test(auth): tighten duplicate-username test + add update_password test
This commit is contained in:
@@ -4,6 +4,7 @@ from __future__ import annotations
|
|||||||
|
|
||||||
import pytest
|
import pytest
|
||||||
from sqlalchemy import delete
|
from sqlalchemy import delete
|
||||||
|
from sqlalchemy.exc import IntegrityError
|
||||||
|
|
||||||
from cyclone.auth import users
|
from cyclone.auth import users
|
||||||
from cyclone.db import SessionLocal, User
|
from cyclone.db import SessionLocal, User
|
||||||
@@ -56,7 +57,7 @@ def test_create_user_rejects_duplicate_username():
|
|||||||
with SessionLocal()() as db:
|
with SessionLocal()() as db:
|
||||||
users.create(db, username="bob", password="hunter2hunter2", role="user")
|
users.create(db, username="bob", password="hunter2hunter2", role="user")
|
||||||
with SessionLocal()() as db:
|
with SessionLocal()() as db:
|
||||||
with pytest.raises(Exception):
|
with pytest.raises(IntegrityError):
|
||||||
users.create(db, username="bob", password="anotherone", role="user")
|
users.create(db, username="bob", password="anotherone", role="user")
|
||||||
|
|
||||||
|
|
||||||
@@ -91,3 +92,15 @@ def test_to_public_shape_omits_password_hash():
|
|||||||
assert shape["username"] == "eve"
|
assert shape["username"] == "eve"
|
||||||
assert shape["role"] == "admin"
|
assert shape["role"] == "admin"
|
||||||
assert "id" in shape and "createdAt" in shape
|
assert "id" in shape and "createdAt" in shape
|
||||||
|
|
||||||
|
|
||||||
|
def test_update_password_actually_rehashes_and_verifies():
|
||||||
|
with SessionLocal()() as db:
|
||||||
|
u = users.create(db, username="frank", password="hunter2hunter2", role="user")
|
||||||
|
with SessionLocal()() as db:
|
||||||
|
users.update_password(db, u.id, "newpassword1")
|
||||||
|
# Old password no longer verifies.
|
||||||
|
with SessionLocal()() as db:
|
||||||
|
refreshed = users.get_by_username(db, "frank")
|
||||||
|
assert not users.verify_password("hunter2hunter2", refreshed.password_hash)
|
||||||
|
assert users.verify_password("newpassword1", refreshed.password_hash)
|
||||||
Reference in New Issue
Block a user