|
|
@ -80,6 +80,52 @@ def test_user_is_active(role_name, is_active): |
|
|
|
assert user.is_active == is_active |
|
|
|
assert user.is_active == is_active |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_user_set_password(): |
|
|
|
|
|
|
|
''' test password hash generation ''' |
|
|
|
|
|
|
|
from ordr2.models.users import User, passlib_context |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
passlib_context.update(schemes=['argon2', 'bcrypt']) |
|
|
|
|
|
|
|
user = User(password_hash=None) |
|
|
|
|
|
|
|
password = 'Fish Slapping Dance' |
|
|
|
|
|
|
|
user.set_password(password) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
assert user.password_hash.startswith('$argon2') |
|
|
|
|
|
|
|
assert password not in user.password_hash |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@pytest.mark.parametrize( |
|
|
|
|
|
|
|
'password', [ |
|
|
|
|
|
|
|
'Fish Slapping Dance', |
|
|
|
|
|
|
|
pytest.mark.xfail('Argument Clinic') |
|
|
|
|
|
|
|
] |
|
|
|
|
|
|
|
) |
|
|
|
|
|
|
|
def test_user_check_password_ok(password): |
|
|
|
|
|
|
|
''' test password check ''' |
|
|
|
|
|
|
|
from ordr2.models.users import User, passlib_context |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
passlib_context.update(schemes=['argon2', 'bcrypt'], deprecated='auto') |
|
|
|
|
|
|
|
user = User(password_hash=None) |
|
|
|
|
|
|
|
user.set_password('Fish Slapping Dance') |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
assert user.check_password(password) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_user_check_password_deprecated_hash(): |
|
|
|
|
|
|
|
''' test password check updates deprecated hash with new algorithm ''' |
|
|
|
|
|
|
|
from ordr2.models.users import User |
|
|
|
|
|
|
|
from ordr2.security import passlib_context |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
passlib_context.update(schemes=['argon2', 'bcrypt'], deprecated='auto') |
|
|
|
|
|
|
|
password = 'Fish Slapping Dance' |
|
|
|
|
|
|
|
bcrypt_hash = passlib_context.hash(password, scheme='bcrypt') |
|
|
|
|
|
|
|
user = User(password_hash=bcrypt_hash) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
assert user.check_password(password) |
|
|
|
|
|
|
|
assert user.password_hash != bcrypt_hash |
|
|
|
|
|
|
|
assert user.password_hash.startswith('$argon2') |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def test_user_string_representation(): |
|
|
|
def test_user_string_representation(): |
|
|
|
''' test the string representation of the user ''' |
|
|
|
''' test the string representation of the user ''' |
|
|
|
from ordr2.models.users import User, Role |
|
|
|
from ordr2.models.users import User, Role |
|
|
|