def test_change_email(client, app, auth):
# non logged in user redirected to log in
response = client.get('/auth/change_data')
assert response.headers['Location'] == 'http://localhost/auth/login'
auth.login()
# need to change something
response = client.post(
'/auth/change_data', data={'email': '', 'password': ''})
assert b'Entweder eine neue E-Mail Adresse oder ein ' in response.data
# cannot change both
response = client.post(
'/auth/change_data', data={'email': '*****@*****.**', 'password': '******'})
assert b'Die E-Mail Adresse und das Passwort k\xc3\xb6nn' in response.data
# can change email
response = client.post(
'/auth/change_data', data={'email': '*****@*****.**', 'password': ''})
assert response.headers['Location'] == 'http://localhost/'
with app.app_context():
user_db = UserDB()
assert user_db.select_user(email="*****@*****.**") is not None
# can change password
response = client.post(
'/auth/change_data', data={'email': '', 'password': '******'})
assert response.headers['Location'] == 'http://localhost/'
with app.app_context():
user_db = UserDB()
assert check_password_hash(
user_db.select_user(email="*****@*****.**")['password'], 'abc')
def test_select_user(app):
with app.app_context():
user_db = UserDB()
user_id = user_db.select_user(user_id=2)
email = user_db.select_user(email='*****@*****.**')
no_entry = user_db.select_user(email='*****@*****.**')
assert user_id['email'] == '*****@*****.**'
assert email['id'] == 2
assert no_entry is None
def test_change_password(app):
with app.app_context():
user_db = UserDB()
new_password = '******'
user = user_db.select_user(user_id=2)
assert user['password'] != new_password
user_db.change_password(user_id=2, new_password=new_password)
user = user_db.select_user(user_id=2)
assert user['password'] == new_password
def test_change_email(app):
with app.app_context():
user_db = UserDB()
new_email = '*****@*****.**'
user = user_db.select_user(user_id=2)
assert user['email'] != new_email
user_db.change_email(user_id=2, new_email=new_email)
user = user_db.select_user(user_id=2)
assert user['email'] == new_email
def register():
# TODO: Send confirmation link
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
password_re = request.form['password_re']
error = None
user_db = UserDB()
if not email:
error = 'Eine E-Mail Adresse wird benötigt.'
elif not check_valid_email(email):
error = 'Die E-Mail Adresse scheint nicht korrekt zu sein.'
elif not password:
error = 'Ein Passwort wird benötigt.'
elif password != password_re:
error = 'Passwörter stimmen nicht überein.'
elif user_db.select_user(email=email) is not None:
error = 'Die E-Mail Adresse {} ist schon registriert.'.format(
email)
if error is None:
user_db.add_user(email, generate_password_hash(password))
return redirect(url_for('auth.login'))
log.info('Invalid registration with email %s', email)
flash(error)
return render_template('auth/register.html')
def load_logged_in_user():
"""Load the user data into g."""
user_id = session.get('user_id')
if user_id is None:
g.user = None
else:
user_db = UserDB()
g.user = user_db.select_user(user_id=user_id)
def test_add_user(app, MonkeyEmail):
with app.app_context():
user_db = UserDB()
email = '*****@*****.**'
password = '******'
user_db.add_user(email=email, encrypted_password=password)
user_id = user_db.select_user(email='*****@*****.**')
assert user_id is not None
assert MonkeyEmail.called
assert MonkeyEmail.recipient == email
assert MonkeyEmail.subject == 'Registrierung für die GEclass'
assert 'registriert haben' in MonkeyEmail.content
def change_pwd_command(email, new_password):
"""Create CLI to change the password of a user.
Sometime a user may loose their password. It can be set to a given
value by calling
::
$ flask change-pwd [email protected] new_password
"""
user_db = UserDB()
user = user_db.select_user(email=email)
log.info('Force password change for user %s with email %s', user['id'],
user['email'])
user_db.change_password(user_id=user['id'],
new_password=generate_password_hash(new_password))
def test_register(client, app, MonkeyEmail):
username = '******'
# register is available
assert client.get('/auth/register').status_code == 200
response = client.post(
'/auth/register',
data={'email': username, 'password': '******', 'password_re': 'a'}
)
# after successful register reroute to login
assert response.headers['Location'] == 'http://localhost/auth/login'
with app.app_context():
user_db = UserDB()
assert user_db.select_user(email=username) is not None
assert MonkeyEmail.called
assert MonkeyEmail.recipient == username
assert MonkeyEmail.subject == 'Registrierung für die GEclass'
assert 'registriert haben' in MonkeyEmail.content
def login():
if request.method == 'POST':
email = request.form['email']
password = request.form['password']
error = None
user_db = UserDB()
user = user_db.select_user(email=email)
if user is None:
error = 'E-Mail Adresse oder Passwort sind falsch.'
elif not check_password_hash(user['password'], password):
error = 'E-Mail Adresse oder Passwort sind falsch.'
log.info('Incorrect password entry by user %s', user['id'])
if error is None:
session.clear()
session['user_id'] = user['id']
log.info('User %s logged in', user['id'])
return redirect(url_for('index'))
flash(error)
return render_template('auth/login.html')