Skip to content

Enable updating the password of a user. #107

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
pspoerri wants to merge 3 commits into from
Closed

Enable updating the password of a user. #107

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
af7a665
Enable updating the password.
Feb 6, 2020
a7f4951
Extend tests with authentication test.
Feb 6, 2020
a7870a5
Fix: User Update in authentication_token_from_email.
Feb 10, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion {{cookiecutter.project_slug}}/backend/app/app/crud/crud_user.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
from app.models.user import User
from app.schemas.user import UserCreate, UserUpdate
from app.core.security import verify_password, get_password_hash
from app.crud.base import CRUDBase
from app.crud.base import CRUDBase, ModelType, UpdateSchemaType


class CRUDUser(CRUDBase[User, UserCreate, UserUpdate]):
Expand All @@ -24,6 +24,11 @@ def create(self, db_session: Session, *, obj_in: UserCreate) -> User:
db_session.refresh(db_obj)
return db_obj

def update(self, db_session: Session, *, db_obj: ModelType, obj_in: UpdateSchemaType) -> ModelType:
if obj_in.password:
db_obj.hashed_password = get_password_hash(obj_in.password)
Copy link
Author

@pspoerri pspoerri Feb 6, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am not sure if this is the correct place to update the password.

Copy link
Contributor

@ebreton ebreton Feb 6, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You probably want to use the reset_password method in login.py

Copy link
Author

@pspoerri pspoerri Feb 10, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You probably want to use the reset_password method in login.py

Shouldn't it be the other way around, e.g. the endpoint/login.py using CRUDUser?

return super().update(db_session, db_obj=db_obj, obj_in=obj_in)

def authenticate(
self, db_session: Session, *, email: str, password: str
) -> Optional[User]:
Expand Down
31 changes: 30 additions & 1 deletion {{cookiecutter.project_slug}}/backend/app/app/tests/crud/test_user.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

from app import crud
from app.db.session import db_session
from app.schemas.user import UserCreate
from app.schemas.user import UserCreate, UserUpdate
from app.tests.utils.utils import random_lower_string


Expand All @@ -27,6 +27,35 @@ def test_authenticate_user():
assert user.email == authenticated_user.email


def test_update_password_authenticate_user():
email = random_lower_string()
password = random_lower_string()
user_in = UserCreate(email=email, password=password)
user = crud.user.create(db_session, obj_in=user_in)
authenticated_user = crud.user.authenticate(
db_session, email=email, password=password
)
assert authenticated_user
assert user.email == authenticated_user.email

new_password = random_lower_string()
update_user = UserUpdate()
update_user.password = new_password
_ = crud.user.update(db_session=db_session, db_obj=user, obj_in=update_user)

authenticated_user = crud.user.authenticate(
db_session, email=email, password=password
)
assert not authenticated_user

authenticated_user = crud.user.authenticate(
db_session, email=email, password=new_password
)
assert authenticated_user
assert user.email == authenticated_user.email



def test_not_authenticate_user():
email = random_lower_string()
password = random_lower_string()
Expand Down