def test_force_login_fails_if_email_unconfirmed_for_new_users(self): """ Abort force login if email is not confirmed for new users""" with user_events.disconnect_receivers(): user = self.create_user(False) with self.app.test_request_context(): with self.assertRaises(x.EmailNotConfirmed): user_service.force_login(user)
def test_force_login_drops_counter_on_success(self): """ Drop failed login counter on force login """ with user_events.disconnect_receivers(): user = self.create_user() user.failed_logins = 5 user_service.save(user) with self.app.test_request_context(): user_service.force_login(user) self.assertEqual(0, user.failed_logins)
def test_force_login_fails_if_locked(self): """ Abort force login if locked """ with user_events.disconnect_receivers(): user = self.create_user() user.lock_account() user_service.save(user) with self.app.test_request_context(): with self.assertRaises(x.AccountLocked): user_service.force_login(user)
def test_password_change(self): """ Password change possible """ u = self.create_user() with events.events.disconnect_receivers(): with self.app.test_request_context(): user_service.force_login(u) self.assertTrue(current_user.is_authenticated) user_service.change_password(u, '0987654') self.assertFalse(current_user.is_authenticated) self.assertTrue(u.verify_password('0987654'))
def test_password_change_emits_event(self): """ Password change """ u = self.create_user() with events.events.disconnect_receivers(): spy = mock.Mock() events.password_changed_event.connect(spy, weak=False) with self.app.test_request_context(): user_service.force_login(u) self.assertTrue(current_user.is_authenticated) user_service.change_password(u, '0987654') self.assertFalse(current_user.is_authenticated) self.assertTrue(u.verify_password('0987654')) spy.assert_called_with(u)
def dispatch_request(self, id=None, link=None): try: ok = user_service.confirm_email_with_link(link) except x.EmailLinkExpired: return redirect(url_for(self.expired_endpoint, id=id)) if not ok: abort(404) user_service.force_login(ok) session.pop('_flashes', None) if self.flash: flash(self.confirmed_message, 'success') return redirect(self.redirect)
def test_changing_email_sends_email(self): """ Send email message with confirmation link when changing email""" with events.events.disconnect_receivers(): with mail.record_messages() as out: with self.app.test_request_context(): u = self.create_user() user_service.force_login(u) self.assertTrue(current_user.is_authenticated) res = user_service.change_email(u, '*****@*****.**') self.assertIsInstance(res, User) self.assertEqual('*****@*****.**', u.email_new) self.assertIsNotNone(u.email_link) self.assertEquals(1, len(out)) # regression: ensure email sent to **new** email not the current one self.assertEquals(1, len(out[0].recipients)) self.assertIn(u.email_new, out[0].recipients)
def test_change_email_possible(self): """ Email change procedure is possible""" with events.events.disconnect_receivers(): with self.app.test_request_context(): u = self.create_user() user_service.force_login(u) self.assertTrue(current_user.is_authenticated) res = user_service.change_email(u, '*****@*****.**', send_message=False) self.assertIsInstance(res, User) self.assertEqual('*****@*****.**', u.email_new) self.assertIsNotNone(u.email_link) # do not log out self.assertTrue(current_user.is_authenticated)
def test_force_login(self): """ Can force login a user """ user = self.create_user() with user_events.disconnect_receivers(): with self.app.test_request_context(): res = user_service.force_login(user) self.assertTrue(res) self.assertTrue(current_user.is_authenticated)
def dispatch_request(self): if current_user.is_authenticated: return redirect('/') cfg = current_app.config send_welcome = cfg.get('USER_SEND_WELCOME_MESSAGE') base_confirm_url = cfg.get('USER_BASE_EMAIL_CONFIRM_URL') if not base_confirm_url: base_confirm_url = url_for('user.confirm.email.request', _external=True) form = self.form(schema=self.schema()) if form.validate_on_submit(): data = {} for field in self.data_fields: data[field] = getattr(form, field).data user = user_service.register(user_data=data, send_welcome=send_welcome, base_confirm_url=base_confirm_url) if not user: redirect(url_for(self.redirect_fail_endpoint)) elif user and user_service.require_confirmation: return redirect(url_for(self.redirect_success_endpoint)) else: user_service.force_login(user) if self.flash: flash(self.force_login_message, 'success') return redirect(self.force_login_redirect) elif form.is_submitted(): if self.flash: flash(self.invalid_message, 'danger') params = dict(form=form) if self.params: additional = deepcopy(self.params) params = params.update(additional) return render_template(self.template, **params)
def test_force_login_doesnt_fail_if_email_unconfirmed_for_existing(self): """ Force login for existing users with unconfirmed email """ with user_events.disconnect_receivers(): user = self.create_user() with self.app.test_request_context(): user_service.force_login(user)