def test_auth_login_logout(self): # Test that login view functions as expected db.session.add(Settings(login_required=False, first_run=False)) user = User(username='******') user.set_password('passwd') db.session.add(user) db.session.commit() # Test login page without login_required response = self.test_client.get('/auth/login', follow_redirects=True) self.assertTrue('<h1 class="page-header">Dashboard</h1>' \ in response.data.decode('utf-8')) # Test correct login data settings = Settings.query.first() settings.login_required = True db.session.commit() response = self.login('user', 'passwd') self.assertTrue('<h1 class="page-header">Dashboard</h1>' \ in response.data.decode('utf-8')) # Test logout response = self.test_client.get('/auth/logout', follow_redirects=True) self.assertTrue(True) # Test submit form with no data response = self.login('', '') self.assertTrue('This field is required' \ in response.data.decode('utf-8')) # Test bad password response = self.login('user', 'monkey') self.assertTrue('Invalid username or password' \ in response.data.decode('utf-8')) # Test bad username response = self.login('nobody', 'passwd') self.assertTrue('Invalid username or password' \ in response.data.decode('utf-8'))
def test_password_verification(self): # Test that correct passwords are successful # and incorrect passwords are not u = User(username='******') u.set_password('passwd') self.assertTrue(u.check_password('passwd')) self.assertFalse(u.check_password('monkey'))
def adduser(): user = User() admin = User(username='******', email='*****@*****.**', password=user.set_password('!QAZ2wsx')) print admin db.session.add(admin) db.session.commit()
def test_registered_users(self): # Test no users registered url = '/api/users' db.session.add(Settings()) db.session.commit() response = self.client.get(url) data = json.loads(response.data.decode('utf-8')) self.assertTrue(not data['success']) self.assertTrue('No users' in data['message']) # Test with users registered user = User(username='******') user.set_password('passwd') db.session.add(user) db.session.commit() response = self.client.get(url) data = json.loads(response.data.decode('utf-8')) self.assertTrue(data['success']) self.assertTrue(len(data['users']) > 0)
def signup(): if current_user.is_authenticated: return redirect(url_for('main.index')) form = SignUpForm() if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8') user = User(username=form.username.data, email=form.email.data, password=hashed_password) db.session.add(user) db.session.commit() flash(f'Your Account has been created! You are now able to login.', 'success') return redirect(url_for('users.login')) return render_template('signup.html', title="Sign Up | ServerMonitor", form=form)
def register(): if current_user.is_authenticated: return redirect(url_for('home')) form = RegistrationForm() if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8') user = User(username=form.username.data, email=form.email.data, password=hashed_password) db.session.add(user) db.session.commit() flash(f"Your account has been created! You are now able to log in", "success") return redirect(url_for('login')) return render_template('register.html', title='Register', form=form)
def test_delete_user(self): url = '/api/user/delete' db.session.add(Settings()) user = User(username='******') user.set_password('passwd') db.session.add(user) user = User(username='******') user.set_password('passwd') db.session.add(user) db.session.commit() user = User.query.first() # Test deleting single user data = json.dumps({'id': user.id, 'username': user.username}) data = self.postAPI(url, data) self.assertTrue(data['success']) # Test deleting non existing user data = json.dumps({'id': user.id, 'username': user.username}) data = self.postAPI(url, data) self.assertTrue(not data['success']) # Test deleting all users user = User.query.first() data = json.dumps({'id': user.id, 'username': user.username}) data = self.postAPI(url, data) settings = Settings.query.first() self.assertTrue(data['success']) self.assertTrue(not settings.login_required)
def test_password_salts_are_random(self): # Test that password salts are random, that is # the password hash stored for the same passwords is different. # The werkzeug module should generate different salts for hashed passwords u1 = User(username='******') u1.set_password('passwd') u2 = User(username='******') u2.set_password('passwd') self.assertTrue(u1.password != u2.password)
def reset_token(token): if current_user.is_authenticated: return redirect(url_for('main.index')) user = User.verify_reset_token(token) if user is None: flash('That is an invalid or expired token', 'warning') return redirect(url_for('users.reset_request')) form = ResetPasswordForm() if form.validate_on_submit(): hashed_password = bcrypt.generate_password_hash(form.password.data).decode('utf-8') user.password = hashed_password db.session.commit() flash(f'Your password has been updated! You are now able to login.', 'success') return redirect(url_for('users.login')) return render_template('reset_token.html', title="Reset Password | ServerMonitor", form=form)
def register(request) -> HttpResponse: msg = "Fill out following form to create new user account." register_form = RegisterForm() if request.method == "POST": register_form = RegisterForm(request.POST) if register_form.is_valid(): if register_form.data['password'] == register_form.data['password_repeated']: password_hash = bcrypt.hashpw(register_form.data['password'].encode(), bcrypt.gensalt(17)) new_user = User() new_user.email = register_form.data['email'] new_user.username = register_form.data['username'] new_user.password = password_hash.decode() new_user.save() msg = "Registration succeeded. You may now login." else: msg = "Invalid data supplied. Check registration form and try again." return render(request, "index/register.html", {"register_form": register_form, "form_msg": msg})
#Setup and create database file from monitor.models import CheckedWebsite, User from monitor import db, create_app db.create_all(app=create_app()) app = create_app() app.app_context().push() with app.app_context(): # Create CheckedWebsite new_website = CheckedWebsite(website_url='https://monitor.inspiredprogrammer.com', response_code='200', response_message='OK', isdown=False) db.session.add(new_website) db.session.commit() # Create User new_user = User(username='******', email='*****@*****.**', password='******') db.session.add(new_user) db.session.commit()
def test_password_setter(self): # Test that password setter actually sets a password u = User(username='******') u.set_password('passwd') self.assertTrue(u.password is not None)