darkhelm/notifications-api
1
0
Fork 0
mirror of https://github.com/GSA/notifications-api.git synced 2025-12-20 15:31:15 -05:00
Code Issues Packages Projects Releases Wiki Activity

If failed login count > 0 and user subsequently logs in sucessfully,

Browse Source 
then failed logins set to 0.
This commit is contained in:
Adam Shimali
2016-01-28 11:32:46 +00:00
parent 9bf11b3d40
commit 806b3f6851
4 changed files with 67 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/dao/users_dao.py
View File

@@ -68,3 +68,10 @@ def increment_failed_login_count(user):
user.failed_login_count += 1
db.session.add(user)
db.session.commit()
def reset_failed_login_count(user):
if user.failed_login_count > 0:
user.failed_login_count = 0
db.session.add(user)
db.session.commit()

12
app/user/rest.py
View File

@@ -4,8 +4,15 @@ from sqlalchemy.exc import DataError
from sqlalchemy.orm.exc import NoResultFound
from app.dao.services_dao import get_model_services
from app.dao.users_dao import (
get_model_users, save_model_user, delete_model_user,
create_user_code, get_user_code, use_user_code, increment_failed_login_count)
get_model_users,
save_model_user,
delete_model_user,
create_user_code,
get_user_code,
use_user_code,
increment_failed_login_count,
reset_failed_login_count
)
from app.schemas import (
user_schema, users_schema, service_schema, services_schema,
verify_code_schema, user_schema_load_json)
@@ -72,6 +79,7 @@ def verify_user_password(user_id):
result="error",
message={'password': ['Required field missing data']}), 400
if user.check_password(txt_pwd):
reset_failed_login_count(user)
return jsonify({}), 204
else:
increment_failed_login_count(user)

12
tests/app/dao/test_users_dao.py
View File

@@ -2,11 +2,13 @@ from sqlalchemy.exc import DataError
from sqlalchemy.orm.exc import NoResultFound
import pytest
from app.dao.users_dao import (
save_model_user,
get_model_users,
delete_model_user,
increment_failed_login_count
increment_failed_login_count,
reset_failed_login_count
)
from tests.app.conftest import sample_user as create_sample_user
@@ -74,3 +76,11 @@ def test_increment_failed_login_should_increment_failed_logins(notify_api, notif
assert sample_user.failed_login_count == 0
increment_failed_login_count(sample_user)
assert sample_user.failed_login_count == 1
def test_reset_failed_login_should_set_failed_logins_to_0(notify_api, notify_db, notify_db_session, sample_user):
assert User.query.count() == 1
increment_failed_login_count(sample_user)
assert sample_user.failed_login_count == 1
reset_failed_login_count(sample_user)
assert sample_user.failed_login_count == 0

39
tests/app/user/test_rest_verify.py
View File

@@ -182,6 +182,45 @@ def test_user_verify_password_invalid_password(notify_api,
assert sample_user.failed_login_count == 1
def test_user_verify_password_valid_password_resets_failed_logins(notify_api,
notify_db,
notify_db_session,
sample_user):
with notify_api.test_request_context():
with notify_api.test_client() as client:
data = json.dumps({'password': 'bad password'})
auth_header = create_authorization_header(
path=url_for('user.verify_user_password', user_id=sample_user.id),
method='POST',
request_body=data)
assert sample_user.failed_login_count == 0
resp = client.post(
url_for('user.verify_user_password', user_id=sample_user.id),
data=data,
headers=[('Content-Type', 'application/json'), auth_header])
assert resp.status_code == 400
json_resp = json.loads(resp.get_data(as_text=True))
assert 'Incorrect password' in json_resp['message']['password']
assert sample_user.failed_login_count == 1
data = json.dumps({'password': 'password'})
auth_header = create_authorization_header(
path=url_for('user.verify_user_password', user_id=sample_user.id),
method='POST',
request_body=data)
resp = client.post(
url_for('user.verify_user_password', user_id=sample_user.id),
data=data,
headers=[('Content-Type', 'application/json'), auth_header])
assert resp.status_code == 204
assert sample_user.failed_login_count == 0
def test_user_verify_password_missing_password(notify_api,
notify_db,
notify_db_session,