Skip to content

Commit 636265d

Browse files
mdipierromdipierro
committed
fixed tests
1 parent 1bbe1c3 commit 636265d

File tree

2 files changed

+23
-17
lines changed

2 files changed

+23
-17
lines changed

py4web/utils/auth.py

+14-17
Original file line numberDiff line numberDiff line change
@@ -569,12 +569,9 @@ def login(self, email, password):
569569
# first check if we have a plugin that can check credentials
570570

571571
for plugin in self.plugins.values():
572-
print(plugin)
573572
if not hasattr(plugin, "get_login_url"):
574573
prevent_db_lookup = True
575-
print("OK")
576574
if plugin.check_credentials(email, password):
577-
print("plugin accepted")
578575
# if the creadentials are independently validated
579576
# get of create the user (if does not exist)
580577
user_info = {}
@@ -586,25 +583,28 @@ def login(self, email, password):
586583
else:
587584
user_info["email"] = email + "@example.com"
588585
user = self.get_or_register_user(user_info)
589-
print(user)
590586
break
591587

592588
# else check against database
593589
if not prevent_db_lookup:
594590
value = email.lower()
595-
field = db.auth_user.email if "@" in value else db.auth_user.username
591+
field = (
592+
db.auth_user.email
593+
if "@" in value or not self.use_username
594+
else db.auth_user.username
595+
)
596596
user = db(field == value).select().first()
597597
if user and not (CRYPT()(password)[0] == user.password):
598598
user = None
599599

600600
# then check for possible login blockers
601601
if not user:
602602
error = "invalid_credentials"
603-
elif (user.get("action_token") or "").startswith("pending-registration:"):
603+
elif (user["action_token"] or "").startswith("pending-registration:"):
604604
error = "registration_is_pending"
605-
elif user.get("action_token") == "account-blocked":
605+
elif user["action_token"] == "account-blocked":
606606
error = "account_is_blocked"
607-
elif user.get("action_token") == "pending-approval":
607+
elif user["action_token"] == "pending-approval":
608608
error = "account_needs_to_be_approved"
609609

610610
# return the error or the user
@@ -619,15 +619,12 @@ def request_reset_password(self, email, send=True, next="", route=None):
619619

620620
db = self.db
621621
value = email.lower()
622-
if self.use_username:
623-
query = (
624-
(db.auth_user.email == value)
625-
if "@" in value
626-
else (db.auth_user.username == value)
627-
)
628-
else:
629-
query = db.auth_user.email == value
630-
user = db(query).select().first()
622+
field = (
623+
db.auth_user.email
624+
if "@" in value or not self.use_username
625+
else self.auth_user.username
626+
)
627+
user = db(field == value).select().first()
631628
if user and user.action_token != "account-blocked":
632629
token = str(uuid.uuid4())
633630
if next:

tests/test_auth.py

+9
Original file line numberDiff line numberDiff line change
@@ -90,6 +90,14 @@ def test_register(self):
9090

9191
self.on_request()
9292
body = {"email": "[email protected]", "password": "1234567"}
93+
self.assertEqual(
94+
self.auth.action("api/login", "POST", {}, body),
95+
{"status": "error", "message": "Invalid Credentials", "code": 400},
96+
)
97+
98+
self.on_request()
99+
self.on_request()
100+
body = {"email": "[email protected]", "password": "123456789"}
93101
self.assertEqual(
94102
self.auth.action("api/login", "POST", {}, body),
95103
{"status": "error", "message": "Registration is pending", "code": 400},
@@ -106,6 +114,7 @@ def test_register(self):
106114
self.assertTrue(user.action_token is None)
107115

108116
self.on_request()
117+
body = {"email": "[email protected]", "password": "1234567"}
109118
self.assertEqual(
110119
self.auth.action("api/login", "POST", {}, body),
111120
{"status": "error", "message": "Invalid Credentials", "code": 400},

0 commit comments

Comments
 (0)