Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: ✨ password change endpoint #33

Merged
merged 14 commits into from
Dec 20, 2023
Merged

feat: ✨ password change endpoint #33

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
a19174c
:construction: wip: endpoint to change user password
slugb0t Dec 12, 2023
31f42a1
:sparkles: feat: endpoint to change password
slugb0t Dec 12, 2023
8410118
style: 🎨 fix code style issues with Black
lint-action Dec 12, 2023
28df74a
:hammer: chore: remove print statements
slugb0t Dec 12, 2023
86931fb
Merge branch 'password-change-endpoint' of https://github.com/AI-READ…
slugb0t Dec 12, 2023
8d0f0a2
:hammer: chore: add data type for request.json
slugb0t Dec 12, 2023
33f97f5
Merge remote-tracking branch 'origin/staging' into password-change-en…
slugb0t Dec 20, 2023
ff5f2b7
:recycle: refactor: password change endpoint modified and moved to au…
slugb0t Dec 20, 2023
bb637a8
:sparkles: feat: user password change test created for pytest
slugb0t Dec 20, 2023
f717c0f
style: 🎨 fix code style issues with Black
lint-action Dec 20, 2023
ad609fc
:recycle: refactor: password change test only for one client
slugb0t Dec 20, 2023
377852b
:recycle: refactor: password change endpoint modified to POST
slugb0t Dec 20, 2023
56117d5
:recycle: refactor: pytest password changed test modified to be post
slugb0t Dec 20, 2023
369180a
:sparkles: feat: tests for logging in user after password changes
slugb0t Dec 20, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
68 changes: 68 additions & 0 deletions apis/authentication.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -388,6 +388,74 @@ def post(self):
return resp


@api.route("/auth/password/change")
class UserPasswordEndpoint(Resource):
"""
Endpoint for updating user password
"""

@api.doc(description="Updates User password")
@api.response(200, "Success")
@api.response(400, "Validation Error")
def post(self):
"""Updates user password"""

def validate_current_password(instance):
received_password = instance

if not g.user.check_password(received_password):
raise ValidationError("Current password is incorrect")

return True

def confirm_new_password(instance):
data: Union[Any, dict] = request.json
new_password = data["new_password"]
confirm_password = instance

if new_password != confirm_password:
raise ValidationError("New password and confirm password do not match")

return True

# Schema validation
schema = {
"type": "object",
"required": ["old_password", "new_password", "confirm_password"],
"additionalProperties": False,
"properties": {
"old_password": {
"type": "string",
"minLength": 1,
"format": "current password",
},
"new_password": {"type": "string", "minLength": 1},
"confirm_password": {
"type": "string",
"minLength": 1,
"format": "password confirmation",
},
},
}

format_checker = FormatChecker()
format_checker.checks("current password")(validate_current_password)
format_checker.checks("password confirmation")(confirm_new_password)

try:
validate(
instance=request.json, schema=schema, format_checker=format_checker
)
except ValidationError as e:
return e.message, 400

data: Union[Any, dict] = request.json
user = model.User.query.get(g.user.id)
user.set_password(data["new_password"])
model.db.session.commit()
return "Password updated successfully", 200


# @api.route("/auth/current-users")
# class CurrentUsers(Resource):
# """function is used to see all logged users in
Expand Down
58 changes: 58 additions & 0 deletions tests/functional/test_user.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
"""Tests for user settings"""


# ------------------- Password Change ------------------- #
def test_post_password_change(clients):
"""
Given a Flask application configured for testing
WHEN the '/auth/password/change' endpoint is requested (PUT)
THEN check that the response is valid and the password is changed
"""
_logged_in_client = clients[0]

response = _logged_in_client.post(
"/auth/password/change",
json={
"confirm_password": "Updatedpassword4testing!",
"new_password": "Updatedpassword4testing!",
"old_password": "Testingyeshello11!",
},
)

assert response.status_code == 200


def test_post_password_login_invalid_old_password(clients):
"""
Given a Flask application configured for testing
WHEN the '/auth/login' endpoint is requested (POST)
THEN check that the response is an error when old password is provided
"""
_logged_in_client = clients[0]
response = _logged_in_client.post(
"/auth/login",
json={
"email_address": "[email protected]",
"password": "Testingyeshello11!",
},
)

assert response.status_code == 401


def test_post_login_new_password(clients):
"""
Given a Flask application configured for testing
WHEN the '/auth/login' endpoint is requested (POST)
THEN check that the response is valid when new password is provided
"""
_logged_in_client = clients[0]
response = _logged_in_client.post(
"/auth/login",
json={
"email_address": "[email protected]",
"password": "Updatedpassword4testing!",
},
)

assert response.status_code == 200
Loading