def _assert_response_is_bad_password(request, expected_error_message): assert_response_is_bad_request(request) assert isinstance(request.data, dict) assert 'password' in request.data password_errors = request.data['password'] assert len(password_errors) == 1 error_message = password_errors[0] assert error_message == expected_error_message
def test_when_deprecated_login_serializer_and_invalid_creds_then_failure( settings_minimal, user, api_view_provider, api_factory): request = api_factory.create_post_request({ 'login': '******', 'password': '******', }) api_factory.add_session_to_request(request) response = api_view_provider.view_func(request) assert_response_is_bad_request(response)
def test_invalid_non_field_errors(settings_minimal, user, password_change, api_view_provider, api_factory): request = api_factory.create_post_request({ 'login': user.username, 'password': "******", }) api_factory.add_session_to_request(request) response = api_view_provider.view_func(request) assert "non_field_errors" in response.data assert_response_is_bad_request(response)
def test_when_password_same_as_username_then_failure( settings_with_reset_password_verification, user, user_signed_data, old_password, api_view_provider, api_factory): user_signed_data['password'] = user.username request = api_factory.create_post_request(user_signed_data) response = api_view_provider.view_func(request) assert_response_is_bad_request(response) user.refresh_from_db() assert user.check_password(old_password)
def test_when_confirm_enabled_and_no_password_confirm_field_then_failure( settings_with_reset_password_verification, user, user_signed_data, old_password, new_password, api_view_provider, api_factory): user_signed_data['password'] = new_password request = api_factory.create_post_request(user_signed_data) response = api_view_provider.view_func(request) assert_response_is_bad_request(response) user.refresh_from_db() assert user.check_password(old_password)
def test_when_faulty_auth_token_manager_then_login_fails( settings_minimal, user, password_change, api_view_provider, api_factory): password = password_change.old_value request = api_factory.create_post_request({ 'login': user.username, 'password': password, }) api_factory.add_session_to_request(request) response = api_view_provider.view_func(request) assert_response_is_bad_request(response)
def test_when_faulty_auth_token_manager_then_logout_fails( settings_minimal, user, api_view_provider, api_factory): Token.objects.get_or_create(user=user) request = api_factory.create_post_request({ 'revoke_token': True, }) force_authenticate(request, user=user) api_factory.add_session_to_request(request) response = api_view_provider.view_func(request) assert_response_is_bad_request(response) assert response.data['detail'] == 'Authentication token cannot be revoked'
def test_register_email_fail_email_already_used( settings_with_simple_email_based_user, user, api_view_provider, api_factory): request = api_factory.create_post_request({ 'email': user.email, }) force_authenticate(request, user=user) with capture_sent_emails() as sent_emails: response = api_view_provider.view_func(request) assert_no_email_sent(sent_emails) assert_response_is_bad_request(response) assert "detail" in response.data
def test_when_confirm_enabled_and_no_password_confirm_field_then_reset_password_fails( # noqa: E501 settings_with_reset_password_verification, user, password_change, api_view_provider, api_factory): old_password = password_change.old_value new_password = password_change.new_value signer = ResetPasswordSigner({'user_id': user.pk}) data = signer.get_signed_data() data['password'] = new_password request = api_factory.create_post_request(data) response = api_view_provider.view_func(request) assert_response_is_bad_request(response) user.refresh_from_db() assert user.check_password(old_password)