def test_reset_password_unitadmin(client): user = models.User.query.filter_by(username="******").first() nr_proj_user_keys_total_before = models.ProjectUserKeys.query.count() assert nr_proj_user_keys_total_before > 0 nr_proj_user_keys_before = len(user.project_user_keys) assert nr_proj_user_keys_before > 0 user_pw_hash_before = user._password_hash user_public_key_before = user.public_key # Add new row to password reset new_reset_row = models.PasswordReset(user=user, email=user.primary_email, issued=utils.timestamp()) db.session.add(new_reset_row) db.session.commit() # Need to use a valid token for the get request to get the form token valid_reset_token = get_valid_reset_token("unitadmin") response = client.get(tests.DDSEndpoint.RESET_PASSWORD + valid_reset_token, follow_redirects=True) assert response.status_code == http.HTTPStatus.OK assert flask.request.path == tests.DDSEndpoint.RESET_PASSWORD + valid_reset_token form_token = flask.g.csrf_token form_data = { "csrf_token": form_token, "password": "******", "confirm_password": "******", "submit": "Reset Password", } response = client.post(tests.DDSEndpoint.RESET_PASSWORD + valid_reset_token, json=form_data, follow_redirects=True) assert response.status_code == http.HTTPStatus.OK assert flask.request.path == tests.DDSEndpoint.PASSWORD_RESET_COMPLETED user = models.User.query.filter_by(username="******").first() # All users project keys should have been removed nr_proj_user_keys_after = len(user.project_user_keys) assert nr_proj_user_keys_after == 0 # Total nr of project user keys should be decreased nr_proj_user_keys_total_after = models.ProjectUserKeys.query.count() assert nr_proj_user_keys_total_after < nr_proj_user_keys_total_before assert nr_proj_user_keys_total_after != nr_proj_user_keys_total_before # Password should have changed user_pw_hash_after = user._password_hash assert user_pw_hash_before != user_pw_hash_after # Check that public key has changed user_public_key_after = user.public_key assert user_public_key_before != user_public_key_after
def test_reset_password_invalid_token_post(client): nr_proj_user_keys_before = models.ProjectUserKeys.query.count() user = models.User.query.filter_by(username="******").first() researchuser_pw_hash_before = user._password_hash # Add new row to password reset new_reset_row = models.PasswordReset(user=user, email=user.primary_email, issued=utils.timestamp()) db.session.add(new_reset_row) db.session.commit() # Need to use a valid token for the get request to get the form token valid_reset_token = get_valid_reset_token("researchuser") response = client.get(tests.DDSEndpoint.RESET_PASSWORD + valid_reset_token, follow_redirects=True) assert response.status_code == http.HTTPStatus.OK assert flask.request.path == tests.DDSEndpoint.RESET_PASSWORD + valid_reset_token form_token = flask.g.csrf_token form_data = { "csrf_token": form_token, "password": "******", "confirm_password": "******", "submit": "Reset Password", } auth_token_header = tests.UserAuth( tests.USER_CREDENTIALS["unituser"]).token(client) invalid_token = auth_token_header["Authorization"].split(" ")[1] response = client.post(tests.DDSEndpoint.RESET_PASSWORD + invalid_token, json=form_data, follow_redirects=True) assert response.status_code == http.HTTPStatus.OK assert flask.request.path == tests.DDSEndpoint.INDEX # Just make sure no project user keys has been removed nr_proj_user_keys_after = models.ProjectUserKeys.query.count() assert nr_proj_user_keys_before == nr_proj_user_keys_after researchuser_pw_hash_after = (models.User.query.filter_by( username="******").first()._password_hash) assert researchuser_pw_hash_before == researchuser_pw_hash_after