def test_forcing_password_reset_with_mismatched_pw_fails(): user_id = db_utils.create_user() password = '******' form = Bag(password=password, passcheck='1234567890987') with pytest.raises(WeasylError) as err: resetpassword.force(user_id, form) assert 'passwordMismatch' == err.value.value
def test_forcing_password_reset_with_too_short_length_fails(): # Anything under len(login._PASSWORD) characters triggers this case user_id = db_utils.create_user() password = '******' form = Bag(password=password, passcheck=password) with pytest.raises(WeasylError) as err: resetpassword.force(user_id, form) assert 'passwordInsecure' == err.value.value
def test_verify_success_if_correct_information_provided(): user_name = 'test' user_id = db_utils.create_user(password='******', username=user_name) password = '******' form = Bag(password=password, passcheck=password) resetpassword.force(user_id, form) result = login.authenticate_bcrypt(username=user_name, password=password, session=False) assert result == (user_id, None)
def POST(self): if define.common_status_check(self.user_id) != "resetpassword": return define.errorpage(self.user_id, errorcode.permission) form = web.input(password="", passcheck="") resetpassword.force(self.user_id, form) raise web.seeother("/index")
def force_resetpassword_(request): if define.common_status_check(request.userid) != "resetpassword": return Response(define.errorpage(request.userid, errorcode.permission)) form = request.web_input(password="", passcheck="") resetpassword.force(request.userid, form) raise HTTPSeeOther(location="/", headers=request.response.headers)
def test_verify_success_if_correct_information_provided(): user_name = 'test' user_id = db_utils.create_user(password='******', username=user_name) password = '******' form = Bag(password=password, passcheck=password) resetpassword.force(user_id, form) result = login.authenticate_bcrypt(username=user_name, password=password, request=None) assert result == (user_id, None)
def force_resetpassword_(request): if define.common_status_check(request.userid) != "resetpassword": return Response(define.errorpage(request.userid, errorcode.permission)) form = request.web_input(password="", passcheck="") resetpassword.force(request.userid, form) # Invalidate all other user sessions for this user. profile.invalidate_other_sessions(request.userid) raise HTTPSeeOther(location="/", headers=request.response.headers)
def force_resetpassword_(request): if define.common_status_check(request.userid) != "resetpassword": raise WeasylError('InsufficientPermissions') form = request.web_input(password="", passcheck="") resetpassword.force(request.userid, form) # Invalidate all other user sessions for this user. profile.invalidate_other_sessions(request.userid) raise HTTPSeeOther(location="/", headers=request.response.headers)