def test_change_email(client, app, auth): # non logged in user redirected to log in response = client.get('/auth/change_data') assert response.headers['Location'] == 'http://localhost/auth/login' auth.login() # need to change something response = client.post( '/auth/change_data', data={'email': '', 'password': ''}) assert b'Entweder eine neue E-Mail Adresse oder ein ' in response.data # cannot change both response = client.post( '/auth/change_data', data={'email': '*****@*****.**', 'password': '******'}) assert b'Die E-Mail Adresse und das Passwort k\xc3\xb6nn' in response.data # can change email response = client.post( '/auth/change_data', data={'email': '*****@*****.**', 'password': ''}) assert response.headers['Location'] == 'http://localhost/' with app.app_context(): user_db = UserDB() assert user_db.select_user(email="*****@*****.**") is not None # can change password response = client.post( '/auth/change_data', data={'email': '', 'password': '******'}) assert response.headers['Location'] == 'http://localhost/' with app.app_context(): user_db = UserDB() assert check_password_hash( user_db.select_user(email="*****@*****.**")['password'], 'abc')
def test_select_user(app): with app.app_context(): user_db = UserDB() user_id = user_db.select_user(user_id=2) email = user_db.select_user(email='*****@*****.**') no_entry = user_db.select_user(email='*****@*****.**') assert user_id['email'] == '*****@*****.**' assert email['id'] == 2 assert no_entry is None
def test_change_password(app): with app.app_context(): user_db = UserDB() new_password = '******' user = user_db.select_user(user_id=2) assert user['password'] != new_password user_db.change_password(user_id=2, new_password=new_password) user = user_db.select_user(user_id=2) assert user['password'] == new_password
def test_change_email(app): with app.app_context(): user_db = UserDB() new_email = '*****@*****.**' user = user_db.select_user(user_id=2) assert user['email'] != new_email user_db.change_email(user_id=2, new_email=new_email) user = user_db.select_user(user_id=2) assert user['email'] == new_email
def register(): # TODO: Send confirmation link if request.method == 'POST': email = request.form['email'] password = request.form['password'] password_re = request.form['password_re'] error = None user_db = UserDB() if not email: error = 'Eine E-Mail Adresse wird benötigt.' elif not check_valid_email(email): error = 'Die E-Mail Adresse scheint nicht korrekt zu sein.' elif not password: error = 'Ein Passwort wird benötigt.' elif password != password_re: error = 'Passwörter stimmen nicht überein.' elif user_db.select_user(email=email) is not None: error = 'Die E-Mail Adresse {} ist schon registriert.'.format( email) if error is None: user_db.add_user(email, generate_password_hash(password)) return redirect(url_for('auth.login')) log.info('Invalid registration with email %s', email) flash(error) return render_template('auth/register.html')
def load_logged_in_user(): """Load the user data into g.""" user_id = session.get('user_id') if user_id is None: g.user = None else: user_db = UserDB() g.user = user_db.select_user(user_id=user_id)
def test_add_user(app, MonkeyEmail): with app.app_context(): user_db = UserDB() email = '*****@*****.**' password = '******' user_db.add_user(email=email, encrypted_password=password) user_id = user_db.select_user(email='*****@*****.**') assert user_id is not None assert MonkeyEmail.called assert MonkeyEmail.recipient == email assert MonkeyEmail.subject == 'Registrierung für die GEclass' assert 'registriert haben' in MonkeyEmail.content
def change_pwd_command(email, new_password): """Create CLI to change the password of a user. Sometime a user may loose their password. It can be set to a given value by calling :: $ flask change-pwd [email protected] new_password """ user_db = UserDB() user = user_db.select_user(email=email) log.info('Force password change for user %s with email %s', user['id'], user['email']) user_db.change_password(user_id=user['id'], new_password=generate_password_hash(new_password))
def test_register(client, app, MonkeyEmail): username = '******' # register is available assert client.get('/auth/register').status_code == 200 response = client.post( '/auth/register', data={'email': username, 'password': '******', 'password_re': 'a'} ) # after successful register reroute to login assert response.headers['Location'] == 'http://localhost/auth/login' with app.app_context(): user_db = UserDB() assert user_db.select_user(email=username) is not None assert MonkeyEmail.called assert MonkeyEmail.recipient == username assert MonkeyEmail.subject == 'Registrierung für die GEclass' assert 'registriert haben' in MonkeyEmail.content
def login(): if request.method == 'POST': email = request.form['email'] password = request.form['password'] error = None user_db = UserDB() user = user_db.select_user(email=email) if user is None: error = 'E-Mail Adresse oder Passwort sind falsch.' elif not check_password_hash(user['password'], password): error = 'E-Mail Adresse oder Passwort sind falsch.' log.info('Incorrect password entry by user %s', user['id']) if error is None: session.clear() session['user_id'] = user['id'] log.info('User %s logged in', user['id']) return redirect(url_for('index')) flash(error) return render_template('auth/login.html')