From 8507e408039b1ae69177aead879b7d9ffa72a20b Mon Sep 17 00:00:00 2001
From: Mark <mark@openappstack.net>
Date: Wed, 11 Sep 2019 11:21:36 +0200
Subject: [PATCH] Add API function verify password

---
 database/schema.py   |  8 +++++++-
 test/test_graphql.py | 16 ++++++++++++++++
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/database/schema.py b/database/schema.py
index 35e9762..76eee5c 100644
--- a/database/schema.py
+++ b/database/schema.py
@@ -3,7 +3,7 @@ from graphene import relay
 from graphene_sqlalchemy import SQLAlchemyObjectType, SQLAlchemyConnectionField
 from database.models import User as UserModel, Application as ApplicationModel, Role as RoleModel
 from database.database import db_session, get_user_datastore
-from flask_security.utils import hash_password
+from flask_security.utils import hash_password, verify_and_update_password
 
 user_datastore = get_user_datastore()
 
@@ -106,11 +106,17 @@ class Query(graphene.ObjectType):
     node = relay.Node.Field()
     all_users = SQLAlchemyConnectionField(User)
     get_user = graphene.Field(User,username=graphene.String())
+    verify_password = graphene.Field(graphene.Boolean, username=graphene.String(), password=graphene.String())
 
     def resolve_get_user(root, info, username):
         query = User.get_query(info)
         return query.filter(UserModel.username == username).first()
 
+    def resolve_verify_password(root, info, username, password):
+        query = User.get_query(info)
+        user = query.filter(UserModel.username == username).first()
+        return verify_and_update_password(password, user)
+
 
 class Mutation(graphene.ObjectType):
     create_user = UserMutation.Field()
diff --git a/test/test_graphql.py b/test/test_graphql.py
index acf1d9f..54965cc 100644
--- a/test/test_graphql.py
+++ b/test/test_graphql.py
@@ -69,6 +69,22 @@ class GraphQlTests(LiveServerTestCase):
         self.assertEqual(user["username"], username)
         self.assertEqual(user["email"], email)
 
+    def test_verify_user_password(self):
+        username = "graphqluser"
+        password = "randompassword"
+        email = "user@example.com"
+        self._create_user(username, password, email)
+        querystring = '''
+        query{{
+          verifyPassword(
+            username: "{0}",
+            password: "{1}")
+            }}
+        '''.format(username, password).strip()
+        result = loads(self.client.execute(querystring))
+        self.assertIn("data", result)
+        self.assertTrue(result["data"]["verifyPassword"])
+
     def _create_user(self, username, password, email):
         querystring = '''
         mutation{{
-- 
GitLab