示例#1
0
def test_authenticate_fail():
    """Tests that a user can be authenticated with their password."""
    user = User(email='*****@*****.**').save()
    user_management.set_password(user, 'password')
    user.save()
    assert user_management.authenticate_user('*****@*****.**',
                                             '123456') is None
示例#2
0
def add_user(user_email, password=None, admin=False):
    user = User(email=user_email, admin=admin).save()
    user_management.set_password(user, password)
    user.save()
    print(f'User {user_email} created succesfully (ID: {user.id})')
    print(f'Admin: {user.admin}')
    print(f'API key: {user.api_key}')
示例#3
0
def populate_users():
    admin = User(email='*****@*****.**', admin=True).save()
    user_management.set_password(admin, 'admin')
    admin.save()
    user = User(email='*****@*****.**', ).save()
    user_management.set_password(user, 'user')
    user.save()
    return [admin, user]
示例#4
0
def test_no_override_password():
    """Tests that updates to a user do not override their password."""
    user = User(email='*****@*****.**').save()
    user_management.set_password(user, 'password')
    user.save()
    user.email = '*****@*****.**'
    user.save()
    user = User.find(email='*****@*****.**')
    assert user.email == '*****@*****.**'
    assert check_password_hash(user.password, 'password')
示例#5
0
def reset_password(user_email, password=None):
    user = User.find(email=user_email)
    if not user:
        print(f'No such user: {user_email}')
        exit(-1)
    user_management.set_password(user, password)
    user.save()
    print(f'Password for {user_email} reset succesfully.')
    print(f'Admin: {user.admin}')
    print(f'API key: {user.api_key}')
示例#6
0
def test_password_reset_expires_token(populate_users, authenticated_client):
    """Tests a password reset expires a users JWT."""
    rv = authenticated_client.get('/api/users/protected/',
                    content_type='application/json')
    assert rv.status_code == 200
    time.sleep(2)
    admin = populate_users[0]
    user_management.set_password(admin)
    admin.save()
    rv = authenticated_client.get('/api/users/protected/',
                    content_type='application/json')
    assert rv.status_code == 401
示例#7
0
def add_user(user_email, password=None, admin=False):
    try:
        user = User(email=user_email, admin=admin).save()
        user_management.set_password(user, password)
        user.save()
    except IntegrityError:  # user already exists, force reset password
        user = User.get_or_create(email=user_email)
        user_management.set_password(user, password)

    print(f'User {user_email} created succesfully (ID: {user.id})')
    print(f'Admin: {user.admin}')
    print(f'API key: {user.api_key}')
示例#8
0
def test_existing_user_auto_password(populate_users):
    """Tests that an existing user's password can be regenerated."""
    user = populate_users[0]
    password = user_management.set_password(user)
    user.save()
    assert len(password) == 32
    assert check_password_hash(user.password, password)
示例#9
0
def test_existing_user_manual_password(populate_users):
    """Tests that a password can be set on an existing user."""
    user = populate_users[0]
    user_management.set_password(user, 'weakpassword')
    user.save()
    assert check_password_hash(user.password, 'weakpassword')