def add_user(user_email, password=None, admin=False): user = User(email=user_email, admin=admin).save() user_management.set_password(user, password) user.save() print(f'User {user_email} created succesfully (ID: {user.id})') print(f'Admin: {user.admin}') print(f'API key: {user.api_key}')
def test_authenticate_fail(): """Tests that a user can be authenticated with their password.""" user = User(email='*****@*****.**').save() user_management.set_password(user, 'password') user.save() assert user_management.authenticate_user('*****@*****.**', '123456') is None
def inner(*args, **kwargs): auth_headers = request.headers.get('Authorization', None) api_key = request.headers.get('X-Yeti-API', None) user = None if api_key: user = User.find(api_key=api_key) if not user: return INVALID_API_KEY, 401 if auth_headers: try: token = auth_headers.split()[1] data = jwt.decode(token, yeti_config.core.secret_key) user = User.find(email=data['sub']) issued_at = datetime.utcfromtimestamp(data['iat']) last_pwd_reset = user.last_password_change.replace( microsecond=0) if issued_at < last_pwd_reset: return EXPIRED_TOKEN, 401 except jwt.ExpiredSignatureError: return EXPIRED_TOKEN, 401 except jwt.InvalidTokenError: pass if not user: return INVALID_TOKEN, 401 g.user = user return f(*args, **kwargs)
def add_user(user_email, password=None, admin=False): try: user = User(email=user_email, admin=admin).save() user_management.set_password(user, password) user.save() except IntegrityError: # user already exists, force reset password user = User.get_or_create(email=user_email) user_management.set_password(user, password) print(f'User {user_email} created succesfully (ID: {user.id})') print(f'Admin: {user.admin}') print(f'API key: {user.api_key}')
def clean_db(): # pylint: disable=protected-access # We need to access the collections to make sure they are in the cache Entity._get_collection() Indicator._get_collection() Malware._get_collection() Observable._get_collection() Hostname._get_collection() Tag._get_collection() Vocabs._get_collection() Relationship._get_collection() User._get_collection() db.clear()
def create_user(email, password=None): """Creates a user in the database. Args: email: The user's email address. password: The user's cleartext password. Returns: The new User object. """ user = User(email=email) set_password(user, password) return user.save()
def populate_users(): admin = User(email='*****@*****.**', admin=True).save() user_management.set_password(admin, 'admin') admin.save() user = User(email='*****@*****.**', ).save() user_management.set_password(user, 'user') user.save() return [admin, user]
def test_no_override_password(): """Tests that updates to a user do not override their password.""" user = User(email='*****@*****.**').save() user_management.set_password(user, 'password') user.save() user.email = '*****@*****.**' user.save() user = User.find(email='*****@*****.**') assert user.email == '*****@*****.**' assert check_password_hash(user.password, 'password')
def reset_password(user_email, password=None): user = User.find(email=user_email) if not user: print(f'No such user: {user_email}') exit(-1) user_management.set_password(user, password) user.save() print(f'Password for {user_email} reset succesfully.') print(f'Admin: {user.admin}') print(f'API key: {user.api_key}')
def authenticate_user(email, password): """Authenticates a user against the information in the database. Args: email: The user's email address. password: The user's cleartext password. Returns: A User obejct if authentication is successful, None otherwise. """ user = User.find(email=email) if not user: return None if check_password_hash(user.password, password): return user return None
def test_filter_users(populate_users): """Tests that users are correctly populated and can be searched for.""" users = User.filter({'email': 'user'}) assert len(users) == 1 users = User.filter({'email': 'admin'}) assert len(users) == 1