def register():
# TODO: Send confirmation link
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
password_re = request.form['password_re']
error = None
user_db = UserDB()
if not email:
error = 'Eine E-Mail Adresse wird benötigt.'
elif not check_valid_email(email):
error = 'Die E-Mail Adresse scheint nicht korrekt zu sein.'
elif not password:
error = 'Ein Passwort wird benötigt.'
elif password != password_re:
error = 'Passwörter stimmen nicht überein.'
elif user_db.select_user(email=email) is not None:
error = 'Die E-Mail Adresse {} ist schon registriert.'.format(
email)
if error is None:
user_db.add_user(email, generate_password_hash(password))
return redirect(url_for('auth.login'))
log.info('Invalid registration with email %s', email)
flash(error)
return render_template('auth/register.html')
def load_logged_in_user():
"""Load the user data into g."""
user_id = session.get('user_id')
if user_id is None:
g.user = None
else:
user_db = UserDB()
g.user = user_db.select_user(user_id=user_id)
def test_select_user(app):
with app.app_context():
user_db = UserDB()
user_id = user_db.select_user(user_id=2)
email = user_db.select_user(email='*****@*****.**')
no_entry = user_db.select_user(email='*****@*****.**')
assert user_id['email'] == '*****@*****.**'
assert email['id'] == 2
assert no_entry is None
def test_add_user(app, MonkeyEmail):
with app.app_context():
user_db = UserDB()
email = '*****@*****.**'
password = '******'
user_db.add_user(email=email, encrypted_password=password)
user_id = user_db.select_user(email='*****@*****.**')
assert user_id is not None
assert MonkeyEmail.called
assert MonkeyEmail.recipient == email
assert MonkeyEmail.subject == 'Registrierung für die GEclass'
assert 'registriert haben' in MonkeyEmail.content
def change_pwd_command(email, new_password):
"""Create CLI to change the password of a user.
Sometime a user may loose their password. It can be set to a given
value by calling
::
$ flask change-pwd [email protected] new_password
"""
user_db = UserDB()
user = user_db.select_user(email=email)
log.info('Force password change for user %s with email %s', user['id'],
user['email'])
user_db.change_password(user_id=user['id'],
new_password=generate_password_hash(new_password))
def add_course(self, user_id, fields):
"""Add a new course to the database.
Args:
user_id (int): The id of the owner of the course.
course_name (str): Some name for the course. It
does not need to be unique.
>>> get_courses(user_id=1)
>>> for course in courses:
... print(course['name'])
'uni_potsdam_biochem_2018'
'uni_potsdam_phys_2018'
>>> add_course(user_id=1, name='a_new_name')
>>> get_courses(user_id=1)
>>> for course in courses:
... print(course['name'])
'uni_potsdam_biochem_2018'
'uni_potsdam_phys_2018'
'a_new_name'
"""
log.info('Added new course %s for user %s', fields['name'], user_id)
columns = ['user_id', 'identifier']
values = [str(user_id), self.generate_identifier()]
for key in fields:
columns.append(key)
values.append(fields[key])
course_name = fields["name"]
pre_start_date = fields["start_date_pre"]
pre_start_date = date.fromtimestamp(int(fields['start_date_pre']))
user_db = UserDB()
email = user_db.get_email(user_id)
geclass.send_email.SendEmail(
email,
'Kurs Registrierung GEclass',
"""Vielen Dank, dass Sie den Kurs {} bei der GEclass registriert haben.
Die ID des Kurses lautet: {}.
Die Prä-Befragung startet am {}. Sie werden an diesem Tag auch eine Erinnerungsemail erhalten.
Vielen Dank für die Teilnahme an diesem Projekt.""".format(
course_name, values[1], pre_start_date.isoformat()),
)
self.add(table='course', columns=columns, values=values)
def test_register(client, app, MonkeyEmail):
username = '******'
# register is available
assert client.get('/auth/register').status_code == 200
response = client.post(
'/auth/register',
data={'email': username, 'password': '******', 'password_re': 'a'}
)
# after successful register reroute to login
assert response.headers['Location'] == 'http://localhost/auth/login'
with app.app_context():
user_db = UserDB()
assert user_db.select_user(email=username) is not None
assert MonkeyEmail.called
assert MonkeyEmail.recipient == username
assert MonkeyEmail.subject == 'Registrierung für die GEclass'
assert 'registriert haben' in MonkeyEmail.content
def login():
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
error = None
user_db = UserDB()
user = user_db.select_user(email=email)
if user is None:
error = 'E-Mail Adresse oder Passwort sind falsch.'
elif not check_password_hash(user['password'], password):
error = 'E-Mail Adresse oder Passwort sind falsch.'
log.info('Incorrect password entry by user %s', user['id'])
if error is None:
session.clear()
session['user_id'] = user['id']
log.info('User %s logged in', user['id'])
return redirect(url_for('index'))
flash(error)
return render_template('auth/login.html')
def test_change_email(client, app, auth):
# non logged in user redirected to log in
response = client.get('/auth/change_data')
assert response.headers['Location'] == 'http://localhost/auth/login'
auth.login()
# need to change something
response = client.post(
'/auth/change_data', data={'email': '', 'password': ''})
assert b'Entweder eine neue E-Mail Adresse oder ein ' in response.data
# cannot change both
response = client.post(
'/auth/change_data', data={'email': '*****@*****.**', 'password': '******'})
assert b'Die E-Mail Adresse und das Passwort k\xc3\xb6nn' in response.data
# can change email
response = client.post(
'/auth/change_data', data={'email': '*****@*****.**', 'password': ''})
assert response.headers['Location'] == 'http://localhost/'
with app.app_context():
user_db = UserDB()
assert user_db.select_user(email="*****@*****.**") is not None
# can change password
response = client.post(
'/auth/change_data', data={'email': '', 'password': '******'})
assert response.headers['Location'] == 'http://localhost/'
with app.app_context():
user_db = UserDB()
assert check_password_hash(
user_db.select_user(email="*****@*****.**")['password'], 'abc')
def change_data():
if request.method == 'POST':
# TODO: Reenter password
email = request.form['email']
password = request.form['password']
error = None
if not (email or password):
error = 'Entweder eine neue E-Mail Adresse oder ein neues ' + \
'Passwort müssen geetzt werden.'
elif email and password:
error = 'Die E-Mail Adresse und das Passwort können nicht ' + \
'zur selben Zeit geändert werden.'
elif email:
if not check_valid_email(email):
error = 'Die E-Mail Adresse scheint nicht korrekt zu sein.'
if error is None:
user_db = UserDB()
if email:
user_db.change_email(user_id=session['user_id'],
new_email=email)
else:
user_db.change_password(
user_id=session['user_id'],
new_password=generate_password_hash(password))
return redirect(url_for('index'))
flash(error)
return render_template('auth/change_data.html')
def test_change_password(app):
with app.app_context():
user_db = UserDB()
new_password = '******'
user = user_db.select_user(user_id=2)
assert user['password'] != new_password
user_db.change_password(user_id=2, new_password=new_password)
user = user_db.select_user(user_id=2)
assert user['password'] == new_password
def test_change_email(app):
with app.app_context():
user_db = UserDB()
new_email = '*****@*****.**'
user = user_db.select_user(user_id=2)
assert user['email'] != new_email
user_db.change_email(user_id=2, new_email=new_email)
user = user_db.select_user(user_id=2)
assert user['email'] == new_email
def test_get_email(app):
with app.app_context():
user_db = UserDB()
user_id = 2
email = user_db.get_email(user_id)
assert email == '*****@*****.**'