def test_reset_password(self, client, db, user):
        # Requests password reset
        client.post(url_for('auth.forgot_password'),
                          dict(email=user.email)).follow()

        # User has valid UserPasswordToken
        valid_token = UserPasswordToken.valid_token(user.id)
        assert valid_token

        # Invalid user/token combo does not display reset form
        res = client.get(url_for('auth.reset_password', userid=user.id, reset="moop"))
        assert not res.forms.get('reset-form')

        # Valid user/token combo displays reset form
        res = client.get(url_for('auth.reset_password', userid=user.id, value=valid_token.value))
        assert res.forms.get('reset-form')

        # Password is changed on form submit
        reset_form = res.forms.get('reset-form')
        reset_form['password'] = '******'
        reset_form['confirm'] = 'joejoe'
        reset_form.submit()
        assert user.verify_password('joejoe')

        # User has no more valid UserPasswordToken
        assert not UserPasswordToken.valid_token(user.id)

        # Previous valid token no longer works. Does not display reset form
        res = client.get(url_for('auth.reset_password', userid=user.id, value=valid_token.value))
        assert not res.forms.get('reset-form')
    def test_forgot_password(self, client, db, user):
        # User has no valid reset tokens initially
        assert not UserPasswordToken.valid_token(user.id)

        # Go to forgot password page
        res = client.get(url_for('auth.forgot_password'), status=200)

        # Submits bad email, forgot-form is still displayed
        res.forms['forgot-form']['email'] = 'moop'
        res = res.forms['forgot-form'].submit()
        assert res.forms.get('forgot-form')

        # Submits good email, forgot-form is no longer displayed
        res.forms['forgot-form']['email'] = user.email
        res = res.forms['forgot-form'].submit()
        assert not res.forms.get('forgot-form')

        # User now has a valid UserPasswordToken
        assert UserPasswordToken.valid_token(user.id)
示例#3
0
    def test_forgot_password(self, client, db, user):
        # User has no valid reset tokens initially
        assert not UserPasswordToken.valid_token(user.id)

        # Go to forgot password page
        res = client.get(url_for('auth.forgot_password'), status=200)

        # Submits bad email, forgot-form is still displayed
        res.forms['forgot-form']['email'] = 'moop'
        res = res.forms['forgot-form'].submit()
        assert res.forms.get('forgot-form')

        # Submits good email, forgot-form is no longer displayed
        res.forms['forgot-form']['email'] = user.email
        res = res.forms['forgot-form'].submit()
        assert not res.forms.get('forgot-form')

        # User now has a valid UserPasswordToken
        assert UserPasswordToken.valid_token(user.id)
示例#4
0
    def test_reset_password(self, client, db, user):
        # Requests password reset
        client.post(url_for('auth.forgot_password'),
                    dict(email=user.email)).follow()

        # User has valid UserPasswordToken
        valid_token = UserPasswordToken.valid_token(user.id)
        assert valid_token

        # Invalid user/token combo does not display reset form
        res = client.get(
            url_for('auth.reset_password', userid=user.id, reset="moop"))
        assert not res.forms.get('reset-form')

        # Valid user/token combo displays reset form
        res = client.get(
            url_for('auth.reset_password',
                    userid=user.id,
                    value=valid_token.value))
        assert res.forms.get('reset-form')

        # Password is changed on form submit
        reset_form = res.forms.get('reset-form')
        reset_form['password'] = '******'
        reset_form['confirm'] = 'joejoe'
        reset_form.submit()
        assert user.verify_password('joejoe')

        # User has no more valid UserPasswordToken
        assert not UserPasswordToken.valid_token(user.id)

        # Previous valid token no longer works. Does not display reset form
        res = client.get(
            url_for('auth.reset_password',
                    userid=user.id,
                    value=valid_token.value))
        assert not res.forms.get('reset-form')
示例#5
0
 def test_valid_token(self, user, db):
     # Valid token is found
     invalid_token = UserPasswordToken(user=user, used=True).save()
     valid_token = UserPasswordToken(user=user).save()
     assert UserPasswordToken.valid_token(user.id) == valid_token