Python auth_passwordreset_request示例

示例#1

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_reset_logout():
    """
    Testing that once password is successfully reset, the user is logged out.
    """
    clear()
    email = '*****@*****.**'
    result = auth.auth_register(email, 'abcdefg', 'John', 'Smith')
    auth.auth_passwordreset_request(email)
    reset_code = ''
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result['u_id']:
            reset_code = user['secret']
    password = '******'
    auth.auth_passwordreset_reset(reset_code, password)
    # comparing hashed password
    hashed = hashlib.sha256(password.encode()).hexdigest()
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        assert user['u_id'] != result['u_id']
    # making sure new hashed password is stored
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_users():
        if user['u_id'] == result['u_id']:
            assert user['password'] == hashed
    clear()

示例#2

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_reset_password_multiple_user():
    """
    Testing that password is actually updated
    """
    clear()
    email = '*****@*****.**'
    auth.auth_register('*****@*****.**', 'abcdefg', 'Jane', 'Smith')
    result = auth.auth_register(email, 'abcdefg', 'John', 'Smith')
    auth.auth_passwordreset_request(email)
    reset_code = ''
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result['u_id']:
            reset_code = user['secret']

    password = '******'
    auth.auth_passwordreset_reset(reset_code, password)
    # comparing hashed password
    hashed = hashlib.sha256(password.encode()).hexdigest()
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        assert user['u_id'] != result['u_id']
    # making sure new hashed password is stored
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_users():
        if user['u_id'] == result['u_id']:
            assert user['password'] == hashed
    clear()

示例#3

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_reset_invalid_secret():
    """
    Testing that invalid passwords cannot be used to reset
    """
    clear()
    email = '*****@*****.**'
    auth.auth_register(email, 'abcdefg', 'John', 'Smith')
    auth.auth_passwordreset_request(email)
    reset_code = 'invalid'
    with pytest.raises(InputError):
        auth.auth_passwordreset_reset(reset_code, 'new_password')
    clear()

示例#4

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_request_not_registered():
    """
    Testing that a user who is not registered is not added to 'reset_users'
    """
    clear()
    email_1 = '*****@*****.**'
    with pytest.raises(InputError):
        auth.auth_passwordreset_request(email_1)
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        assert user['email'] != email_1
    clear()

示例#5

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_request_logged_in():
    """
    Testing that a user can request a password reset when logged in
    """
    clear()
    email_1 = '*****@*****.**'
    result_1 = auth.auth_register(email_1, 'abcdefg', 'John', 'Smith')
    auth.auth_passwordreset_request(email_1)
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result_1['u_id']:
            assert user['email'] == email_1
    clear()

示例#6

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_request_multiple_users():
    """
    Testing multiple users who have requested to reset password
    """
    clear()
    email_1 = '*****@*****.**'
    email_2 = '*****@*****.**'
    email_3 = '*****@*****.**'
    email_4 = '*****@*****.**'
    result_1 = auth.auth_register(email_1, 'abcdefg', 'John', 'Smith')
    result_2 = auth.auth_register(email_2, 'abcdefg', 'John', 'Smith')
    result_3 = auth.auth_register(email_3, 'abcdefg', 'John', 'Smith')
    result_4 = auth.auth_register(email_4, 'abcdefg', 'John', 'Smith')
    auth.auth_passwordreset_request(email_1)
    auth.auth_passwordreset_request(email_2)
    auth.auth_passwordreset_request(email_3)
    auth.auth_passwordreset_request(email_4)
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result_1['u_id']:
            assert user['email'] == email_1
        if user['u_id'] == result_2['u_id']:
            assert user['email'] == email_2
        if user['u_id'] == result_3['u_id']:
            assert user['email'] == email_3
        if user['u_id'] == result_4['u_id']:
            assert user['email'] == email_4
    clear()

示例#7

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_reset_register():
    """
    Testing that when requested, a user is moved to a section of data that shows
    that they are trying to reset the password ie 'reset_users'
    """
    clear()
    email = '*****@*****.**'
    result = auth.auth_register(email, 'abcdefg', 'John', 'Smith')
    auth.auth_passwordreset_request(email)
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result['u_id']:
            assert user['email'] == email
    clear()

示例#8

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_login_reset_password():
    """
    Testing that a user should not be able to login when they have requested a
    password reset.
    """
    clear()
    auth.auth_register('*****@*****.**', 'abcdefg', 'Christian', 'Ilagan')
    user = auth.auth_register('*****@*****.**', 'abcdefg', 'Christian',
                              'Ilagan')
    auth.auth_logout(user['token'])
    auth.auth_passwordreset_request('*****@*****.**')
    with pytest.raises(AccessError):
        auth.auth_login('*****@*****.**', 'abcdefg')
    clear()

示例#9

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_reset_invalid_password_3():
    """
    Testing that invalid passwords cannot be used to reset
    """
    clear()
    email = '*****@*****.**'
    result = auth.auth_register(email, 'abcdefg', 'John', 'Smith')
    auth.auth_passwordreset_request(email)
    reset_code = ''
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result['u_id']:
            reset_code = user['secret']
    with pytest.raises(InputError):
        auth.auth_passwordreset_reset(reset_code, 'h')
    clear()

示例#10

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_reset_done():
    """
    Testing that once the password has successfully been reset, user is removed from
    'reset_users' field.
    """
    clear()
    email = '*****@*****.**'
    result = auth.auth_register(email, 'abcdefg', 'John', 'Smith')
    auth.auth_passwordreset_request(email)
    reset_code = ''
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result['u_id']:
            reset_code = user['secret']
    auth.auth_passwordreset_reset(reset_code, 'new_password')
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        assert user['u_id'] != result['u_id']
    clear()

示例#11

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_secret_unique_user():
    """
    Testing that the secret generated is unique each time requested
    """
    clear()
    email_1 = '*****@*****.**'
    result_1 = auth.auth_register(email_1, 'abcdefg', 'John', 'Smith')
    auth.auth_passwordreset_request(email_1)
    secret_1 = ''
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result_1['u_id']:
            secret_1 = user['secret']
    auth.auth_passwordreset_request(email_1)
    secret_2 = ''
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result_1['u_id']:
            secret_2 = user['secret']
    auth.auth_passwordreset_request(email_1)
    secret_3 = ''
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result_1['u_id']:
            secret_3 = user['secret']

    assert secret_1 != secret_2
    assert secret_1 != secret_3
    assert secret_2 != secret_3
    clear()

示例#12

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_secret_unique_users():
    """
    Testing that no 2 users have the same secret
    """
    clear()
    email_1 = '*****@*****.**'
    email_2 = '*****@*****.**'
    email_3 = '*****@*****.**'
    result_1 = auth.auth_register(email_1, 'abcdefg', 'John', 'Smith')
    result_2 = auth.auth_register(email_2, 'abcdefg', 'John', 'Smith')
    result_3 = auth.auth_register(email_3, 'abcdefg', 'John', 'Smith')
    auth.auth_passwordreset_request(email_1)
    auth.auth_passwordreset_request(email_2)
    auth.auth_passwordreset_request(email_3)
    secret_1 = ''
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result_1['u_id']:
            secret_1 = user['secret']
    auth.auth_passwordreset_request(email_1)
    secret_2 = ''
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result_2['u_id']:
            secret_2 = user['secret']
    auth.auth_passwordreset_request(email_1)
    secret_3 = ''
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result_3['u_id']:
            secret_3 = user['secret']

    assert secret_1 != secret_2
    assert secret_1 != secret_3
    assert secret_2 != secret_3
    clear()

示例#13

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_reset_consecutive():
    """
    Testing that a user can consecutively request and reset their password.
    """
    clear()
    email = '*****@*****.**'
    result = auth.auth_register(email, 'abcdefg', 'John', 'Smith')
    auth.auth_passwordreset_request(email)
    reset_code = ''
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result['u_id']:
            reset_code = user['secret']
    password = '******'
    auth.auth_passwordreset_reset(reset_code, password)
    # comparing hashed password
    hashed = hashlib.sha256(password.encode()).hexdigest()
    # making sure new hashed password is stored
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_users():
        if user['u_id'] == result['u_id']:
            assert user['password'] == hashed
    auth.auth_passwordreset_request(email)
    reset_code = ''
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result['u_id']:
            reset_code = user['secret']
    password = '******'
    auth.auth_passwordreset_reset(reset_code, password)
    # comparing hashed password
    hashed = hashlib.sha256(password.encode()).hexdigest()
    # making sure new hashed password is stored
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_users():
        if user['u_id'] == result['u_id']:
            assert user['password'] == hashed
    auth.auth_passwordreset_request(email)
    reset_code = ''
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result['u_id']:
            reset_code = user['secret']
    password = '******'
    auth.auth_passwordreset_reset(reset_code, password)
    # comparing hashed password
    hashed = hashlib.sha256(password.encode()).hexdigest()
    # making sure new hashed password is stored
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_users():
        if user['u_id'] == result['u_id']:
            assert user['password'] == hashed
    clear()

示例#14

def route_auth_passwordreset_request():
    """Given an email address, if the user is a registered user, send's them a 
    an email containing a specific secret code, that when entered in 
    auth_passwordreset_reset, shows that the user trying to reset the password 
    is the one who got sent this email.

    Args:
        email (string)

    Returns:
        (dict): {}
    """
    payload = request.get_json()
    email = payload['email']
    try:
        return dumps(auth.auth_passwordreset_request(email))
    except (InputError, AccessError) as e:
        return e

示例#15

文件： auth_test.py 项目： InfamousPaladin/Slack-like-web-app

def test_request_multiple():
    """
    Testing that a user can request multiple password resets.
    """
    clear()
    email_1 = '*****@*****.**'
    result_1 = auth.auth_register(email_1, 'abcdefg', 'John', 'Smith')
    auth.auth_passwordreset_request(email_1)
    auth.auth_passwordreset_request(email_1)
    auth.auth_passwordreset_request(email_1)
    auth.auth_passwordreset_request(email_1)
    data = pickle.load(open("data.p", "rb"))
    for user in data.get_reset_users():
        if user['u_id'] == result_1['u_id']:
            assert user['email'] == email_1
    # the same user should be able to request multiple times,
    # however it should not add the same user to reset_users
    # multiple times
    assert len(data.get_reset_users()) == 1
    clear()