def test_delete_user_as_admin(testapp, db_handle): user_to_delete = User(email='*****@*****.**', display_name='Se Borra', phone_number='11111111111', image_location='http://www.youtube.com', admin=False) user_admin = User(email='*****@*****.**', display_name='Admin', phone_number='25642346456', image_location='http://www.youtube.com', admin=True) db_handle.session.add(user_to_delete) db_handle.session.add(user_admin) db_handle.session.commit() auth_service.setData({ 'email': user_admin.email, 'uid': '4cNAU9ovw6eD0KH5Qq7S91CXIZx2' }) response = testapp.delete(f"/users/{user_to_delete.id}", headers={'x-access-token': token}) json_data = response.get_json() db.session.delete(user_admin) db_handle.session.commit() assert json_data['message'] == 'User deleted.' assert response.status_code == 200
def test_delete_another_user_with_no_admin_user(testapp, db_handle): user_to_delete = User(email='*****@*****.**', display_name='Se Borra', phone_number='11111111111', image_location='http://www.youtube.com', admin=False) user = User(email='*****@*****.**', display_name='User', phone_number='2454564652', image_location='http://www.youtube.com', admin=False) db_handle.session.add(user_to_delete) db_handle.session.add(user) db_handle.session.commit() auth_service.setData({ 'email': user.email, 'uid': '4cNAU9ovw6eD0KH5Qq7S91CXIZx2' }) response = testapp.delete(f"/users/{user_to_delete.id}", headers={'x-access-token': token}) json_data = response.get_json() assert json_data['message'] == 'Only admins can delete other users.' assert response.status_code == 401
def test_get_users_data_filtered_by_display_name(testapp, db_handle): """Should return users data filtered by display name (users which names contains indicated display name)""" user_a = User(email='*****@*****.**', display_name='Armando Estaban Quito', phone_number='11533223536', image_location='http://www.google.com.ar', admin=False) user_b = User(email='*****@*****.**', display_name='Martin Armando Quito', phone_number='12121555530', image_location='http://www.facebook.com', admin=False) user_c = User(email='*****@*****.**', display_name='Carlos Gutierrez', phone_number='1125553512', image_location='http://www.youtube.com', admin=False) db_handle.session.add(user_a) db_handle.session.add(user_b) db_handle.session.add(user_c) db_handle.session.commit() response = testapp.get('/users?name=Armando', headers={'x-access-token': token}) json_data = response.get_json() assert len(json_data['users']) == 2 for user in json_data['users']: assert ('Armando' in user['display_name']) assert response.status_code == 200
def test_mark_attendance(client): """ Tests mark attendance """ # Add test users with db: u = User(login_id="A", password=pbkdf2_sha256.hash("A"), role="GN", email="*****@*****.**", first_name="A", last_name="", inst_id="CSB1000") u.save() u = User(login_id="B", password=pbkdf2_sha256.hash("B"), role="GN", email="*****@*****.**", first_name="B", last_name="", inst_id="CSB1000") u.save() u = User(login_id="C", password=pbkdf2_sha256.hash("C"), role="GN", email="*****@*****.**", first_name="C", last_name="", inst_id="CSB1000") u.save() # Test incorrect data format response = client.post('/fras/app/login', json={ 'login_id': 'admin', 'password': '******' }) response = client.post('/fras/app/mark_attendance', data={'file': './../test_data/modi_grp1.jpeg'}) assert response.json["status"] == "ERROR" # Test empty file name data = {'group_photo': (io.BytesIO(b'image data'), '')} response = client.post('/fras/app/login', json={ 'login_id': 'admin', 'password': '******' }) response = client.post('/fras/app/mark_attendance', data=data) assert response.json["status"] == "ERROR" # Successful test data = {'group_photo': (io.BytesIO(b'image data'), 'image.jpg')} response = client.post('/fras/app/login', json={ 'login_id': 'admin', 'password': '******' }) response = client.post('/fras/app/mark_attendance', data=data) assert response.json["status"] == "OK" assert response.json["body"]["names_found"] == ['A', 'B', 'C']
def seed_users(): user1 = User('joe', 'shmoe', '*****@*****.**', '123-123-4321', 'password') user2 = User('jane', 'shmoe', '*****@*****.**', '123-123-4321', 'password') user3 = User('foo', 'bar', '*****@*****.**', '123-123-4321', 'password') user4 = User('chuck', 'norris', '*****@*****.**', '123-123-4321', 'password') user5 = User('donald', 'duck', '*****@*****.**', '123-123-4321', 'password') db_session.add(user1) db_session.add(user2) db_session.add(user3) db_session.add(user4) db_session.add(user5) db_session.commit()
def testCRUD(self): # Insert user user1 = User(name='user1', fullname='USER1', password='******') self.session.add(user1) self.session.commit() # Check if inserted user = self.session.query(User).filter_by(name='user1').first() self.assertEquals(user.name, user1.name) # Check for non insertion user = self.session.query(User).filter_by(name='userFake').first() self.assertTrue(user is None) # Check Update user = self.session.query(User).filter_by(name='user1').first() user.password = '******' self.session.commit() userTst = self.session.query(User).filter_by(name='user1').first() self.assertEquals(userTst.password, 'pwdChg') # Check printout (to see this you have to run nosetest --nocapture user = self.session.query(User).filter_by(name='user1').first() print('User = %s' % user) # Insert a second record and check insertion user2 = User(name='user2', fullname='USER2', password='******') self.session.add(user2) self.session.commit() user = self.session.query(User).filter_by(name='user2').first() self.assertEquals(user.name, user2.name) # Rollback test user3 = User(name='user3', fullname='USER3', password='******') self.session.add(user3) self.session.rollback() user = self.session.query(User).filter_by(name='user3').first() self.assertTrue(user is None) # Delete record user = self.session.query(User).filter_by(name='user2').first() self.session.delete(user) self.session.commit() self.assertTrue( self.session.query(User).filter_by(name='user2').count() == 0) # Json format of Data (not working) user = self.session.query(User).filter_by(name='user1').first()
def register(): if request.method == 'POST': username = request.form['username'] password1 = request.form['pwd1'] password2 = request.form['pwd2'] user = User.query.filter(User.username == username).first() if user: msg = '用户名已经存在' return render_template('register.html', msg=msg) elif password1 != password2: msg = '两次密码输入不一致' return render_template('register.html', msg=msg) elif username == '': msg = '用户名不能为空' return render_template('register.html', msg=msg) elif password1 == '': msg = '密码不能为空' return render_template('register.html', msg=msg) else: msg = '注册成功' user_obj = User(username=username, password=password1, role_id=2) db.session.add(user_obj) db.session.commit() return render_template('register.html', msg=msg) return render_template('register.html')
def test_delete_inexistent_user_as_admin(testapp, db_handle): user_admin = User(email='*****@*****.**', display_name='Admin', phone_number='25642346456', image_location='http://www.youtube.com', admin=True) db_handle.session.add(user_admin) db_handle.session.commit() auth_service.setData({ 'email': user_admin.email, 'uid': '4cNAU9ovw6eD0KH5Qq7S91CXIZx2' }) inexistent_user_id = 25646 response = testapp.delete(f"/users/{inexistent_user_id}", headers={'x-access-token': token}) json_data = response.get_json() db.session.delete(user_admin) db_handle.session.commit() assert json_data[ 'message'] == f'No user found with ID: {inexistent_user_id}.' assert response.status_code == 404
def register_google(): token = request.json["id_token"] try: id_info = id_token.verify_oauth2_token(token, requests.Request(), GOOGLE_CLIENT_ID) if id_info['iss'] not in [ 'accounts.google.com', 'https://accounts.google.com' ]: raise ValueError('Wrong issuer.') user_id = id_info['sub'] user = db.get_user(user_id) if user: logging.info("User ${user_name} with ID ${id} is logged in".format( user_name=user['name'], id=user['user_id'])) return json.dumps(user), 200 else: new_user = User(id_info['sub'], id_info['email'], id_info['name']) db.save_user(new_user) logging.info( "User ${user_name} with ID ${id} is being registered".format( user_name=new_user.name, id=new_user.user_id)) return json.dumps(new_user.serialize()), 201 except ValueError: # Invalid token pass
def login(): user_info = Sso.user_info_by_token() if Sso.valid_user_info(user_info): """ 通过sso鉴权该用户是否合法 """ user_id = user_info.get("user_id") user = user_info.get("fullname") email = user_info.get("email") name = email[:-10] role_id = 1 current_user = User(user_id=user_id, name=name, email=email, role_id=role_id) session["user_id"] = user_id session["username"] = user session["role"] = get_user_role() if not user_id_exists(user_id): """ 通过userid判断用户是否存在 """ try: db.session.add(current_user) db.session.commit() except Exception as e: db.session.rollback() print(e) raise finally: db.session.close() return redirect(url_for('noclist')) return redirect(app.config['SSO_URL'] + app.config.get('LOGIN_RETURN_URL') + app.config.get('NOC_URL'))
def signup(): # Init form form = SignupForm() # IF POST if request.method == 'POST': # Init credentials from form request username = request.form['username'] password = request.form['password'] # Init user from Db query existing_user = User.query.filter_by(username=username).first() # Control new credentials if existing_user: flash('The username already exists. Please pick another one.') return redirect(url_for('signup')) else: user = User(username=username, password=sha256_crypt.hash(password), createdAt=datetime.now()) Db.session.add(user) Db.session.commit() flash('Congratulations, you are now a registered user!') return redirect(url_for('login')) # IF POST else: return render_template('signup.html', title='Signup', form=form)
def post(self): username = request.json.get('username', None) password = request.json.get('password', None) code = request.json.get('code', None) mail = request.json.get('mail', None) if username is None or password is None or code is None or mail is None or not re.match( r'[a-zA-Z0-9]+@[a-zA-Z0-9]+\.[a-zA-Z0-9]+', mail): return jsonify(code=ResponseCode.FORMAT_ERROR, msg="用户名密码格式错误") cache_email = cache.get(code) if cache_email != mail: return ResponseClass.warn(ResponseCode.FORMAT_ERROR) else: cache.delete(code) cache.delete(mail) session = AppUtils.get_session() try: # 验证用户名 AppUtils.validate_username(username) from models.models import User user = User() user.username = username user.mail = mail user.hash_password(password) user.credits = 0 session.add(user) session.commit() # 数据库 from app_config import SQLSession return jsonify(code=0, data=user.get_self_data()) except Exception as e: return jsonify(code=-1, msg=e.args[0]) finally: session.close()
def register(): error = None db = repository.GetSession() userid = str(uuid.uuid4()) name = request.form.get('username') password = request.form.get('password') email = request.form.get('email') add = db.query(User).filter_by(username=name).first() print(type(name), name, password, email) if not add: if name and password and email: user = User(username=name, password=password, email=email, userId=userid) db.add(user) db.commit() flash('注册成功') else: return web_helper.return_msg(0, '输入注册用户名已存在') if not name: return web_helper.return_msg(0, '输入注册用户名为空') if not password: return web_helper.return_msg(0, '输入注册密码为空') if not email: return web_helper.return_msg(0, '输入注册邮箱为空') return web_helper.return_msg(0, '用户注册成功')
def post(self): data = json.loads(request.data) print(data) new_post = User(**data) db.session.add(new_post) db.session.commit() return "Successfully added a new news"
def register_user(): first_name = session['profile']['given_name'] surname = session['profile']['family_name'] try: email = session['profile']['email'] except Exception as e: # log exception arup waad has email in nickname for some reason... email = session['profile']['nickname'] if len(parseaddr(email)[1]) == 0: return 'unable to log you in, invalid email supplied' user = db.session.query(User).filter_by(first_name=first_name, surname=surname, email=email).first() # if user doesnt exist in db, add them if (user is None): user = User(first_name=first_name, surname=surname, email=email) db.session.add(user) db.session.commit() # add user id from DB to the session session['user_id'] = user.id return True
def sign_up(): if request.method == "POST": username = request.form["username"] password = request.form["password"] existing_user = db_session.query(User).filter( User.username == username).first() if existing_user: flash("someone has alreay used that username try again") return redirect(url_for('routes.sign_up')) else: new_user = User(username, password) db_session.add(new_user) try: db_session.commit() session['logged_in'] = True except Exception as e: db_session.rollback() db_session.flush() print("error") return redirect(url_for('routes.home')) msg = Message("Hello Email World", sender="*****@*****.**", recipients=["*****@*****.**"]) mail.send(msg) return render_template('signup.html')
def callback_handling(): code = request.args.get(CODE_KEY) get_token = GetToken(AUTH0_DOMAIN) auth0_users = Users(AUTH0_DOMAIN) token = get_token.authorization_code(AUTH0_CLIENT_ID, AUTH0_CLIENT_SECRET, code, AUTH0_CALLBACK_URL) user_info = auth0_users.userinfo(token['access_token']) session[PROFILE_KEY] = json.loads(user_info) # return user_info # extract data to register user on DB in order top track question set progress first_name = session['profile']['given_name'] surname = session['profile']['family_name'] try: email = session['profile']['email'] except Exception as e: # log exception arup waad has email in nickname for some reason... email = session['profile']['nickname'] if len(parseaddr(email)[1]) == 0: return 'unable to log you in, invalid email supplied' user = db.session.query(User).filter_by(first_name=first_name, surname=surname, email=email).first() # if user doesnt exist in db, add them if (user is None): user = User(first_name=first_name, surname=surname, email=email) db.session.add(user) db.session.commit() # add user id from DB to the session session['user_id'] = user.id return redirect('/index')
def run(self, dispatcher, tracker, domain): user = User(0) found_user = user.find()[0] recent_friends = user.find_most_recent_friend() friends_same_city = user.suggest_friends_by_location(found_user['location']) dispatcher.utter_message("Family action!") return []
def populate_db(self): users = [] with open( os.path.join(os.path.dirname(__file__), 'resources', 'users.csv')) as users_csv: for user in users_csv: split_parts = user.split(',') users.append( User(split_parts[0], split_parts[1], split_parts[2])) question_set = grab_questions([1, 2], True) db.session.add_all(question_set) db.session.commit() results = [] with open( os.path.join(os.path.dirname(__file__), 'resources', 'results.csv')) as results_csv: for result in results_csv: split_parts = result.split(',') results.append( Result(int(split_parts[0]), int(split_parts[1]), bool(split_parts[2]))) db.session.add_all(users) db.session.commit() db.session.add_all(results) db.session.commit()
def signup(): # Init form form = SignupForm() # IF POST if request.method == "POST": # Init credentials from form request username = request.form["username"] password = request.form["password"] # Init user from Db query existing_user = User.query.filter_by(username=username).first() # Control new credentials if existing_user: flash("The username already exists. Please pick another one.") return redirect(url_for("signup")) else: user = User(username=username, password=sha256_crypt.hash(password)) Db.session.add(user) Db.session.commit() flash("Congratulations, you are now a registered user!") return redirect(url_for("login")) # IF GET else: return render_template("signup.html", title="Signup", form=form)
def signup(): if request.method == 'GET': # Display the Signup form return render_template('signup.html') else: # Signup the User name = request.form["name"] username = request.form["username"] email = request.form["email"] password = request.form["password"] # TODO: Verify user data available = User.is_username_available(username) if not available: return render_template('signup.html', error="User already exists!") else: # Add the user hashed_pw = make_pw_hash(str(username), str(password)) user = User(name=name, username=username, email=email, password_hash=hashed_pw) user.put() response = make_response(redirect(url_for('home'))) response.set_cookie("username", username) return response
def user(username): u = User() user = u.get_user(username=username) title = request.form.get('new-title') body = request.form.get('new-body') if title and body: p = Post(title=title, body=body, user_id=user.id) p.add_post() posts = u.get_posts_by_user(user.id) if not posts: posts = [ Post(id=2, title="There's nothing here yet!", body="There's nothing here yet!", user_id=-1) ] if user: return render_template('user_page.html', username=user.username, posts=posts) return "user not found" # TODO change the custom 404
def post(self): self.parser.add_argument('username', type=str, help='This username cannot be blank', required=True) self.parser.add_argument('password', type=str, help='This password cannot be blank', required=True) data = self.parser.parse_args( strict=True) # 获取传输的值/strict=True代表设置如果传以上未指定的参数主动报错 if User.query.filter_by(username=data['username']).filter_by( flag=1).first(): return { 'msg': 'user {} already exists'.format(data['username']) }, 400 new_user = User(username=data['username'], password=User.hash_password(data['password'])) session_add(new_user) msg = session_commit() if msg: return { "errors": f"{msg}", 'msg': "user add failed at {0}".format( time.strftime("%Y-%m-%d %H:%M:%S")) }, 500 else: return { "msg": "user add successfully at {0}".format( time.strftime("%Y-%m-%d %H:%M:%S")) }
def register_function(): post_data = json.loads(request.data) username = post_data["username"] email = post_data["email"] password = post_data["password"] if not userutils.check_mail(email): return json.dumps( { "status": "error", "result": "please check your email" } ) if len(str(password)) < 4: return json.dumps( { "status": "error", "result": "please get some serious password" } ) user = User.objects(username=username).first() if user: return json.dumps( { "status": "error", "result": "this username already taken, sorry" } ) if not username: return json.dumps( { "status": "error", "result": "please provide a username, it's required'" } ) user = User.objects(email=email).first() if user: return json.dumps( { "status": "error", "result": "this email address already registered, sorry" } ) user = User(username=username, email=email) user.password = userutils.encrypt(password) user.slug = userutils.make_slug(username) user.register_date = datetime.now() user.save() login_user(user) return json.dumps( { "status": "success", "result": "registeration successful" } )
def run(self, **kwargs): from models.models import Role, User, Course with open('secrets.json', 'r') as secret_file: secrets = json.load(secret_file).get("ADMIN", {}) print("Adding Admin") admin = User(first_name=secrets.get("first_name", "Admin"), last_name=secrets.get("last_name", "User"), password=encrypt_password( secrets.get("password", "password")), confirmed_at=datetime.datetime.now(), active=True, email=secrets.get("email", "*****@*****.**")) db.session.add(admin) db.session.flush() db.session.add(Role(name='instructor', user_id=admin.id)) db.session.add(Role(name='admin', user_id=admin.id)) print("Adding default course") default_course = Course(name="Default Course", owner_id=admin.id, service="native") db.session.add(default_course) db.session.flush() db.session.add( Role(name='instructor', course_id=default_course.id, user_id=admin.id)) db.session.commit() print("Complete")
def post(self): username = self.get_argument('username') # sha256加密 password = hashlib.sha256(self.get_argument('password')).hexdigest() email = self.get_argument('email') tell_phone = self.get_argument('tell_phone') company_id = self.get_argument('company_id') user = self.session.query(User).filter( User.username == username).first() if user: err = '用户已经存在' self.render("fra_user_add.html", auth_user=self.current_user, err=err) else: data = time.strftime("%Y-%m-%d") user = User( username=username, password=password, email=email, data=data, tell_phone=tell_phone, company_id=company_id, ) self.session.add(user) self.session.commit() self.redirect('/fra/user')
def post(self): login_data = Login.parser.parse_args() username = login_data['username'] password = login_data['password'] validations = validators.Validation() if not validations.validate_username(username): return { "Message": "username can only contain alphanumeric characters only and a minimum of 4 characters" }, 400 if not validations.validate_password(password): return { "Message": "password field should start with a capital letter" " and include a number" }, 400 user = User().get_user_by_username(username) if user and check_password_hash(user.pwhash, password): expires = datetime.timedelta(minutes=20) access_token = create_access_token(user.username, expires_delta=expires) return { 'token': access_token, 'message': 'successfully logged in' }, 200 return {'message': 'user does not exist on this server'}, 404
def new_user(): return_data = {'errors': [], 'message': [], 'data': {}} try: data = request.get_json(force=True) except Exception as e: return_data['errors'].append( 'There was a problem with the request. Please try again') return_data['errors'].append(e.args) return jsonify(return_data) validate_user_form(data, return_data) #check to see if validation returned any errors if return_data['errors']: print('there were errors') return jsonify(return_data) # if no errors go ahead and create the user user = User(first_name=return_data['data']['first_name'], last_name=return_data['data']['last_name'], phone=return_data['data']['phone'], email=return_data['data']['email']) db_session.add(user) db_session.commit() return jsonify({'message': 'this worked'})
def post(self): """Handle POST request at /auth/register.""" post_data = request.json email = post_data.get('email') password = post_data.get('password') # Query to see if the user already exists user = User.query.filter_by(email=email).first() if not user: # There is no user so we'll try to register them try: user = User(email=email, password=password) user.save() response = { 'message': 'You registered successfully. Please log in.' } return response, 201 except Exception as e: response = {'message': str(e)} return response, 401 else: # There is an existing user. response = {'message': 'User already exists. Please login.'} return response, 409
def signup(): # Init form form = SignupForm() # IF POST if request.method == 'POST': # Init credentials from form request username = request.form['username'] password = request.form['password'] # Init user from Db query existing_user = User.query.filter_by(username=username).first() # Control new credentials if existing_user: flash('Original Name Do Not Steal') return redirect(url_for('signup')) else: user = User(username=username, password=sha256_crypt.hash(password)) Db.session.add(user) Db.session.commit() flash('You have done it. Welcome fellow traveler. Have.') return redirect(url_for('login')) # IF POST else: return render_template('signup.html', title='Signup', form=form)