Merge branch 'login-validator-5414'
This commit is contained in:
commit
1aab84d0dc
@ -34,14 +34,19 @@ from mediagoblin import auth
|
|||||||
_log = logging.getLogger(__name__)
|
_log = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
def normalize_user_or_email_field(allow_email=True, allow_user=True):
|
def normalize_user_or_email_field(allow_email=True, allow_user=True,
|
||||||
"""
|
is_login=False):
|
||||||
Check if we were passed a field that matches a username and/or email
|
"""Check if we were passed a field that matches a username and/or email
|
||||||
pattern.
|
pattern.
|
||||||
|
|
||||||
This is useful for fields that can take either a username or email
|
This is useful for fields that can take either a username or email
|
||||||
address. Use the parameters if you want to only allow a username for
|
address. Use the parameters if you want to only allow a username
|
||||||
instance"""
|
for instance
|
||||||
|
|
||||||
|
is_login : bool
|
||||||
|
If is_login is True, does not check the length of username.
|
||||||
|
|
||||||
|
"""
|
||||||
message = _(u'Invalid User name or email address.')
|
message = _(u'Invalid User name or email address.')
|
||||||
nomail_msg = _(u"This field does not take email addresses.")
|
nomail_msg = _(u"This field does not take email addresses.")
|
||||||
nouser_msg = _(u"This field requires an email address.")
|
nouser_msg = _(u"This field requires an email address.")
|
||||||
@ -56,7 +61,8 @@ def normalize_user_or_email_field(allow_email=True, allow_user=True):
|
|||||||
else: # lower case user names
|
else: # lower case user names
|
||||||
if not allow_user:
|
if not allow_user:
|
||||||
raise wtforms.ValidationError(nouser_msg)
|
raise wtforms.ValidationError(nouser_msg)
|
||||||
wtforms.validators.Length(min=3, max=30)(form, field)
|
if not is_login:
|
||||||
|
wtforms.validators.Length(min=3, max=30)(form, field)
|
||||||
wtforms.validators.Regexp(r'^[-_\w]+$')(form, field)
|
wtforms.validators.Regexp(r'^[-_\w]+$')(form, field)
|
||||||
field.data = field.data.lower()
|
field.data = field.data.lower()
|
||||||
if field.data is None: # should not happen, but be cautious anyway
|
if field.data is None: # should not happen, but be cautious anyway
|
||||||
|
@ -38,7 +38,7 @@ class LoginForm(wtforms.Form):
|
|||||||
username = wtforms.StringField(
|
username = wtforms.StringField(
|
||||||
_('Username or Email'),
|
_('Username or Email'),
|
||||||
[wtforms.validators.InputRequired(),
|
[wtforms.validators.InputRequired(),
|
||||||
normalize_user_or_email_field()])
|
normalize_user_or_email_field(is_login=True)])
|
||||||
password = wtforms.PasswordField(
|
password = wtforms.PasswordField(
|
||||||
_('Password'))
|
_('Password'))
|
||||||
stay_logged_in = wtforms.BooleanField(
|
stay_logged_in = wtforms.BooleanField(
|
||||||
|
@ -1,4 +1,3 @@
|
|||||||
|
|
||||||
# GNU MediaGoblin -- federated, autonomous media hosting
|
# GNU MediaGoblin -- federated, autonomous media hosting
|
||||||
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
|
# Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
|
||||||
#
|
#
|
||||||
@ -373,6 +372,53 @@ def test_authentication_views(test_app):
|
|||||||
assert not form.username.data == u'ANDREW'
|
assert not form.username.data == u'ANDREW'
|
||||||
assert form.username.data == u'andrew'
|
assert form.username.data == u'andrew'
|
||||||
|
|
||||||
|
# Successful login with short user
|
||||||
|
# --------------------------------
|
||||||
|
short_user = fixture_add_user(username=u'me', password=u'sho')
|
||||||
|
template.clear_test_template_context()
|
||||||
|
response = test_app.post(
|
||||||
|
'/auth/login/', {
|
||||||
|
'username': u'me',
|
||||||
|
'password': 'sho'})
|
||||||
|
|
||||||
|
# User should be redirected
|
||||||
|
response.follow()
|
||||||
|
|
||||||
|
assert urlparse.urlsplit(response.location)[2] == '/'
|
||||||
|
assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT
|
||||||
|
|
||||||
|
# Make sure user is in the session
|
||||||
|
context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/root.html']
|
||||||
|
session = context['request'].session
|
||||||
|
assert session['user_id'] == six.text_type(short_user.id)
|
||||||
|
|
||||||
|
# Must logout
|
||||||
|
template.clear_test_template_context()
|
||||||
|
response = test_app.get('/auth/logout/')
|
||||||
|
|
||||||
|
# Successful login with long user
|
||||||
|
# ----------------
|
||||||
|
long_user = fixture_add_user(
|
||||||
|
username=u'realllylonguser@reallylongdomain.com.co', password=u'sho')
|
||||||
|
template.clear_test_template_context()
|
||||||
|
response = test_app.post(
|
||||||
|
'/auth/login/', {
|
||||||
|
'username': u'realllylonguser@reallylongdomain.com.co',
|
||||||
|
'password': 'sho'})
|
||||||
|
|
||||||
|
# User should be redirected
|
||||||
|
response.follow()
|
||||||
|
assert urlparse.urlsplit(response.location)[2] == '/'
|
||||||
|
assert 'mediagoblin/root.html' in template.TEMPLATE_TEST_CONTEXT
|
||||||
|
|
||||||
|
# Make sure user is in the session
|
||||||
|
context = template.TEMPLATE_TEST_CONTEXT['mediagoblin/root.html']
|
||||||
|
session = context['request'].session
|
||||||
|
assert session['user_id'] == six.text_type(long_user.id)
|
||||||
|
|
||||||
|
template.clear_test_template_context()
|
||||||
|
response = test_app.get('/auth/logout/')
|
||||||
|
|
||||||
@pytest.fixture()
|
@pytest.fixture()
|
||||||
def authentication_disabled_app(request):
|
def authentication_disabled_app(request):
|
||||||
return get_app(
|
return get_app(
|
||||||
|
Loading…
x
Reference in New Issue
Block a user