def test_incorrect_method():
h = User.hash_password('somepassword')
h = h.replace('sha512'.encode('utf-8'), 'bb'.encode('utf-8'))
u = User({'username': '', 'password': h})
with pytest.raises(Exception):
u.check_password('aaa')
def test_authenticate(collection):
User.create('me', 'password')
u = User.get('me', 'password')
auth_key = u.authenticate()
u = User.get('me', 'password')
assert u.dbrow['auth_keys'] == auth_key, 'Authkey not saved correctly'
def test_password_is_hashed(collection, mock_exists):
User.create('myuser', 'mypassword')
client = Client()
coll = client.get_user_collection()
user = coll.find_one({'username': '******'})
assert user['password'] != 'mypassword'.encode('utf-8'), 'password isn\'t hashed'
assert 'mypassword'.encode('utf-8') not in user['password']
def test_authenticate_twice(collection):
User.create('me', 'password')
u = User.get('me', 'password')
auth_key = u.authenticate()
u = User.get('me', 'password')
auth_key2 = u.authenticate()
u = User.get('me', 'password')
got1, got2 = u.dbrow['auth_keys'].split(' '.encode('utf-8'))
assert got1 == auth_key
assert got2 == auth_key2
def on_message(self, message):
message_dict = json.loads(message)
message_id = message_dict.get('id', 0)
if 'subscribe' in message_dict:
user = message_dict.get('username')
auth_key = message_dict.get('authkey')
if User.is_authenticated(user, auth_key):
self.subscriptions.extend(message_dict.get('subscribe'))
if 'register' in message_dict:
name = message_dict['register'].get('name')
password = message_dict['register'].get('password')
try:
user_id = User.create(name, password)
except UserExists:
self.send_exception(message_id, 'User with that name already exists')
except Exception as e:
print(e)
self.send_exception(message_id, 'Unknown problem')
else:
self.write_message(json.dumps({
'id': message_id,
'type': 'registration',
'user_id': str(user_id),
}))
if 'authenticate' in message_dict:
name = message_dict['authenticate'].get('name')
password = message_dict['authenticate'].get('password')
try:
u = User.get(name, password)
except Exception:
self.send_exception(message_id, 'Invalid username/password')
else:
auth_key = u.authenticate()
self.write_message(json.dumps({
'id': message_id,
'type': 'authenticate',
'key': auth_key,
}))
def test_create(collection, mock_exists):
user_id = User.create('myuser', 'mypassword')
assert user_id
assert collection.call_count == 1
client = Client()
coll = client.get_user_collection()
assert coll.find_one({'username': '******'})
def test_user_get_failed_password(mock_get, collection):
User.create('me', 'password')
with pytest.raises(Exception):
User.get('me', 'passwd2')
def test_check_password_incorrect():
h = User.hash_password('somepassword')
u = User({'username': '', 'password': h})
assert not u.check_password('incorrect'), 'Password check failed'
def test_check_password_success():
h = User.hash_password('somepassword')
u = User({'username': '', 'password': h})
assert u.check_password('somepassword'), 'Password check failed'
def test_exists(collection):
collection.insert_one({'username': '******'})
assert not User.exists('me')
def test_create_already_existing(mock_exists):
with pytest.raises(UserExists):
User.create('some', 'pass')
def test_hash_method_stored():
m, s, h = User.hash_password('something').split('$'.encode('utf-8'))
assert m == 'sha512'.encode('utf-8')
def test_exists_not(collection):
assert not User.exists('me')
def test_is_authenticated_no_user(collection):
assert not User.is_authenticated('me', 'aa'.encode('utf-8')), 'Non existing user authenticated'
def test_is_authenticated_fail(collection):
User.create('me', 'password')
User.get('me', 'password')
assert not User.is_authenticated('me', 'aa'.encode('utf-8')), 'User isn\'t authenticated'
def test_is_authenticated(collection):
User.create('me', 'password')
u = User.get('me', 'password')
auth_key = u.authenticate()
assert User.is_authenticated('me', auth_key), 'User isn\'t authenticated'
