def __init__(self, request):
self.request = request
self.schema = schemas.ResetPasswordSchema().bind(request=self.request)
self.form = deform.Form(
schema=self.schema,
action=self.request.route_path('reset_password'),
buttons=(_('Save'), ))
def test_it_is_invalid_with_password_too_short(self, pyramid_csrf_request):
schema = schemas.ResetPasswordSchema().bind(
request=pyramid_csrf_request)
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({"password": "******"})
assert "password" in exc.value.asdict()
def __init__(self, request):
self.request = request
self.schema = schemas.ResetPasswordSchema().bind(request=self.request)
self.form = request.create_form(
schema=self.schema,
action=self.request.route_path('account_reset'),
buttons=(_('Save'), ))
def test_reset_password_adds_user_to_appstruct(config, activation_model,
user_model):
request = csrf_request(config)
schema = schemas.ResetPasswordSchema().bind(request=request)
user = user_model.get_by_activation.return_value
appstruct = schema.deserialize({
'user': '******',
'password': '******',
})
assert appstruct['user'] == user
def test_ResetPasswordSchema_adds_user_to_appstruct(config, user_model):
request = csrf_request(config)
request.registry.password_reset_serializer = FakeSerializer()
schema = schemas.ResetPasswordSchema().bind(request=request)
user = user_model.get_by_username.return_value
user.password_updated = 0
appstruct = schema.deserialize({
'user': '******',
'password': '******',
})
assert appstruct['user'] == user
def test_ResetPasswordSchema_with_expired_token(config, user_model):
request = csrf_request(config)
request.registry.password_reset_serializer = FakeExpiredSerializer()
schema = schemas.ResetPasswordSchema().bind(request=request)
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'user': '******',
'password': '******',
})
assert 'user' in exc.value.asdict()
assert 'reset code has expired' in exc.value.asdict()['user']
def test_reset_password_no_user_for_activation(config, user_model):
request = csrf_request(config)
schema = schemas.ResetPasswordSchema().bind(request=request)
user_model.get_by_activation.return_value = None
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'user': '******',
'password': '******',
})
assert 'user' in exc.value.asdict()
assert 'reset code is not valid' in exc.value.asdict()['user']
def test_it_is_invalid_with_expired_token(self, pyramid_csrf_request):
pyramid_csrf_request.registry.password_reset_serializer = (
self.FakeExpiredSerializer())
schema = schemas.ResetPasswordSchema().bind(
request=pyramid_csrf_request)
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'user': '******',
'password': '******',
})
assert 'user' in exc.value.asdict()
assert 'Reset code has expired.' in exc.value.asdict()['user']
def test_it_returns_user_when_valid(self, pyramid_csrf_request,
user_model):
pyramid_csrf_request.registry.password_reset_serializer = (
self.FakeSerializer())
schema = schemas.ResetPasswordSchema().bind(
request=pyramid_csrf_request)
user = user_model.get_by_username.return_value
user.password_updated = 0
appstruct = schema.deserialize({
'user': '******',
'password': '******',
})
assert appstruct['user'] == user
def test_ResetPasswordSchema_user_has_already_reset_their_password(config,
user_model):
request = csrf_request(config)
request.registry.password_reset_serializer = FakeSerializer()
schema = schemas.ResetPasswordSchema().bind(request=request)
user = user_model.get_by_username.return_value
user.password_updated = 2
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'user': '******',
'password': '******',
})
assert 'user' in exc.value.asdict()
assert 'already reset your password' in exc.value.asdict()['user']
def test_it_is_invalid_if_user_has_already_reset_their_password(
self, pyramid_csrf_request, user_model):
pyramid_csrf_request.registry.password_reset_serializer = (
self.FakeSerializer())
schema = schemas.ResetPasswordSchema().bind(
request=pyramid_csrf_request)
user = user_model.get_by_username.return_value
user.password_updated = 2
with pytest.raises(colander.Invalid) as exc:
schema.deserialize({
'user': '******',
'password': '******',
})
assert 'user' in exc.value.asdict()
assert 'This reset code has already been used.' in exc.value.asdict()['user']
def reset_password(self):
"""
Handle submission of the reset password form.
This function checks that the activation code (i.e. reset token)
provided by the form is valid, retrieves the user associated with the
activation code, and resets their password.
"""
schema = schemas.ResetPasswordSchema().bind(request=self.request)
form = deform.Form(schema)
code = self.request.matchdict.get('code')
if code is None:
return httpexceptions.HTTPNotFound()
activation = Activation.get_by_code(code)
if activation is None:
return httpexceptions.HTTPNotFound()
user = User.get_by_activation(activation)
if user is None:
return httpexceptions.HTTPNotFound()
if self.request.method != 'POST':
return httpexceptions.HTTPMethodNotAllowed()
err, appstruct = validate_form(form, self.request.POST.items())
if err is not None:
return err
user.password = appstruct['password']
self.request.db.delete(activation)
self.request.session.flash(_('Your password has been reset!'),
'success')
self.request.registry.notify(PasswordResetEvent(self.request, user))
return httpexceptions.HTTPFound(location=self.reset_password_redirect)
def test_ResetPasswordSchema_with_password_too_short(config, user_model):
schema = schemas.ResetPasswordSchema().bind(request=csrf_request(config))
with pytest.raises(colander.Invalid) as err:
schema.deserialize({"password": "******"})
assert "password" in err.value.asdict()
