'user {0} doesnt exist'.format(user_email)
}
status_code = HTTPStatus.INTERNAL_SERVER_ERROR
except ResetPasswordNotFoundException:
logger.critical('Cant reset password to delete!')
result = {
'Error':
'cant delete reset password request for user {0}'.
format(user_email)
}
status_code = HTTPStatus.INTERNAL_SERVER_ERROR
else:
logger.debug('The token {0} is NOT correct'.format(token_received))
result = {'Error': 'token is NOT correct'}
status_code = HTTPStatus.NOT_FOUND
except ResetPasswordNotFoundException:
logger.debug('This user didnt request to reset password')
result = {
'Error':
'user {0} didnt request to reset password'.format(user_email)
}
status_code = HTTPStatus.NOT_FOUND
return result, status_code