109526036: Updates as per comments made on pull request.

app/main/dao/verify_codes_dao.py

@@ -25,7 +25,7 @@ def get_code_by_code(user_id, code_type):
 
 
 def use_code(id):
-    verify_code = VerifyCodes.query.filter_by(id=id).first()
+    verify_code = VerifyCodes.query.get(id)
     verify_code.code_used = True
     db.session.add(verify_code)
     db.session.commit()

app/main/encryption.py

@@ -5,6 +5,6 @@ def hashpw(password):
     return generate_password_hash(password.encode('UTF-8'), 10)
 
 
-def checkpw(password, hashed_password):
+def check_hash(password, hashed_password):
     # If salt is invalid throws a 500 should add try/catch here
     return check_password_hash(hashed_password, password)

app/main/forms.py

@@ -6,7 +6,7 @@ from wtforms import StringField, PasswordField
 from wtforms.validators import DataRequired, Email, Length, Regexp
 
 from app.main.dao import verify_codes_dao
-from app.main.encryption import checkpw
+from app.main.encryption import check_hash
 from app.main.validators import Blacklist
 
 
@@ -75,7 +75,7 @@ def validate_code(field, code):
         field.errors.append('Code has expired')
         return False
     if field.data is not None:
-        if checkpw(field.data, code.code) is False:
+        if check_hash(field.data, code.code) is False:
             field.errors.append('Code does not match')
             return False
         else:

app/main/views/sign_in.py

@@ -3,7 +3,7 @@ from flask import session
 
 from app.main import main
 from app.main.dao import users_dao
-from app.main.encryption import checkpw
+from app.main.encryption import check_hash
 from app.main.encryption import hashpw
 from app.main.forms import LoginForm
 from app.main.views import send_sms_code
@@ -25,7 +25,7 @@ def process_sign_in():
             return jsonify(locked_out=True), 401
         if not user.is_active():
             return jsonify(active_user=False), 401
-        if checkpw(form.password.data, user.password):
+        if check_hash(form.password.data, user.password):
             sms_code = send_sms_code(user.id, user.mobile_number)
             session['user_id'] = user.id
         else:

tests/app/main/dao/test_verify_codes_dao.py

@@ -2,7 +2,7 @@ import sqlalchemy
 from pytest import fail
 
 from app.main.dao import verify_codes_dao
-from app.main.encryption import checkpw
+from app.main.encryption import check_hash
 from tests.app.main import create_test_user
 
 
@@ -12,7 +12,7 @@ def test_insert_new_code_and_get_it_back(notifications_admin, notifications_admi
     verify_codes_dao.add_code(user_id=user.id, code='12345', code_type='email')
     saved_code = verify_codes_dao.get_code(user_id=user.id, code_type='email')
     assert saved_code.user_id == user.id
-    assert checkpw('12345', saved_code.code)
+    assert check_hash('12345', saved_code.code)
     assert saved_code.code_type == 'email'
     assert saved_code.code_used is False
 

tests/app/main/test_encyption.py

@@ -1,4 +1,4 @@
-from app.main.encryption import hashpw, checkpw
+from app.main.encryption import hashpw, check_hash
 
 
 def test_should_hash_password():
@@ -9,9 +9,9 @@ def test_should_hash_password():
 def test_should_check_password():
     value = 's3curePassword!'
     encrypted = hashpw(value)
-    assert checkpw(value, encrypted) is True
+    assert check_hash(value, encrypted) is True
 
 
 def test_checkpw_should_fail_when_pw_does_not_match():
     value = hashpw('somePassword')
-    assert checkpw('somethingDifferent', value) is False
+    assert check_hash('somethingDifferent', value) is False