def post(self):
data = request.get_json()
if data is None:
error(400, "No json data in request body")
check_data_fields(data, ["email", "password"])
user_db_result = user_db_util.read(
g.database,
user_db_util.identify_by_email(g.database, data["email"]))
if not user_db_result or not check_password_hash(
user_db_result["hashed_password"], data["password"]):
error(401, "Invalid username or password")
user = from_dict(data_class=User, data=user_db_result)
User.login_user(user)
response = make_response()
if user.admin:
response.set_cookie(
"is_admin",
expires=time.time() + 365 * 24 * 60 *
60, # type: ignore # 1 year lifetime matches flask login cookie
)
return response, 200
def test_get_missing_user(self):
email = "*****@*****.**"
user_result = user.read(self.database,
user.identify_by_email(self.database, email))
assert user_result is None
def test_update_password(self):
self.create_example_user(self.user_data["user1"]["email"])
user_id = user.identify_by_email(self.database,
self.user_data["user1"]["email"])
user.update(self.database, user_id,
{"hashed_password": "******"})
self.verify_user_data(self.user_data["user1"]["email"],
self.user_data["user1"]["name"],
self.user_data["user1"]["group_name"],
"new_hashed_password",
self.user_data["user1"]["admin"])
def post(self):
data = request.get_json()
if data is None:
error(400, "No json data in request body")
check_data_fields(data, ["email", "password"])
user_db_result = user_db_util.read(g.database, user_db_util.identify_by_email(g.database, data["email"]))
if not user_db_result or not check_password_hash(user_db_result["hashed_password"], data["password"]):
error(401, "Invalid username or password")
user = from_dict(data_class=User, data=user_db_result)
User.login_user(user)
return jsonify({})
def test_get_user(self):
email = "*****@*****.**"
name = "Ima Test"
group_name = "Ima Test Group"
hashed_password = '******'
admin = True
self.create_example_user(email=email)
user_result = user.read(self.database,
user.identify_by_email(self.database, email))
self.verify_user_data(user_result["email"], user_result["name"],
user_result["group_name"],
user_result["hashed_password"],
user_result["admin"])
def test_update_other_fields(self):
self.create_example_user(self.user_data["user1"]["email"])
user_id = user.identify_by_email(self.database,
self.user_data["user1"]["email"])
user.update(
self.database, user_id, {
"email": "*****@*****.**",
"admin": True,
"name": "newname",
"group_name": "newgroupname"
})
self.verify_user_data("*****@*****.**", "newname",
"newgroupname",
self.user_data["user1"]["hashed_password"], True)
