def test_get_user_with_valid_token_wrong_token(self): user = users_factories.UserFactory() token_type = TokenType.RESET_PASSWORD saved_token = Token(from_dict={"userId": user.id, "value": self.token_value, "type": token_type}) repository.save(saved_token) associated_user = get_user_with_valid_token("wrong-token-value", [token_type]) assert associated_user is None
def reset_password(body: ResetPasswordRequest) -> None: check_password_strength("newPassword", body.new_password) user = users_repo.get_user_with_valid_token(body.reset_password_token, [TokenType.RESET_PASSWORD]) if not user: raise ApiErrors({"token": ["Le token de changement de mot de passe est invalide."]}) user.setPassword(body.new_password) user.isEmailValidated = True repository.save(user)
def test_get_user_with_valid_token_wrong_type(self): user = users_factories.UserFactory() token_type = TokenType.RESET_PASSWORD saved_token = Token(from_dict={"userId": user.id, "value": self.token_value, "type": token_type}) repository.save(saved_token) assert Token.query.filter_by(value=self.token_value).first() is not None associated_user = get_user_with_valid_token(self.token_value, ["other_type"]) assert associated_user is None
def test_get_user_with_valid_token(self): user = users_factories.UserFactory() token_type = TokenType.RESET_PASSWORD expiration_date = datetime.now() + timedelta(hours=24) saved_token = Token( from_dict={ "userId": user.id, "value": self.token_value, "type": token_type, "expirationDate": expiration_date, } ) repository.save(saved_token) associated_user = get_user_with_valid_token(self.token_value, [token_type, "other-allowed-type"]) assert associated_user.id == user.id
def validate_email(body: ValidateEmailRequest) -> ValidateEmailResponse: user = users_repo.get_user_with_valid_token( body.email_validation_token, [TokenType.EMAIL_VALIDATION], use_token=False ) if not user: raise ApiErrors({"token": ["Le token de validation d'email est invalide."]}) user.isEmailValidated = True repository.save(user) update_external_user(user) response = ValidateEmailResponse( access_token=users_api.create_user_access_token(user), refresh_token=create_refresh_token(identity=user.email), ) return response
def test_get_user_with_valid_token_with_expired_date(self): user = users_factories.UserFactory() token_type = TokenType.RESET_PASSWORD saved_token = Token( from_dict={ "userId": user.id, "value": self.token_value, "type": token_type, "expirationDate": datetime.now() - timedelta(hours=24), } ) repository.save(saved_token) assert Token.query.filter_by(value=self.token_value).first() is not None associated_user = get_user_with_valid_token(self.token_value, [token_type]) assert associated_user is None
def post_new_password(): validate_new_password_request(request) token = request.get_json()["token"] new_password = request.get_json()["newPassword"] check_password_strength("newPassword", new_password) user = users_repo.get_user_with_valid_token(token, [TokenType.RESET_PASSWORD]) if not user: errors = ApiErrors() errors.add_error( "token", "Votre lien de changement de mot de passe est invalide.") raise errors user.setPassword(new_password) if not user.isEmailValidated: user.isEmailValidated = True update_external_user(user) repository.save(user) return "", 204
def check_activation_token_exists(token): user = users_repo.get_user_with_valid_token(token, [TokenType.RESET_PASSWORD], use_token=False) if user is None: return jsonify(), 404 return jsonify(), 200