bump: version 0.8.1 → 0.8.2

CHANGELOG.md

@@ -5,6 +5,12 @@ All notable changes to WuttJamaican will be documented in this file.
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
+## v0.8.2 (2024-07-18)
+
+### Fix
+
+- add `check_user_password()` method for auth handler
+
 ## v0.8.1 (2024-07-17)
 
 ### Fix

pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "WuttJamaican"
-version = "0.8.1"
+version = "0.8.2"
 description = "Base package for Wutta Framework"
 readme = "README.md"
 authors = [{name = "Lance Edgar", email = "lance@edbob.org"}]

src/wuttjamaican/auth.py

@@ -84,19 +84,30 @@ class AuthHandler(GenericHandler):
         :returns: :class:`~wuttjamaican.db.model.auth.User` instance,
            or ``None``.
         """
-        model = self.app.model
+        user = self.get_user(username, session=session)
-
-        if isinstance(username, model.User):
-            user = username
-        else:
-            user = session.query(model.User)\
-                          .filter_by(username=username)\
-                          .first()
-
         if user and user.active and user.password:
-            if password_context.verify(password, user.password):
+            if self.check_user_password(user, password):
                 return user
 
+    def check_user_password(self, user, password, **kwargs):
+        """
+        Check a user's password.
+
+        This will hash the given password and compare it to the hashed
+        password we have on file for the given user account.
+
+        This is normally part of the login process, so the
+        ``password`` param refers to the password entered by a user;
+        this method will determine if it was correct.
+
+        :param user: :class:`~wuttjamaican.db.model.auth.User` instance.
+
+        :param password: User-entered password in plain text.
+
+        :returns: ``True`` if password matches; else ``False``.
+        """
+        return password_context.verify(password, user.password)
+
     def get_role(self, session, key, **kwargs):
         """
         Locate and return a :class:`~wuttjamaican.db.model.auth.Role`

tests/test_auth.py

@@ -60,6 +60,17 @@ else:
             user = self.handler.authenticate_user(self.session, 'barney', 'goodpass')
             self.assertIsNone(user)
 
+        def test_check_user_password(self):
+            model = self.app.model
+            barney = model.User(username='barney')
+            self.handler.set_user_password(barney, 'goodpass')
+            self.session.add(barney)
+            self.session.commit()
+
+            # basics
+            self.assertTrue(self.handler.check_user_password(barney, 'goodpass'))
+            self.assertFalse(self.handler.check_user_password(barney, 'BADPASS'))
+
         def test_get_role(self):
             model = self.app.model
             myrole = model.Role(name="My Role")