def test_change_password(self):
user = PortalUser(email="*****@*****.**",
first_name="Test",
last_name="User")
user.set_password("password")
user.save()
login_data = {"email": "*****@*****.**", "password": "******"}
response = self.client.post('/login',
data=login_data,
follow_redirects=True)
response = self.client.get('/user/[email protected]/change_password/')
assert response.status_code == 200
pw_data = {"password": "******", "confirm": "newpassword"}
response = self.client.post('/user/[email protected]/change_password/',
data=pw_data,
follow_redirects=True)
assert response.status_code == 200
assert PortalUser.check_login("*****@*****.**", "newpassword")
assert not PortalUser.check_login("*****@*****.**", "password")
self.client.get("/logout")
login_data = {"email": "*****@*****.**", "password": "******"}
response = self.client.post('/login',
data=login_data,
follow_redirects=True)
assert "Invalid" not in response.data
assert "You were logged in" in response.data
def test_login(self):
user = PortalUser(email="*****@*****.**",
first_name="Test",
last_name="User")
user.set_password("password")
user.save()
response = self.client.get('/login')
assert response.status_code == 200
# bogus logins cause errors
# TODO -- test that session is not set
login_data = {"email": "*****@*****.**", "password": "******"}
response = self.client.post('/login', data=login_data)
assert "Invalid" in response.data
login_data = {"email": "*****@*****.**", "password": "******"}
response = self.client.post('/login', data=login_data)
assert "Invalid" in response.data
login_data = {"email": "*****@*****.**", "password": "******"}
response = self.client.post('/login',
data=login_data,
follow_redirects=True)
assert "Invalid" not in response.data
assert "You were logged in" in response.data
# now we can get
response = self.client.get('/user/all/')
assert response.status_code == 200
def test_user_model(self):
user = PortalUser(email="*****@*****.**",
first_name="Test",
last_name="User")
user.save()
assert PortalUser.find_by_email("*****@*****.**")
assert PortalUser.find_by_key(ObjectId()) == None
def test_passwords(self):
user = PortalUser(email="*****@*****.**",
first_name="Test",
last_name="User")
user.set_password("password")
user.save()
assert PortalUser.check_login("*****@*****.**", "password")
assert not PortalUser.check_login("*****@*****.**", "password")
assert not PortalUser.check_login("*****@*****.**", "wrong")
def test_bootstrap_error(self):
user = PortalUser(email="*****@*****.**",
first_name="Test",
last_name="User")
user.save()
response = self.client.get('/bootstrap/')
# since we have a user now, bootstrap should fail
response = self.client.get('/user/create/')
logging.info("response status: %s" % response.status_code)
assert response.status_code == 302
def test_change_email(self):
user = PortalUser(email="*****@*****.**",
first_name="Test",
last_name="User")
user.set_password("password")
user.save()
login_data = {"email": "*****@*****.**", "password": "******"}
response = self.client.post('/login',
data=login_data,
follow_redirects=True)
test_data = {
"email": '*****@*****.**',
"first_name": "Test",
"last_name": "User",
"id": str(user.id),
}
response = self.client.post('/user/save/',
data=test_data,
follow_redirects=False)
assert PortalUser.find_by_email("*****@*****.**")
assert PortalUser.check_login("*****@*****.**", "password")
def save_user():
needs_password = '******' in request.form
if needs_password:
form = NewUserForm(request.form)
else:
form = UserForm(request.form)
if form.validate():
email = form.email.data
if form.id.data:
user = PortalUser.find_by_key(form.id.data)
else:
user = PortalUser.find_by_email(email)
if not user:
user = PortalUser(email=email)
form.populate_obj(user)
if 'password' in request.form:
user.set_password(form.password.data)
user.save()
return redirect(url_for('list_users'))
else:
return render_template('user_detail.html',
form=form,
needs_password=needs_password)
