def test_login_view(self): self.create_users() with self.flask_app.test_client() as c: resp = c.get("/accounts/login/") self.assertEqual(resp.status_code, 200) # check that we have no logged-in user self.assertContext("user", None) frm = self.get_context("form") self.assertTrue(isinstance(frm, LoginForm)) self.assertEqual(frm.data, {"username": None, "password": None}) # make a post missing the username resp = c.post("/accounts/login/", data={"username": "", "password": "******"}) self.assertEqual(resp.status_code, 200) # check form for errors frm = self.get_context("form") self.assertEqual(frm.errors, {"username": [u"This field is required."]}) # check that no messages were generated self.assertFalse("_flashes" in session) # check that the auth API does not indicate a logged-in user self.assertEqual(auth.get_logged_in_user(), None) # make a post with a bad username/password combo resp = c.post("/accounts/login/", data={"username": "******", "password": "******"}) self.assertEqual(resp.status_code, 200) # both fields were present so no form errors, but flash the user # indicating bad username/password combo self.assertTrue("_flashes" in session) messages = get_flashed_messages() self.assertEqual(messages, ["Incorrect username or password"]) # check that the auth API does not indicate a logged-in user self.assertEqual(auth.get_logged_in_user(), None) # make a post with an inactive user resp = c.post("/accounts/login/", data={"username": "******", "password": "******"}) self.assertEqual(resp.status_code, 200) # still no logged-in user self.assertContext("user", None) # check that the auth API does not indicate a logged-in user self.assertEqual(auth.get_logged_in_user(), None) # finally post as a known good user resp = c.post("/accounts/login/", data={"username": "******", "password": "******"}) self.assertEqual(resp.status_code, 302) # check that we now have a logged-in user self.assertEqual(auth.get_logged_in_user(), self.normal)
def test_login_logout(self): self.create_users() with self.flask_app.test_client() as c: resp = c.post("/accounts/login/", data={"username": "******", "password": "******"}) self.assertEqual(auth.get_logged_in_user(), self.normal) resp = c.post("/accounts/logout/") self.assertEqual(auth.get_logged_in_user(), None) resp = c.post("/accounts/login/", data={"username": "******", "password": "******"}) self.assertEqual(auth.get_logged_in_user(), self.admin) # log back in without logging out resp = c.post("/accounts/login/", data={"username": "******", "password": "******"}) self.assertEqual(auth.get_logged_in_user(), self.normal)
def test_login_required(self): self.create_users() with self.flask_app.test_client() as c: resp = c.get("/private/") self.assertEqual(resp.status_code, 302) self.assertTrue(resp.headers["location"].endswith("/accounts/login/?next=%2Fprivate%2F")) self.login("normal", "normal", c) resp = c.get("/private/") self.assertEqual(resp.status_code, 200) self.assertEqual(auth.get_logged_in_user(), self.normal) self.login("admin", "admin", c) resp = c.get("/private/") self.assertEqual(resp.status_code, 200) self.assertEqual(auth.get_logged_in_user(), self.admin)