Fix creating users, teams from the API (#768)

* Fix creating users, teams from the API, hash password in models vs in schemas, stop caching CSS at the decorator level, fix tests * Fix whitelisted emails and add test * Set proper defaults in accounts config
2025-12-17 14:04:20 +01:00 · 2018-11-30 20:12:48 -05:00
parent c342ca85b4
commit 4233d683b8
10 changed files with 139 additions and 55 deletions
--- a/tests/api/v1/test_users.py
+++ b/tests/api/v1/test_users.py
@@ -2,6 +2,7 @@
 # -*- coding: utf-8 -*-

 from CTFd.utils import set_config
+from CTFd.utils.crypto import verify_password
 from tests.helpers import *


@@ -71,12 +72,23 @@ def test_api_users_post_admin():
    app = create_ctfd()
    with app.app_context():
        with login_as_user(app, 'admin') as client:
+            # Create user
            r = client.post('/api/v1/users', json={
                "name": "user",
                "email": "user@user.com",
-                "password": "pass"
+                "password": "password"
            })
            assert r.status_code == 200
+
+            # Make sure password was hashed properly
+            user = Users.query.filter_by(email='user@user.com').first()
+            assert user
+            assert verify_password('password', user.password)
+
+            # Make sure user can login with the creds
+            client = login_as_user(app)
+            r = client.get('/profile')
+            assert r.status_code == 200
    destroy_ctfd(app)