canaille-globuzma/tests/core/test_password_reset.py

from canaille.core.endpoints.account import build_hash


def test_password_reset(testclient, user, backend):
    assert not backend.check_user_password(user, "foobarbaz")[0]
    hash = build_hash("user", user.preferred_email, user.password)

    res = testclient.get("/reset/user/" + hash, status=200)

    res.form["password"] = "foobarbaz"
    res.form["confirmation"] = "foobar"
    res = res.form.submit()
    res.mustcontain("Password and confirmation do not match.")
    res.mustcontain('data-percent="50"')

    res.form["password"] = "123"
    res.form["confirmation"] = "123"
    res = res.form.submit()
    res.mustcontain("Field must be at least 8 characters long.")

    res.form["password"] = "foobarbaz"
    res.form["confirmation"] = "foobarbaz"
    res = res.form.submit()
    assert ("success", "Your password has been updated successfully") in res.flashes
    assert res.location == "/profile/user"

    backend.reload(user)
    assert backend.check_user_password(user, "foobarbaz")[0]

    res = testclient.get("/reset/user/" + hash)
    assert (
        "error",
        "The password reset link that brought you here was invalid.",
    ) in res.flashes


def test_password_reset_multiple_emails(testclient, user, backend):
    user.emails = ["foo@bar.test", "foo@baz.test"]
    backend.save(user)

    assert not backend.check_user_password(user, "foobarbaz")[0]
    hash = build_hash("user", "foo@baz.test", user.password)

    res = testclient.get("/reset/user/" + hash, status=200)

    res.form["password"] = "foobarbaz"
    res.form["confirmation"] = "foobarbaz"
    res = res.form.submit()
    assert ("success", "Your password has been updated successfully") in res.flashes

    backend.reload(user)
    assert backend.check_user_password(user, "foobarbaz")[0]

    res = testclient.get("/reset/user/" + hash)
    assert (
        "error",
        "The password reset link that brought you here was invalid.",
    ) in res.flashes


def test_password_reset_bad_link(testclient, user):
    res = testclient.get("/reset/user/foobarbaz")
    assert (
        "error",
        "The password reset link that brought you here was invalid.",
    ) in res.flashes


def test_password_reset_bad_password(testclient, user, backend):
    hash = build_hash("user", user.preferred_email, user.password)

    res = testclient.get("/reset/user/" + hash, status=200)

    res.form["password"] = "foobarbaz"
    res.form["confirmation"] = "typo"
    res = res.form.submit(status=200)

    assert backend.check_user_password(user, "correct horse battery staple")[0]


def test_unavailable_if_no_smtp(testclient, user):
    res = testclient.get("/login")
    res.mustcontain("Forgotten password")

    res.form["login"] = "user"
    res = res.form.submit()
    res = res.follow()
    res.mustcontain("Forgotten password")

    testclient.get("/reset", status=200)

    testclient.app.config["CANAILLE"]["SMTP"] = None

    res = testclient.get("/login")
    res.mustcontain(no="Forgotten password")

    res.form["login"] = "user"
    res = res.form.submit()
    res = res.follow()
    res.mustcontain(no="Forgotten password")

    testclient.get("/reset", status=500, expect_errors=True)
refactor: gather endpoints in a 'endpoints' directory 2023-12-25 23:23:47 +00:00			`from canaille.core.endpoints.account import build_hash`
Refactored tests 2021-01-01 14:20:26 +00:00

refactor: move User.check_password and User.set_password methods to Backend 2024-04-07 18:12:13 +00:00			`def test_password_reset(testclient, user, backend):`
			`assert not backend.check_user_password(user, "foobarbaz")[0]`
fix: only the first password letter was used 2023-11-28 14:51:14 +00:00			`hash = build_hash("user", user.preferred_email, user.password)`
Refactored tests 2021-01-01 14:20:26 +00:00
			`res = testclient.get("/reset/user/" + hash, status=200)`

adds new tests for validators and progress bar for password strength in registration form and reset form 2024-12-18 12:10:59 +00:00			`res.form["password"] = "foobarbaz"`
			`res.form["confirmation"] = "foobar"`
			`res = res.form.submit()`
			`res.mustcontain("Password and confirmation do not match.")`
			`res.mustcontain('data-percent="50"')`

			`res.form["password"] = "123"`
			`res.form["confirmation"] = "123"`
			`res = res.form.submit()`
			`res.mustcontain("Field must be at least 8 characters long.")`

Refactored tests 2021-01-01 14:20:26 +00:00			`res.form["password"] = "foobarbaz"`
			`res.form["confirmation"] = "foobarbaz"`
Checks flask flashed messages with flask_webtest Response.flashes 2023-01-28 18:02:00 +00:00			`res = res.form.submit()`
typo 'successfuly' -> 'successfully' 2023-05-30 07:44:11 +00:00			`assert ("success", "Your password has been updated successfully") in res.flashes`
fix: redirection after password reset 2023-12-15 15:12:33 +00:00			`assert res.location == "/profile/user"`
Refactored tests 2021-01-01 14:20:26 +00:00
refactor: move BackendModel.reload to Backend.reload 2024-04-14 20:51:58 +00:00			`backend.reload(user)`
refactor: move User.check_password and User.set_password methods to Backend 2024-04-07 18:12:13 +00:00			`assert backend.check_user_password(user, "foobarbaz")[0]`
Refactored tests 2021-01-01 14:20:26 +00:00
			`res = testclient.get("/reset/user/" + hash)`
Checks flask flashed messages with flask_webtest Response.flashes 2023-01-28 18:02:00 +00:00			`assert (`
			`"error",`
			`"The password reset link that brought you here was invalid.",`
			`) in res.flashes`
Refactored tests 2021-01-01 14:20:26 +00:00

refactor: move User.check_password and User.set_password methods to Backend 2024-04-07 18:12:13 +00:00			`def test_password_reset_multiple_emails(testclient, user, backend):`
refactor: all domains used in the unit test suite are now .test this ensures they will never be valid, and will never generate real world requests 2024-11-20 22:30:44 +00:00			`user.emails = ["foo@bar.test", "foo@baz.test"]`
refactor: move BackendModel.save to Backend.save 2024-04-14 18:31:43 +00:00			`backend.save(user)`
send reset emails to all the user emails 2023-06-29 15:47:01 +00:00
refactor: move User.check_password and User.set_password methods to Backend 2024-04-07 18:12:13 +00:00			`assert not backend.check_user_password(user, "foobarbaz")[0]`
refactor: all domains used in the unit test suite are now .test this ensures they will never be valid, and will never generate real world requests 2024-11-20 22:30:44 +00:00			`hash = build_hash("user", "foo@baz.test", user.password)`
send reset emails to all the user emails 2023-06-29 15:47:01 +00:00
			`res = testclient.get("/reset/user/" + hash, status=200)`

			`res.form["password"] = "foobarbaz"`
			`res.form["confirmation"] = "foobarbaz"`
			`res = res.form.submit()`
			`assert ("success", "Your password has been updated successfully") in res.flashes`

refactor: move BackendModel.reload to Backend.reload 2024-04-14 20:51:58 +00:00			`backend.reload(user)`
refactor: move User.check_password and User.set_password methods to Backend 2024-04-07 18:12:13 +00:00			`assert backend.check_user_password(user, "foobarbaz")[0]`
send reset emails to all the user emails 2023-06-29 15:47:01 +00:00
			`res = testclient.get("/reset/user/" + hash)`
			`assert (`
			`"error",`
			`"The password reset link that brought you here was invalid.",`
			`) in res.flashes`


Refactored tests so ldap connection is not a mandatory argument anymore for most LDAPObject methods 2022-05-08 14:31:17 +00:00			`def test_password_reset_bad_link(testclient, user):`
Refactored tests 2021-01-01 14:20:26 +00:00			`res = testclient.get("/reset/user/foobarbaz")`
Checks flask flashed messages with flask_webtest Response.flashes 2023-01-28 18:02:00 +00:00			`assert (`
			`"error",`
			`"The password reset link that brought you here was invalid.",`
			`) in res.flashes`
Refactored tests 2021-01-01 14:20:26 +00:00

refactor: move User.check_password and User.set_password methods to Backend 2024-04-07 18:12:13 +00:00			`def test_password_reset_bad_password(testclient, user, backend):`
fix: only the first password letter was used 2023-11-28 14:51:14 +00:00			`hash = build_hash("user", user.preferred_email, user.password)`
Refactored tests 2021-01-01 14:20:26 +00:00
			`res = testclient.get("/reset/user/" + hash, status=200)`

			`res.form["password"] = "foobarbaz"`
			`res.form["confirmation"] = "typo"`
			`res = res.form.submit(status=200)`

refactor: move User.check_password and User.set_password methods to Backend 2024-04-07 18:12:13 +00:00			`assert backend.check_user_password(user, "correct horse battery staple")[0]`
Disabled invitation and password reset when no smtp server has been configured 2021-12-07 15:39:18 +00:00

			`def test_unavailable_if_no_smtp(testclient, user):`
			`res = testclient.get("/login")`
Unit tests use WebTest .mustcontain method when possible 2023-03-16 15:25:14 +00:00			`res.mustcontain("Forgotten password")`
Disabled invitation and password reset when no smtp server has been configured 2021-12-07 15:39:18 +00:00
unit tests: only use user_name to authenticate users 2023-05-11 13:33:34 +00:00			`res.form["login"] = "user"`
Disabled invitation and password reset when no smtp server has been configured 2021-12-07 15:39:18 +00:00			`res = res.form.submit()`
			`res = res.follow()`
Unit tests use WebTest .mustcontain method when possible 2023-03-16 15:25:14 +00:00			`res.mustcontain("Forgotten password")`
Disabled invitation and password reset when no smtp server has been configured 2021-12-07 15:39:18 +00:00
			`testclient.get("/reset", status=200)`

fix: SMTP feature can be disabled again 2024-05-14 21:04:32 +00:00			`testclient.app.config["CANAILLE"]["SMTP"] = None`
Disabled invitation and password reset when no smtp server has been configured 2021-12-07 15:39:18 +00:00
			`res = testclient.get("/login")`
Unit tests use WebTest .mustcontain method when possible 2023-03-16 15:25:14 +00:00			`res.mustcontain(no="Forgotten password")`
Disabled invitation and password reset when no smtp server has been configured 2021-12-07 15:39:18 +00:00
unit tests: only use user_name to authenticate users 2023-05-11 13:33:34 +00:00			`res.form["login"] = "user"`
Disabled invitation and password reset when no smtp server has been configured 2021-12-07 15:39:18 +00:00			`res = res.form.submit()`
			`res = res.follow()`
Unit tests use WebTest .mustcontain method when possible 2023-03-16 15:25:14 +00:00			`res.mustcontain(no="Forgotten password")`
Disabled invitation and password reset when no smtp server has been configured 2021-12-07 15:39:18 +00:00
			`testclient.get("/reset", status=500, expect_errors=True)`