simanacci · August 24, 2020 21:44
diff --git a/gistfile1.py b/gistfile1.py
 def generate_password_reset_token(self, expires_in=3600):
    s = URLSafeTimedSerializer(current_app.config['SECRET_KEY'], expires_in)
    return s.dumps(self.email, salt='password-recovery')

 @staticmethod
 def reset_password(token, new_password):
    s = URLSafeTimedSerializer(current_app.config['SECRET_KEY'])
    try:
        email = s.loads(token, max_age=3600, salt='password-recovery')
    except SignatureExpired:
        return False
    user = User.query.filter_by(email=email).first()
    if user is None:
        return False
    user.password = new_password
    db.session.commit()
    return True

 #conftest
 @pytest.fixture(scope='session')
 def app(postgresql):
    app = create_app('testing')
    app.config['SQLALCHEMY_DATABASE_URI'] = postgresql
    app.config['WTF_CSRF_ENABLED'] = False
    app.app_context().push()
    db_.create_all()
    yield app

 #test
 def test_expired_password_reset_token(test_user):
    u = test_user
    token = u.generate_password_reset_token(1)
    time.sleep(2)
    u.reset_password(token, 'new')
    assert not u.verify_password('new')


 #error
 test_user = <User 15>

    def test_expired_password_reset_token(test_user):
        u = test_user
        token = u.generate_password_reset_token(1)
        time.sleep(2)
        u.reset_password(token, 'new')
 >       assert not u.verify_password('new')
 E       AssertionError: assert not True
 E        +  where True = <bound method User.verify_password of <User 15>>('new')
 E        +    where <bound method User.verify_password of <User 15>> = <User 15>.verify_password

 tests/test_models.py:63: AssertionError
	def generate_password_reset_token(self, expires_in=3600):
	s = URLSafeTimedSerializer(current_app.config['SECRET_KEY'], expires_in)
	return s.dumps(self.email, salt='password-recovery')

	@staticmethod
	def reset_password(token, new_password):
	s = URLSafeTimedSerializer(current_app.config['SECRET_KEY'])
	try:
	email = s.loads(token, max_age=3600, salt='password-recovery')
	except SignatureExpired:
	return False
	user = User.query.filter_by(email=email).first()
	if user is None:
	return False
	user.password = new_password
	db.session.commit()
	return True

	#conftest
	@pytest.fixture(scope='session')
	def app(postgresql):
	app = create_app('testing')
	app.config['SQLALCHEMY_DATABASE_URI'] = postgresql
	app.config['WTF_CSRF_ENABLED'] = False
	app.app_context().push()
	db_.create_all()
	yield app

	#test
	def test_expired_password_reset_token(test_user):
	u = test_user
	token = u.generate_password_reset_token(1)
	time.sleep(2)
	u.reset_password(token, 'new')
	assert not u.verify_password('new')


	#error
	test_user = <User 15>

	def test_expired_password_reset_token(test_user):
	u = test_user
	token = u.generate_password_reset_token(1)
	time.sleep(2)
	u.reset_password(token, 'new')
	> assert not u.verify_password('new')
	E AssertionError: assert not True
	E + where True = <bound method User.verify_password of <User 15>>('new')
	E + where <bound method User.verify_password of <User 15>> = <User 15>.verify_password

	tests/test_models.py:63: AssertionError