def setUp(self):
app.config['TESTING'] = True
app.config['WTF_CSRF_ENABLED'] = False
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///test_site.db'
self.app = app.test_client()
db.create_all()
db.session.commit()
#add users to the db for tests
hash_password = bcrypt.generate_password_hash('password').decode('utf-8')
test_user_1 = User(email='*****@*****.**', password=hash_password, first_name='test',
last_name='test', balance=1000, admin=False)
test_user_2 = User(email='*****@*****.**', password=hash_password, first_name='test',
last_name='test', balance=1000, admin=False)
test_user_3 = User(email='*****@*****.**', password=hash_password, first_name='test',
last_name='test', balance=1000, admin=True)
external_test_user = User(email='*****@*****.**', password=hash_password, first_name='test',
last_name='test', balance=1000, admin=True)
db.session.add(test_user_1)
db.session.add(test_user_2)
db.session.add(test_user_3)
db.session.add(external_test_user)
db.session.commit()
self.test_user_1 = User.query.filter_by(email='*****@*****.**').first()
self.test_user_2 = User.query.filter_by(email='*****@*****.**').first()
self.test_user_3 = User.query.filter_by(email='*****@*****.**').first()
self.external_test_user = User.query.filter_by(email='*****@*****.**').first()
def register():
# Check if a user is already logged in (just redirect back home)
if current_user.is_authenticated:
return redirect(url_for('home'))
form = RegForm()
if form.validate_on_submit():
# generate a hash for the password
password_hashed = bcrypt.generate_password_hash(
form.password.data).decode("utf-8")
free_account_number = False
# ensure that no duplicate account numbers are generated (keep looping until one is generated that doesn't
# already exist in the database)
while not free_account_number:
account_number = randint(10000000, 999999999999)
if not User.query.filter_by(account_number=account_number).first():
free_account_number = True
# create an instance of a new user with the data the user entered (except use hashed password instead of plain
# text version the user entered)
new_user = User(username=form.username.data,
email=form.email.data,
password=password_hashed,
account_number=account_number,
first_name=form.first_name.data,
last_name=form.last_name.data)
# add the user to the db and commit the changes
db.session.add(new_user)
db.session.commit()
# Display success message and redirect to login page
flash('Thanks for registering, please login to continue!', 'success')
return redirect(url_for("login"))
return render_template("register.html", title="Register", form=form)
def signup():
signup_form = RegistrationForm()
if request.method == 'POST':
if signup_form.validate_on_submit():
hash_password = bcrypt.generate_password_hash(
signup_form.password.data).decode('utf-8')
user = User(
email=signup_form.email.data,
password=hash_password,
first_name=signup_form.first_name.data,
last_name=signup_form.last_name.data,
balance=1000,
admin=False,
)
db.session.add(user)
flash('Thank you for signing up for Murasaki Bank!', 'success')
db.session.commit()
return redirect(url_for('login'))
context = {
'title': 'Sign Up For Murasaki Bank',
'signup_form': signup_form,
}
return render_template('signup.html', **context)
def test_login_works(self):
hash_password = bcrypt.generate_password_hash('password').decode('utf-8')
user = User(email='*****@*****.**', password=hash_password, first_name='test',
last_name='test', balance=1000, admin=False)
db.session.add(user)
db.session.commit()
tester = self.app
response = tester.post('/login', data=dict(email='*****@*****.**', password='******'), follow_redirects=True)
self.assertIn(b'Hello', response.data)
def register():
if current_user.is_authenticated:
return redirect(url_for('home'))
form = RegistrationForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
user = User(firstname=form.firstname.data, lastname=form.lastname.data, email=form.email.data, \
phone=form.phone.data, street=form.street.data, city=form.city.data, state=form.state.data, \
country=form.country.data, password=hashed_password)
db.session.add(user)
db.session.commit()
flash('Your account has been created! You are now able to log in',
'success')
return redirect(url_for('login'))
return render_template('register.html', title='Register', form=form)
def register_page():
form = RegisterForm()
if form.validate_on_submit():
user_to_create = User(id=form.id.data,
username=form.username.data,
phone=form.phone.data,
email_address=form.email_address.data,
password=form.password1.data)
db.session.add(user_to_create)
db.session.commit()
login_user(user_to_create)
flash(
f"Account created successfully! You are now logged in as {user_to_create.username}",
category='success')
return redirect(url_for('bank_page'))
if form.errors != {}: # If there are not errors from the validations
for err_msg in form.errors.values():
flash(f'There was an error with creating a user: {err_msg}',
category='danger')
return render_template('register.html', form=form)
def register():
if current_user.is_authenticated:
return redirect(url_for('home'))
form = RegistrationForm()
if form.validate_on_submit():
hashed_password = bcrypt.generate_password_hash(
form.password.data).decode('utf-8')
user = User(username=form.username.data,
email=form.email.data,
password=hashed_password,
phone=form.phone.data,
post_index=form.post_index.data,
address=form.address.data,
city=form.city.data,
blood_group=form.blood_group.data)
db.session.add(user)
db.session.commit()
flash('Your account has been created! You are now able to log in.',
'success')
return redirect(url_for('login'))
return render_template('register.html', title='Register', form=form)
def admin():
if current_user.admin != True:
flash('You do not have proper permission to view that page!', 'danger')
return redirect(url_for('murasaki'))
signup_form = RegistrationForm()
if request.method == 'POST':
if signup_form.validate_on_submit():
hash_password = bcrypt.generate_password_hash(
signup_form.password.data).decode('utf-8')
user = User(email=signup_form.email.data,
password=hash_password,
first_name=signup_form.first_name.data,
last_name=signup_form.last_name.data,
balance=1000,
admin=True)
db.session.add(user)
flash('You created a new Admin User!', 'success')
db.session.commit()
return redirect(url_for('admin'))
context = {
'signup_form':
signup_form,
'user':
current_user,
'users':
User.query.order_by(User.last_name).all(),
'title':
'Welcome To Murasaki Bank Admin Page',
'logs':
TransactionLog.query.order_by(TransactionLog.date.desc()).filter_by(
user_id=current_user.id).all()
}
return render_template('admin.html', **context)
def remove_user(user_id: int) -> (str, int):
user = User.get(user_id)
user.delete()
return "", 204
def update_user(user_id: int, **kwargs):
user = User.get(user_id)
user.update(**kwargs)
return user
def create_user(**kwargs):
user = User(**kwargs)
user.save()
return user
def get_user(user_id: int):
user = User.get(user_id)
return user
def get_user_list() -> list:
user_list = User.get_list()
return user_list