Compare commits
5 Commits
fb5ff0dad7
...
1c98a6a73c
Author | SHA1 | Date | |
---|---|---|---|
1c98a6a73c | |||
b7a41701ea | |||
85f273b726 | |||
d469466e66 | |||
07ad080551 |
3
django/.gitignore
vendored
3
django/.gitignore
vendored
@ -1,3 +1,4 @@
|
||||
.env
|
||||
*.pyc
|
||||
db.sqlite3
|
||||
db.sqlite3
|
||||
**/migrations/*
|
@ -1,7 +1,3 @@
|
||||
from django.db import models
|
||||
|
||||
# Create your models here.
|
||||
class Profile(models.Model):
|
||||
uuid = models.CharField()
|
||||
username = models.CharField()
|
||||
avatar_url = models.CharField()
|
||||
# Create your models here.
|
4
django/trancendence/accounts/settings.py
Normal file
4
django/trancendence/accounts/settings.py
Normal file
@ -0,0 +1,4 @@
|
||||
PASSWORD_MIN_SIZE = 3
|
||||
PASSWORD_MAX_SIZE = 128
|
||||
USERNAME_MIN_SIZE = 3
|
||||
USERNAME_MAX_SIZE = 40
|
9
django/trancendence/accounts/status_code.py
Normal file
9
django/trancendence/accounts/status_code.py
Normal file
@ -0,0 +1,9 @@
|
||||
INVALID_USERNAME: str = "error: username invalid"
|
||||
INVALID_PASSWORD: str = "error: password invalid"
|
||||
INVALID_USERNAME_PASSWORD: str = "error: username or password invalid"
|
||||
USERNAME_ALREADY_USED: str = "error: username already used"
|
||||
|
||||
USER_ADDED: str = "ok: user added"
|
||||
USER_DELETED: str = "ok: account has been deleted"
|
||||
USER_VALID: str = "ok: account valid"
|
||||
PASSWORD_UPDATED: str = "ok: password has been updated"
|
@ -1,3 +1,264 @@
|
||||
from django.test import TestCase
|
||||
|
||||
# Create your tests here.
|
||||
from django.test.client import Client
|
||||
from django.http import HttpResponse
|
||||
import uuid
|
||||
|
||||
from .status_code import *
|
||||
from .settings import *
|
||||
|
||||
class RegisterTest(TestCase):
|
||||
def setUp(self):
|
||||
self.client = Client()
|
||||
|
||||
self.url: str = "/api/accounts/register"
|
||||
|
||||
self.username: str = str(uuid.uuid4())[:USERNAME_MAX_SIZE]
|
||||
self.password: str = str(uuid.uuid4())[:PASSWORD_MAX_SIZE]
|
||||
|
||||
def test_incomplet_form_no_username_no_password(self):
|
||||
response: HttpResponse = self.client.post(self.url)
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_PASSWORD)
|
||||
|
||||
def test_incomplet_form_no_password(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_PASSWORD)
|
||||
|
||||
def test_incomplet_form_no_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, "error: username invalid")
|
||||
|
||||
def test_incomplet_form_no_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_PASSWORD)
|
||||
|
||||
def test_normal_register(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, USER_ADDED)
|
||||
|
||||
def test_username_too_short(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": "a" * (USERNAME_MIN_SIZE - (USERNAME_MIN_SIZE > 0)), "password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME)
|
||||
|
||||
def test_username_too_long(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": "a" * (USERNAME_MAX_SIZE + 1), "password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME)
|
||||
|
||||
def test_password_too_short(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": "a" * (PASSWORD_MIN_SIZE - (PASSWORD_MIN_SIZE > 0))})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_PASSWORD)
|
||||
|
||||
def test_password_too_long(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": "a" * (PASSWORD_MAX_SIZE + 1)})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_PASSWORD)
|
||||
|
||||
def test_already_registered(self):
|
||||
self.client.post(self.url, {"username": self.username, "password": self.password})
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, USERNAME_ALREADY_USED)
|
||||
|
||||
class LoginTest(TestCase):
|
||||
def setUp(self):
|
||||
self.client = Client()
|
||||
|
||||
self.url = "/api/accounts/login"
|
||||
|
||||
self.username: str = str(uuid.uuid4())[:USERNAME_MAX_SIZE]
|
||||
self.password: str = str(uuid.uuid4())[:PASSWORD_MAX_SIZE]
|
||||
|
||||
self.client.post("/api/accounts/register", {"username": self.username, "password": self.password})
|
||||
|
||||
def test_normal_login(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, USER_VALID)
|
||||
|
||||
def test_invalid_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.password, "password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_password(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.username})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_password(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_password_no_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME)
|
||||
|
||||
class LoginTest(TestCase):
|
||||
def setUp(self):
|
||||
self.client = Client()
|
||||
|
||||
self.url = "/api/accounts/login"
|
||||
|
||||
self.username: str = str(uuid.uuid4())[:USERNAME_MAX_SIZE]
|
||||
self.password: str = str(uuid.uuid4())[:PASSWORD_MAX_SIZE]
|
||||
|
||||
self.client.post("/api/accounts/register", {"username": self.username, "password": self.password})
|
||||
|
||||
def test_normal_login(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, USER_VALID)
|
||||
|
||||
def test_invalid_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.password, "password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_password(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.username})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_password(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_password_no_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
class DeleteTest(TestCase):
|
||||
def setUp(self):
|
||||
self.client = Client()
|
||||
|
||||
self.url = "/api/accounts/delete"
|
||||
|
||||
self.username: str = str(uuid.uuid4())[:USERNAME_MAX_SIZE]
|
||||
self.password: str = str(uuid.uuid4())[:PASSWORD_MAX_SIZE]
|
||||
|
||||
self.client.post("/api/accounts/register", {"username": self.username, "password": self.password})
|
||||
|
||||
def test_invalid_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.password, "password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_password(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.username})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_password(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_password(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_password_no_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_normal_delete(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, USER_DELETED)
|
||||
|
||||
class ChangePasswordTest(TestCase):
|
||||
def setUp(self):
|
||||
self.client = Client()
|
||||
|
||||
self.url = "/api/accounts/change_password"
|
||||
|
||||
self.username: str = str(uuid.uuid4())[:USERNAME_MAX_SIZE]
|
||||
self.password: str = str(uuid.uuid4())[:PASSWORD_MAX_SIZE]
|
||||
self.new_password: str = str(uuid.uuid4())[:PASSWORD_MAX_SIZE]
|
||||
|
||||
self.client.post("/api/accounts/register", {"username": self.username, "password": self.password})
|
||||
|
||||
def test_normal_login(self):
|
||||
response: HttpResponse = self.client.post("/api/accounts/login", {"username": self.username, "password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, USER_VALID)
|
||||
|
||||
def test_invalid_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.password, "password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_password(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "password": self.username})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_password(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_password(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_invalid_no_password_no_username(self):
|
||||
response: HttpResponse = self.client.post(self.url, {})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_USERNAME_PASSWORD)
|
||||
|
||||
def test_no_new_password(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "current_password": self.password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_PASSWORD)
|
||||
|
||||
def test_new_password_to_short(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "current_password": self.password, "new_password": "a" * (PASSWORD_MIN_SIZE - (PASSWORD_MIN_SIZE > 0))})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_PASSWORD)
|
||||
|
||||
def test_new_password_to_long(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "current_password": self.password, "new_password": "a" * (PASSWORD_MAX_SIZE + 1)})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, INVALID_PASSWORD)
|
||||
|
||||
def test_normal_change_password(self):
|
||||
response: HttpResponse = self.client.post(self.url, {"username": self.username, "current_password": self.password, "new_password": self.new_password})
|
||||
response_text: str = response.content.decode("utf-8")
|
||||
self.assertEqual(response_text, PASSWORD_UPDATED)
|
@ -6,6 +6,9 @@ from django.http import HttpResponse
|
||||
from django.contrib.auth.models import User
|
||||
from django.db.models.query import QuerySet
|
||||
|
||||
from .status_code import *
|
||||
from .settings import *
|
||||
|
||||
class Login(View):
|
||||
def get(self, request):
|
||||
return render(request, "login.html")
|
||||
@ -13,21 +16,21 @@ class Login(View):
|
||||
def post(self, request):
|
||||
username = request.POST.get("username")
|
||||
if (username == None):
|
||||
return HttpResponse("error: username or password invalid")
|
||||
return HttpResponse(INVALID_USERNAME_PASSWORD)
|
||||
|
||||
password = request.POST.get("password")
|
||||
if (password == None):
|
||||
return HttpResponse("error: username or password invalid")
|
||||
return HttpResponse(INVALID_USERNAME_PASSWORD)
|
||||
|
||||
query: QuerySet = User.objects.filter(username=username)
|
||||
if (not query.exists()):
|
||||
return HttpResponse("error: username or password invalid")
|
||||
return HttpResponse(INVALID_USERNAME_PASSWORD)
|
||||
|
||||
user: User = User.objects.get(username=username)
|
||||
if (not user.check_password(password)):
|
||||
return HttpResponse("error: username or password invalid")
|
||||
return HttpResponse(INVALID_USERNAME_PASSWORD)
|
||||
|
||||
return HttpResponse("ok: account valid")
|
||||
return HttpResponse(USER_VALID)
|
||||
|
||||
class Register(View):
|
||||
def get(self, request):
|
||||
@ -35,19 +38,19 @@ class Register(View):
|
||||
|
||||
def post(self, request):
|
||||
password = request.POST.get("password")
|
||||
if (password == None or len(password) < 3):
|
||||
return HttpResponse("error: password invalid")
|
||||
if (password == None or not PASSWORD_MAX_SIZE >= len(password) >= PASSWORD_MIN_SIZE):
|
||||
return HttpResponse(INVALID_PASSWORD)
|
||||
username = request.POST.get("username")
|
||||
if (username == None or len(username) < 3):
|
||||
return HttpResponse("error: username invalid")
|
||||
if (username == None or not USERNAME_MAX_SIZE >= len(username) >= USERNAME_MIN_SIZE):
|
||||
return HttpResponse(INVALID_USERNAME)
|
||||
|
||||
if User.objects.filter(username=username).exists():
|
||||
return HttpResponse("error: username already used")
|
||||
return HttpResponse(USERNAME_ALREADY_USED)
|
||||
|
||||
user = User.objects.create_user(username, password=password)
|
||||
user.save()
|
||||
|
||||
return HttpResponse("ok: user added")
|
||||
return HttpResponse(USER_ADDED)
|
||||
|
||||
class Delete(View):
|
||||
def get(self, request):
|
||||
@ -56,23 +59,23 @@ class Delete(View):
|
||||
def post(self, request):
|
||||
username = request.POST.get("username")
|
||||
if (username == None):
|
||||
return HttpResponse("error: username or password invalid")
|
||||
return HttpResponse(INVALID_USERNAME_PASSWORD)
|
||||
|
||||
password = request.POST.get("password")
|
||||
if (password == None):
|
||||
return HttpResponse("error: username or password invalid")
|
||||
return HttpResponse(INVALID_USERNAME_PASSWORD)
|
||||
|
||||
query: QuerySet = User.objects.filter(username=username)
|
||||
if (not query.exists()):
|
||||
return HttpResponse("error: username or password invalid")
|
||||
return HttpResponse(INVALID_USERNAME_PASSWORD)
|
||||
|
||||
user: User = User.objects.get(username=username)
|
||||
if (not user.check_password(password)):
|
||||
return HttpResponse("error: username or password invalid")
|
||||
return HttpResponse(INVALID_USERNAME_PASSWORD)
|
||||
|
||||
user.delete()
|
||||
|
||||
return HttpResponse("ok: account has been deleted")
|
||||
return HttpResponse(USER_DELETED)
|
||||
|
||||
class ChangePassword(View):
|
||||
def get(self, request):
|
||||
@ -81,25 +84,25 @@ class ChangePassword(View):
|
||||
def post(self, request):
|
||||
username = request.POST.get("username")
|
||||
if (username == None):
|
||||
return HttpResponse("error: username or password invalid")
|
||||
return HttpResponse(INVALID_USERNAME_PASSWORD)
|
||||
|
||||
current_password = request.POST.get("current_password")
|
||||
if (current_password == None):
|
||||
return HttpResponse("error: username or password invalid")
|
||||
return HttpResponse(INVALID_USERNAME_PASSWORD)
|
||||
|
||||
query: QuerySet = User.objects.filter(username=username)
|
||||
if (not query.exists()):
|
||||
return HttpResponse("error: username or password invalid")
|
||||
return HttpResponse(INVALID_USERNAME_PASSWORD)
|
||||
|
||||
user: User = User.objects.get(username=username)
|
||||
if (not user.check_password(current_password)):
|
||||
return HttpResponse("error: username or password invalid")
|
||||
return HttpResponse(INVALID_USERNAME_PASSWORD)
|
||||
|
||||
new_password = request.POST.get("new_password")
|
||||
if (new_password == None or len(new_password) < 3):
|
||||
return HttpResponse("error: new password too short")
|
||||
if (new_password == None or not PASSWORD_MAX_SIZE >= len(new_password) >= PASSWORD_MIN_SIZE):
|
||||
return HttpResponse(INVALID_PASSWORD)
|
||||
|
||||
user.set_password(new_password)
|
||||
user.save()
|
||||
|
||||
return HttpResponse("ok: password has been updated")
|
||||
return HttpResponse(PASSWORD_UPDATED)
|
Loading…
Reference in New Issue
Block a user