def test_change_password(test_app): """Test changing password correctly and incorrectly""" test_user = fixture_add_user(password=u'toast') test_app.post( '/auth/login/', { 'username': u'chris', 'password': u'toast'}) # test that the password can be changed res = test_app.post( '/edit/password/', { 'old_password': '******', 'new_password': '******', }) res.follow() # Did we redirect to the correct page? assert urlparse.urlsplit(res.location)[2] == '/edit/account/' # test_user has to be fetched again in order to have the current values test_user = User.query.filter_by(username=u'chris').first() assert auth_tools.bcrypt_check_password('123456', test_user.pw_hash) # test that the password cannot be changed if the given # old_password is wrong template.clear_test_template_context() test_app.post( '/edit/password/', { 'old_password': '******', 'new_password': '******', }) test_user = User.query.filter_by(username=u'chris').first() assert not auth_tools.bcrypt_check_password('098765', test_user.pw_hash)
def test_change_password(test_app): """Test changing password correctly and incorrectly""" test_user = fixture_add_user(password=u'toast', privileges=[u'active']) test_app.post('/auth/login/', {'username': u'chris', 'password': u'toast'}) # test that the password can be changed res = test_app.post('/edit/password/', { 'old_password': '******', 'new_password': '******', }) res.follow() # Did we redirect to the correct page? assert urlparse.urlsplit(res.location)[2] == '/edit/account/' # test_user has to be fetched again in order to have the current values test_user = User.query.filter_by(username=u'chris').first() assert auth_tools.bcrypt_check_password('123456', test_user.pw_hash) # test that the password cannot be changed if the given # old_password is wrong template.clear_test_template_context() test_app.post('/edit/password/', { 'old_password': '******', 'new_password': '******', }) test_user = User.query.filter_by(username=u'chris').first() assert not auth_tools.bcrypt_check_password('098765', test_user.pw_hash)
def test_bcrypt_gen_password_hash(): pw = "youwillneverguessthis" # Normal password hash generation, and check on that hash hashed_pw = auth_tools.bcrypt_gen_password_hash(pw) assert auth_tools.bcrypt_check_password(pw, hashed_pw) assert not auth_tools.bcrypt_check_password("notthepassword", hashed_pw) # Same thing, extra salt. hashed_pw = auth_tools.bcrypt_gen_password_hash(pw, "3><7R45417") assert auth_tools.bcrypt_check_password(pw, hashed_pw, "3><7R45417") assert not auth_tools.bcrypt_check_password("notthepassword", hashed_pw, "3><7R45417")
def test_bcrypt_gen_password_hash(): pw = 'youwillneverguessthis' # Normal password hash generation, and check on that hash hashed_pw = auth_tools.bcrypt_gen_password_hash(pw) assert auth_tools.bcrypt_check_password(pw, hashed_pw) assert not auth_tools.bcrypt_check_password('notthepassword', hashed_pw) # Same thing, extra salt. hashed_pw = auth_tools.bcrypt_gen_password_hash(pw, '3><7R45417') assert auth_tools.bcrypt_check_password(pw, hashed_pw, '3><7R45417') assert not auth_tools.bcrypt_check_password('notthepassword', hashed_pw, '3><7R45417')
def test_bcrypt_check_password(): # Check known 'lollerskates' password against check function assert auth_tools.bcrypt_check_password( "lollerskates", "$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO" ) assert not auth_tools.bcrypt_check_password( "notthepassword", "$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO" ) # Same thing, but with extra fake salt. assert not auth_tools.bcrypt_check_password( "notthepassword", "$2a$12$ELVlnw3z1FMu6CEGs/L8XO8vl0BuWSlUHgh0rUrry9DUXGMUNWwl6", "3><7R45417" )
def test_bcrypt_check_password(): # Check known 'lollerskates' password against check function assert auth_tools.bcrypt_check_password( 'lollerskates', '$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO') assert not auth_tools.bcrypt_check_password( 'notthepassword', '$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO') # Same thing, but with extra fake salt. assert not auth_tools.bcrypt_check_password( 'notthepassword', '$2a$12$ELVlnw3z1FMu6CEGs/L8XO8vl0BuWSlUHgh0rUrry9DUXGMUNWwl6', '3><7R45417')
def change_pass(request): form = forms.ChangePassForm(request.form) user = request.user if request.method == 'POST' and form.validate(): if not tools.bcrypt_check_password( form.old_password.data, user.pw_hash): form.old_password.errors.append( _('Wrong password')) return render_to_response( request, 'mediagoblin/plugins/basic_auth/change_pass.html', {'form': form, 'user': user}) # Password matches user.pw_hash = tools.bcrypt_gen_password_hash( form.new_password.data) user.save() messages.add_message( request, messages.SUCCESS, _('Your password was changed successfully')) return redirect(request, 'mediagoblin.edit.account') return render_to_response( request, 'mediagoblin/plugins/basic_auth/change_pass.html', {'form': form, 'user': user})
def change_pass(request): form = forms.ChangePassForm(request.form) user = request.user if request.method == 'POST' and form.validate(): if not tools.bcrypt_check_password(form.old_password.data, user.pw_hash): form.old_password.errors.append(_('Wrong password')) return render_to_response( request, 'mediagoblin/plugins/basic_auth/change_pass.html', { 'form': form, 'user': user }) # Password matches user.pw_hash = tools.bcrypt_gen_password_hash(form.new_password.data) user.save() messages.add_message(request, messages.SUCCESS, _('Your password was changed successfully')) return redirect(request, 'mediagoblin.edit.account') return render_to_response( request, 'mediagoblin/plugins/basic_auth/change_pass.html', { 'form': form, 'user': user })
def test_change_password(test_app): """Test changing password correctly and incorrectly""" test_user = fixture_add_user(password=u"toast", privileges=[u"active"]) test_app.post("/auth/login/", {"username": u"chris", "password": u"toast"}) # test that the password can be changed res = test_app.post("/edit/password/", {"old_password": "******", "new_password": "******"}) res.follow() # Did we redirect to the correct page? assert urlparse.urlsplit(res.location)[2] == "/edit/account/" # test_user has to be fetched again in order to have the current values test_user = User.query.filter_by(username=u"chris").first() assert auth_tools.bcrypt_check_password("123456", test_user.pw_hash) # test that the password cannot be changed if the given # old_password is wrong template.clear_test_template_context() test_app.post("/edit/password/", {"old_password": "******", "new_password": "******"}) test_user = User.query.filter_by(username=u"chris").first() assert not auth_tools.bcrypt_check_password("098765", test_user.pw_hash)
def check_password(raw_pass, stored_hash, extra_salt=None): if stored_hash: return auth_tools.bcrypt_check_password(raw_pass, stored_hash, extra_salt) return None