ramon
/
skillbox
1
0
Fork 0
Code Issues 1 Pull Requests 1 Packages Projects 1 Releases 1 Wiki Activity
skillbox/server/users/tests/test_password_reset.py

136 lines
4.7 KiB
Python
Raw Blame History

# -*- coding: utf-8 -*-
#
# ITerativ GmbH
# http://www.iterativ.ch/
#
# Copyright (c) 2019 ITerativ GmbH. All rights reserved.
#
# Created on 2019-10-02
# @author: chrigu <christian.cueni@iterativ.ch>
from django.contrib.auth.tokens import PasswordResetTokenGenerator
from django.contrib.sessions.middleware import SessionMiddleware
from django.core import mail
from django.test import TestCase, RequestFactory
from django.utils.encoding import force_bytes
from django.utils.http import urlsafe_base64_encode
from graphene.test import Client
from api.schema_public import schema
from core.factories import UserFactory
class PasswordResetTests(TestCase):
def setUp(self):
self.user = UserFactory(username='aschi')
request = RequestFactory().post('/')
# adding session
middleware = SessionMiddleware()
middleware.process_request(request)
request.session.save()
self.client = Client(schema=schema, context_value=request)
def make_reset_mutation(self, email):
mutation = '''
mutation PasswordReset($input: PasswordResetInput!){
passwordReset(input: $input) {
success
errors {
field
}
}
}
'''
return self.client.execute(mutation, variables={
'input': {
'emailInput': email
}
})
def make_set_verify_mutation(self, uidb64, token):
mutation = '''
mutation PasswordResetVerify($input: PasswordResetVerifyInput!){
passwordResetVerify(input: $input) {
success
errors {
field
}
}
}
'''
return self.client.execute(mutation, variables={
'input': {
'uidb64Input': uidb64,
'tokenInput': token
}
})
def make_set_password_mutation(self, uidb64, new_password, new_password_confirm):
mutation = '''
mutation PasswordResetSetPassword($input: PasswordResetSetPasswordInput!){
passwordResetSetPassword(input: $input) {
success
errors {
field
}
}
}
'''
return self.client.execute(mutation, variables={
'input': {
'uidb64Input': uidb64,
'newPasswordInput': new_password,
'confirmNewPasswordInput': new_password_confirm,
}
})
def test_user_can_initiate_password(self):
result = self.make_reset_mutation(self.user.email)
self.assertEqual(len(mail.outbox), 1)
self.assertTrue(mail.outbox[0].subject.startswith('Passwort auf'))
self.assertTrue(result.get('data').get('passwordReset').get('success'))
def test_user_can_verify_and_set_password(self):
token_generator = PasswordResetTokenGenerator()
token = token_generator.make_token(self.user)
uidb64 = urlsafe_base64_encode(force_bytes(self.user.pk)).decode()
result = self.make_set_verify_mutation(uidb64, token)
self.assertTrue(result.get('data').get('passwordResetVerify').get('success'))
new_password = 'Abcd1234!'
set_result = self.make_set_password_mutation(uidb64, new_password, new_password)
self.assertTrue(set_result.get('data').get('passwordResetSetPassword').get('success'))
def test_user_cannot_use_unsafe_password(self):
token_generator = PasswordResetTokenGenerator()
token = token_generator.make_token(self.user)
uidb64 = urlsafe_base64_encode(force_bytes(self.user.pk)).decode()
result = self.make_set_verify_mutation(uidb64, token)
self.assertTrue(result.get('data').get('passwordResetVerify').get('success'))
new_password = 'test'
set_result = self.make_set_password_mutation(uidb64, new_password, new_password)
self.assertFalse(set_result.get('data').get('passwordResetSetPassword').get('success'),)
def test_new_passwords_must_match(self):
token_generator = PasswordResetTokenGenerator()
token = token_generator.make_token(self.user)
uidb64 = urlsafe_base64_encode(force_bytes(self.user.pk)).decode()
result = self.make_set_verify_mutation(uidb64, token)
self.assertTrue(result.get('data').get('passwordResetVerify').get('success'))
new_password = 'Abcd1234!'
new_password_confirm = 'Abcd1234!1'
set_result = self.make_set_password_mutation(uidb64, new_password, new_password_confirm)
self.assertFalse(set_result.get('data').get('passwordResetSetPassword').get('success'))
Reference in New Issue View Git Blame Copy Permalink