-
Notifications
You must be signed in to change notification settings - Fork 156
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Minor change to how LoginForm is created/modified (#1053)
The default LoginForm now reflects the default configuration - email is required. In init_app() build_login_form() is called that if USERNAME_ENABLE is set will add the username field (as before) and change the email field to be Optional(). This is a small semantic change - prior the email field was not marked as required. Change the new RegisterFormV2 construction - now the default form reflects the default configuration - new_password and confirm_password are required. From init_app build_register_form() is called and it will: 1) remove password_confirm field if PASSWORD_CONFIRM_REQUIRED is False 2) add username field if USERNAME_ENABLE is True 3) mark the password field as optional if PASSWORD_REQUIRED is False or UNIFIED_SIGNING is True Simplify the PASSWORD_REQUIRED logic - before we always checked for PASSWORD_REQUIRED or UNIFIED_SIGNIN - now - at init_app() time we throw a ValueError if PASSWORD_REQUIRED==False and UNIFIED_SIGNIN feature not enabled (which is how it has always been documented).
- Loading branch information
Showing
7 changed files
with
162 additions
and
66 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -228,7 +228,7 @@ def test_authenticate_case_insensitive_email(app, client): | |
def test_authenticate_with_invalid_input(client, get_message): | ||
response = client.post( | ||
"/login", | ||
json=dict(password="password"), | ||
json=dict(password="password", email="[email protected]"), | ||
headers={"Content-Type": "application/json"}, | ||
) | ||
assert get_message("USER_DOES_NOT_EXIST") in response.data | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -34,6 +34,7 @@ | |
logout, | ||
populate_data, | ||
reset_fresh, | ||
get_form_input, | ||
) | ||
from tests.test_webauthn import HackWebauthnUtil, reg_2_keys | ||
|
||
|
@@ -375,7 +376,6 @@ class MyRegisterForm(RegisterFormV2): | |
security.init_app(app) | ||
|
||
client = app.test_client() | ||
|
||
response = client.get("/login") | ||
assert b"My Login Email Address Field" in response.data | ||
|
||
|
@@ -1559,3 +1559,43 @@ def test_secret_key_fallbacks(app, verify_secret_key, verify_fallbacks, should_p | |
else: | ||
with pytest.raises(BadTimeSignature): | ||
serializer.loads(token) | ||
|
||
|
||
@pytest.mark.settings(username_enable=True) | ||
def test_custom_login_form(app, sqlalchemy_datastore, get_message): | ||
# Test custom login form that deletes email and uses username only | ||
# Also test that if app leave 'email' in as a user identity attribute we | ||
# will ignore it | ||
class MyLoginForm(LoginForm): | ||
email = None | ||
|
||
app.security = Security( | ||
app, | ||
datastore=sqlalchemy_datastore, | ||
login_form=MyLoginForm, | ||
) | ||
|
||
populate_data(app) | ||
client = app.test_client() | ||
|
||
response = client.get("/login", follow_redirects=False) | ||
assert not get_form_input(response, "email") | ||
|
||
response = client.post( | ||
"/login", json=dict(email="[email protected]", password="password") | ||
) | ||
assert response.status_code == 400 | ||
assert ( | ||
get_message("USER_DOES_NOT_EXIST") | ||
== response.json["response"]["field_errors"][""][0].encode() | ||
) | ||
|
||
response = client.post("/login", json=dict(username="jill", password="password")) | ||
assert response.status_code == 200 | ||
|
||
|
||
@pytest.mark.settings(password_required=False) | ||
def test_password_required_setting(app, sqlalchemy_datastore): | ||
with pytest.raises(ValueError) as vex: | ||
Security(app=app, datastore=sqlalchemy_datastore) | ||
assert "SECURITY_PASSWORD_REQUIRED can only be" in str(vex.value) |
Oops, something went wrong.