Beispiel #1
0
 def test_add_user_duplicate_email(self):
     """Ensure error is thrown if the email already exists."""
     add_user('test', '*****@*****.**', 'test', True)
     with self.client:
         token = get_auth_token(self.client)
         self.client.post('/users',
                          data=json.dumps({
                              'username': '******',
                              'email': '*****@*****.**',
                              'password': '******',
                          }),
                          content_type='application/json',
                          headers={'Authorization': f'Bearer {token}'})
         token_two = get_auth_token(self.client)
         response = self.client.post(
             '/users',
             data=json.dumps({
                 'username': '******',
                 'email': '*****@*****.**',
                 'password': '******'
             }),
             content_type='application/json',
             headers={'Authorization': f'Bearer {token_two}'})
         data = json.loads(response.data.decode())
         self.assertEqual(response.status_code, 400)
         self.assertIn('Sorry. That email already exists.', data['message'])
         self.assertIn('fail', data['status'])
Beispiel #2
0
 def test_valid_logout(self):
     add_user('test', '*****@*****.**', 'test')
     with self.client:
         token = get_auth_token(self.client)
         response = self.client.get(
             '/auth/logout', headers={'Authorization': f'Bearer {token}'})
         data = json.loads(response.data.decode())
         self.assertTrue(data['status'] == 'success')
         self.assertTrue(data['message'] == 'Successfully logged out.')
         self.assertEqual(response.status_code, 200)
Beispiel #3
0
 def test_invalid_logout_expired_token(self):
     add_user('test', '*****@*****.**', 'test')
     current_app.config['TOKEN_EXPIRATION_SECONDS'] = -1
     with self.client:
         token = get_auth_token(self.client)
         response = self.client.get(
             '/auth/logout', headers={'Authorization': f'Bearer {token}'})
         data = json.loads(response.data.decode())
         self.assertTrue(data['status'] == 'fail')
         self.assertTrue(
             data['message'] == 'Signature expired. Please log in again.')
         self.assertEqual(response.status_code, 401)
Beispiel #4
0
 def test_invalid_status_inactive(self):
     add_user('test', '*****@*****.**', 'test')
     # update user
     user = User.query.filter_by(email='*****@*****.**').first()
     user.active = False
     db.session.commit()
     with self.client:
         token = get_auth_token(self.client)
         response = self.client.get(
             '/auth/status', headers={'Authorization': f'Bearer {token}'})
         data = json.loads(response.data.decode())
         self.assertTrue(data['status'] == 'fail')
         self.assertTrue(data['message'] == 'Provide a valid auth token.')
         self.assertEqual(response.status_code, 401)
Beispiel #5
0
 def test_user_status(self):
     add_user('test', '*****@*****.**', 'test')
     with self.client:
         token = get_auth_token(self.client)
         response = self.client.get(
             '/auth/status', headers={'Authorization': f'Bearer {token}'})
         data = json.loads(response.data.decode())
         self.assertTrue(data['status'] == 'success')
         self.assertTrue(data['data'] is not None)
         self.assertTrue(data['data']['username'] == 'test')
         self.assertTrue(data['data']['email'] == '*****@*****.**')
         self.assertTrue(data['data']['active'])
         self.assertFalse(data['data']['admin'])
         self.assertEqual(response.status_code, 200)
Beispiel #6
0
 def test_add_user_invalid_json(self):
     """Ensure error is thrown if the JSON object is empty."""
     add_user('test', '*****@*****.**', 'test', True)
     with self.client:
         token = token = get_auth_token(self.client)
         response = self.client.post(
             '/users',
             data=json.dumps({}),
             content_type='application/json',
             headers={'Authorization': f'Bearer {token}'})
         data = json.loads(response.data.decode())
         self.assertEqual(response.status_code, 400)
         self.assertIn('Invalid payload.', data['message'])
         self.assertIn('fail', data['status'])
Beispiel #7
0
 def test_add_user_invalid_json_keys(self):
     """Ensure error is thrown if the JSON object does
     not have a username key."""
     add_user('test', '*****@*****.**', 'test', True)
     with self.client:
         token = get_auth_token(self.client)
         response = self.client.post(
             '/users',
             data=json.dumps({
                 'email': '*****@*****.**',
                 'password': '******'
             }),
             content_type='application/json',
             headers={'Authorization': f'Bearer {token}'})
         data = json.loads(response.data.decode())
         self.assertEqual(response.status_code, 400)
         self.assertIn('Invalid payload.', data['message'])
         self.assertIn('fail', data['status'])
Beispiel #8
0
 def test_add_user(self):
     """Ensure a new user can be added to the database."""
     add_user('test', '*****@*****.**', 'test', True)
     with self.client:
         token = get_auth_token(self.client)
         response = self.client.post(
             '/users',
             data=json.dumps({
                 'username': '******',
                 'email': '*****@*****.**',
                 'password': '******',
             }),
             content_type='application/json',
             headers={'Authorization': f'Bearer {token}'})
         data = json.loads(response.data.decode())
         self.assertEqual(response.status_code, 201)
         self.assertIn('[email protected] was added!', data['message'])
         self.assertIn('success', data['status'])
Beispiel #9
0
 def test_add_users_not_admin(self):
     add_user('test', '*****@*****.**', 'test')
     with self.client:
         # user login
         token = get_auth_token(self.client)
         response = self.client.post(
             '/users',
             data=json.dumps({
                 'username': '******',
                 'email': '*****@*****.**',
                 'password': '******'
             }),
             content_type='application/json',
             headers={'Authorization': f'Bearer {token}'})
         data = json.loads(response.data.decode())
         self.assertTrue(data['status'] == 'fail')
         self.assertTrue(
             data['message'] == 'You do not have permission to do that.')
         self.assertEqual(response.status_code, 401)
Beispiel #10
0
 def test_add_user_inactive(self):
     add_user('test', '*****@*****.**', 'test')
     # update user
     user = User.query.filter_by(email='*****@*****.**').first()
     user.active = False
     db.session.commit()
     with self.client:
         token = get_auth_token(self.client)
         response = self.client.post(
             '/users',
             data=json.dumps({
                 'username': '******',
                 'email': '*****@*****.**',
                 'password': '******'
             }),
             content_type='application/json',
             headers={'Authorization': f'Bearer {token}'})
         data = json.loads(response.data.decode())
         self.assertTrue(data['status'] == 'fail')
         self.assertTrue(data['message'] == 'Provide a valid auth token.')
         self.assertEqual(response.status_code, 401)