Skip to content

Add chance to change password of the account#1735

Merged
mlodic merged 6 commits intodevelopfrom
authentication
Jun 12, 2023
Merged

Add chance to change password of the account#1735
mlodic merged 6 commits intodevelopfrom
authentication

Conversation

@shivam-Purohit
Copy link
Contributor

@shivam-Purohit shivam-Purohit commented Jun 6, 2023

closes #1285

Description

add a feature to allow the user to change their password

Type of change

  • New feature (non-breaking change which adds functionality).

Checklist

  • I have read and understood the rules about how to Contribute to this project
  • The pull request is for the branch develop
  • A new plugin (analyzer, connector, visualizer or playbook) was added or changed, in which case:
    • Usage file was updated.
    • Advanced-Usage was updated (in case the plugin provides additional optional configuration).
    • If the plugin requires mocked testing, _monkeypatch() was used in its class to apply the necessary decorators.
    • If a File analyzer was added and it supports a mimetype which is not already supported, you added a sample of that type inside the archive test_files.zip and you added the default tests for that mimetype in test_classes.py.
    • If you created a new analyzer and it is free (does not require API keys), please add it in the FREE_TO_USE_ANALYZERS playbook in playbook_config.json.
    • Check if it could make sense to add that analyzer/connector to other freely available playbooks.
    • I have provided the resulting raw JSON of a finished analysis and a screenshot of the results.
  • If external libraries/packages with restrictive licenses were used, they were added in the Legal Notice section.
  • Linters (Black, Flake, Isort) gave 0 errors. If you have correctly installed pre-commit, it does these checks and adjustments on your behalf.
  • I have added tests for the feature/bug I solved (see tests folder). All the tests (new and old ones) gave 0 errors.
  • If changes were made to an existing model/serializer/view, the docs were updated and regenerated (check CONTRIBUTE.md).
  • If the GUI has been modified:
    • I have a provided a screenshot of the result in the PR.
    • I have created new frontend tests for the new component or updated existing ones.

@shivam-Purohit
Copy link
Contributor Author

shivam-Purohit commented Jun 6, 2023

ubuntu project Running - Oracle VM VirtualBox 06-06-2023 20_20_56
ubuntu project Running - Oracle VM VirtualBox 06-06-2023 20_20_41

@shivam-Purohit shivam-Purohit marked this pull request as ready for review June 8, 2023 06:31
@shivam-Purohit
Copy link
Contributor Author

shivam-Purohit commented Jun 8, 2023

The code was able to change the password successfully. I don't know if the code is good enough. Suggest some changes!

@codecov
Copy link

codecov bot commented Jun 8, 2023
edited
Loading

Codecov Report

Merging #1735 (caebd4b) into develop (aa8820f) will increase coverage by 7.88%.
The diff coverage is 75.26%.

Impacted file tree graph

@@             Coverage Diff             @@
##           develop    #1735      +/-   ##
===========================================
+ Coverage    66.75%   74.64%   +7.88%     
===========================================
  Files           95      328     +233     
  Lines         3706    11239    +7533     
  Branches       519     1236     +717     
===========================================
+ Hits          2474     8389    +5915     
- Misses         941     2340    +1399     
- Partials       291      510     +219
Impacted Files Coverage Δ
...analyzers_manager/migrations/0004_datamigration.py 91.30% <ø> (ø)
api_app/management/commands/dumpplugin.py 0.00% <0.00%> (ø)
api_app/management/commands/dumppluginconfig.py 0.00% <0.00%> (ø)
api_app/management/commands/update_analyzer.py 0.00% <0.00%> (ø)
api_app/migrations/0003_auto_20201020_1406.py 100.00% <ø> (ø)
api_app/migrations/0004_auto_20201112_0021.py 100.00% <ø> (ø)
api_app/migrations/0005_auto_20210610_1028.py 100.00% <ø> (ø)
api_app/migrations/0006_v3_release.py 100.00% <ø> (ø)
api_app/migrations/0007_alter_tag_color.py 100.00% <ø> (ø)
api_app/migrations/0008_job_user_field.py 100.00% <ø> (ø)
... and 233 more

... and 138 files with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update bac1438...caebd4b. Read the comment docs.

0ssigeno
0ssigeno approved these changes Jun 8, 2023
View reviewed changes
Copy link
Contributor

@0ssigeno 0ssigeno left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Backend side lgtm

mlodic
mlodic approved these changes Jun 8, 2023
View reviewed changes
Copy link
Member

@mlodic mlodic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

seems pretty clean.

could you just put the "change password" section before the "plugin configuration" section? I think it makes more sense in terms of usability because this section is a concept very similar to the API sessions one

authentication/views.py
# Check if the old password matches the user's current password
user = request.user
if not check_password(old_password, user.password):
# Return an error response if the old password doesn't match
Copy link
Member

@mlodic mlodic Jun 8, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could you add an info log here?

mlodic
mlodic reviewed Jun 8, 2023
View reviewed changes
authentication/views.py Outdated
# Check if the old password matches the user's current password
user = request.user
if not check_password(old_password, user.password):
logger.info("Invalid old password")
Copy link
Member

@mlodic mlodic Jun 8, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could you please log the user too?

Copy link
Member

@mlodic mlodic Jun 8, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

otherwise it's impossible to debug that behavior and the log is almost useless

Copy link
Contributor Author

@shivam-Purohit shivam-Purohit Jun 8, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

logger.info(f"{uname} has inputted invalid old password")
will this work
or something like
logger.info(f"ChangePasswordView:{uname} inputted invalid old password")

Copy link
Member

@mlodic mlodic Jun 8, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

first one is enough! ty!

@mlodic
Copy link
Member

mlodic commented Jun 12, 2023

great! :)

@mlodic mlodic merged commit 970af8b into develop Jun 12, 2023
@0ssigeno 0ssigeno deleted the authentication branch June 13, 2023 15:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mlodic mlodic mlodic approved these changes

@0ssigeno 0ssigeno 0ssigeno approved these changes

@0x0elliot 0x0elliot Awaiting requested review from 0x0elliot

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@shivam-Purohit @mlodic @0ssigeno