Beispiel #1
0
def test_send_registration_with_email_already_exists_in_authentication_method(flask_server, user):
    session = requests.session()

    # generate token
    token = generate_token('*****@*****.**', salt='invitation',
                           secret_key=flask_server.app.config['SECRET_KEY'])
    data = {'token': token}
    url = flask_server.base_url + 'users/invitation'
    r = session.get(url, params=data)
    url = flask_server.base_url + 'users/invitation?token=' + token
    assert r.status_code == 200
    document = BeautifulSoup(r.content, 'html.parser')

    assert document.find('input', {'name': 'csrf_token', 'type': 'hidden'}) is not None
    csrf_token = document.find('input', {'name': 'csrf_token'})['value']

    with flask_server.app.app_context():
        len_old = len(sampledb.models.User.query.all())

    # Submit registration, invitation email changed in form registration
    r = session.post(url, {
        'email': '*****@*****.**',
        'name': 'Test',
        'password': '******',
        'password2': 'test',
        'csrf_token': csrf_token
    })
    assert r.status_code == 200
    assert 'There already is an account with this email address' in r.content.decode('utf-8')
Beispiel #2
0
def test_send_registration_with_wrong_invitation_email(flask_server):
    session = requests.session()
    # generate token
    token = generate_token('*****@*****.**', salt='invitation',
                           secret_key=flask_server.app.config['SECRET_KEY'])
    data = {'token': token}
    url = flask_server.base_url + 'users/invitation'
    r = session.get(url, params=data)
    url = flask_server.base_url + 'users/invitation?token=' + token
    assert r.status_code == 200
    document = BeautifulSoup(r.content, 'html.parser')

    assert document.find('input', {'name': 'csrf_token', 'type': 'hidden'}) is not None
    csrf_token = document.find('input', {'name': 'csrf_token'})['value']

    with flask_server.app.app_context():
        len_old = len(sampledb.models.User.query.all())

    # Submit registration, invitation email changed in form registration
    r = session.post(url, {
        'email': '*****@*****.**',
        'name': 'Testu',
        'password': '******',
        'password2': 'test',
        'csrf_token': csrf_token
    })
    assert r.status_code == 200
    # check, if registrated user is not added to db
    with flask_server.app.app_context():
        assert len(sampledb.models.User.query.all()) == len_old
Beispiel #3
0
def test_registration(flask_server):
    session = requests.session()
    # generate token
    token = generate_token('*****@*****.**', salt='invitation', secret_key=flask_server.app.config['SECRET_KEY'])
    data = {'token': token}
    url = flask_server.base_url + 'users/invitation'
    r = session.get(url, params=data)
    url = flask_server.base_url + 'users/invitation?token='+token
    assert r.status_code == 200
    document = BeautifulSoup(r.content, 'html.parser')

    assert document.find('input', {'name': 'csrf_token', 'type': 'hidden'}) is not None
    csrf_token = document.find('input', {'name': 'csrf_token'})['value']

    # Submit the missing information and complete the registration
    r = session.post(url, {
        'email': '*****@*****.**',
        'name': 'Testuser',
        'password': '******',
        'password2': 'test',
        'csrf_token': csrf_token
    })
    assert r.status_code == 200
    # check, if registrated user is added to db
    with flask_server.app.app_context():
        user = sampledb.models.users.User.query.filter_by(name="Testuser").one()

    assert user.email == "*****@*****.**"
Beispiel #4
0
def test_registration_with_wrong_token_403(flask_server):
    session = requests.session()
    token = generate_token('*****@*****.**', salt='user_invitation',
                           secret_key=flask_server.app.config['SECRET_KEY'])
    data = {'token': token}
    assert session.get(flask_server.base_url + 'users/me/loginstatus').json() is False
    url = flask_server.base_url + 'users/invitation'
    r = session.get(url, params=data)
    assert r.status_code == 403
Beispiel #5
0
def test_registration_with_token_available(flask_server):
    session = requests.session()
    # generate token
    token = generate_token('*****@*****.**', salt='invitation', secret_key=flask_server.app.config['SECRET_KEY'])
    data = {'token': token}
    assert session.get(flask_server.base_url + 'users/me/loginstatus').json() is False

    url = flask_server.base_url + 'users/invitation'
    r = session.get(url, params=data)
    assert r.status_code == 200

    assert 'Account Creation' in r.content.decode('utf-8')