def login_session_flow(self): """Do a full login-flow with cert signing etc.""" # Login as a new user. session = self._authenticate_as_new_user() session.get_email_status() session.fetch_keys() session.check_session_status() session.get_random_bytes() session.sign_certificate(DUMMY_PUBLIC_KEY) base_url = self.server_url[:-3] self.session.get(base_url + "/.well-known/browserid") stretchpwd = self._get_stretchpwd(session.email) self.client.change_password( session.email, oldstretchpwd=stretchpwd, newstretchpwd=stretchpwd, ) kwds = { "email": session.email, "stretchpwd": stretchpwd, "keys": True } session = self.client.login(**kwds) pftok = self.client.send_reset_code(session.email) pftok.get_status() # verify the password forgot code. acct = Restmail(email=session.email) mail = acct.wait_for_email(lambda m: "x-recovery-code" in m["headers"]) if not mail: raise RuntimeError("Password reset email was not received") acct.clear() code = mail["headers"]["x-recovery-code"] # Now verify with the actual code, and reset the account. artok = pftok.verify_code(code) self.client.reset_account( email=session.email, token=artok, stretchpwd=stretchpwd ) session = self.client.login(**kwds) session.destroy_session() self.client.destroy_account(email=session.email, stretchpwd=stretchpwd)
def _authenticate_as_new_user(self): email = self._get_user_email() stretchpwd = self._get_stretchpwd(email) kwds = { "email": email, "stretchpwd": stretchpwd, "keys": True } session = self.client.create_account(**kwds) # resend the confirmation email. session.resend_email_code() # verify the confirmation code. acct = Restmail(email=email) mail = acct.wait_for_email(lambda m: "x-verify-code" in m["headers"]) if not mail: raise RuntimeError("Verification email was not received") acct.clear() session.verify_email_code(mail["headers"]["x-verify-code"]) return self.client.login(**kwds)