class LogoutViewTest(TestCase):
url = reverse('accounts:logout')
def setUp(self):
self.user = User(email=EMAIL,
username=USERNAME,
accepted_tos=True,
is_active=True,
is_verified=True)
self.user.set_password(PASSWORD)
self.user.save()
def tearDown(self):
self.user.delete()
def test_can_logout_with_GET(self):
self.client.login(username=USERNAME, password=PASSWORD)
response = self.client.get(self.url, follow=True)
self.assertNotEqual(response.context.get('user'), self.user)
self.assertTrue(response.context.get('user').is_anonymous)
def test_can_logout_with_POST(self):
self.client.login(username=USERNAME, password=PASSWORD)
response = self.client.get(self.url, follow=True)
self.assertNotEqual(response.context.get('user'), self.user)
self.assertTrue(response.context.get('user').is_anonymous)
def test_success_message_is_added_on_logout(self):
response = self.client.post(self.url, follow=True)
self.assertContains(response, LOGOUT_MESSAGE)
def test_logout_redirects_to_home(self):
expected_url = reverse('home')
response = self.client.get(self.url, follow=False)
self.assertRedirects(response, expected_url)
class LoginViewTest(TestCase):
url = reverse('accounts:login')
def setUp(self):
self.user = User(email=EMAIL,
username=USERNAME,
accepted_tos=True,
is_active=True,
is_verified=True)
self.user.set_password(PASSWORD)
self.user.save()
def tearDown(self):
self.user.delete()
@patch('django.contrib.auth.login')
def test_login_fails_with_wrong_credentials(self, mock_login):
self.client.post(self.url,
data={
'username': USERNAME + 'b',
'password': PASSWORD
})
self.assertFalse(mock_login.called)
def test_login_runs_with_right_credentials(self):
self.client.post(self.url,
data={
'username': USERNAME,
'password': PASSWORD
})
self.assertTrue(self.user.is_authenticated)
def test_correct_template_is_used(self):
response = self.client.get(self.url)
self.assertTemplateUsed(response, 'accounts/login.html')
def test_correct_form_is_used(self):
response = self.client.get(self.url)
self.assertIsInstance(response.context_data['form'], LoginForm)
def test_success_message_has_username_in_it(self):
response = self.client.post(self.url,
follow=True,
data={
'username': USERNAME,
'password': PASSWORD,
})
self.assertContains(response, 'Welcome %s!' % (USERNAME, ))
class NationalIdTest(TestCase):
def setUp(self):
self.user = User(username=USERNAME,
email=EMAIL,
is_active=True,
is_verified=True)
self.user.set_password(PASSWORD)
self.user.save()
def tearDown(self):
self.user.delete()
def test_image_is_deleted_from_filesystem_on_delete(self):
natid = NationalId.objects.create(
id_type=ID_TYPE,
id_number=ID_NUMBER,
user=self.user,
verification_image=SimpleUploadedFile(
name='saved.jpg',
content=open(IMAGE_PATH, 'rb').read(),
content_type='image/png'
)
)
path = natid.verification_image.file.name
natid.delete()
with self.assertRaises(FileNotFoundError):
open(path, 'rb')
def test_verification_image_dir_path(self):
natid = NationalId.objects.create(
id_type=ID_TYPE,
id_number=ID_NUMBER,
user=self.user,
verification_image=SimpleUploadedFile(
name='saved.jpg',
content=open(IMAGE_PATH, 'rb').read(),
content_type='image/png'
)
)
self.assertIn('cedula_saved.jpg', os.listdir(
os.path.join(
TEST_MEDIA_ROOT,
'user_%s' %(self.user.id,),
'docs'
)))
class UserLoginAPIViewTestCase(APITestCase):
url = reverse("accounts:login")
def setUp(self):
self.username = "******"
self.password = "******"
self.user_type = "Student"
self.user = User(
username=self.username,
user_type=self.user_type,
)
self.user.set_password(self.password)
self.user.save()
self.token = Token.objects.create(user=self.user)
def tearDown(self):
self.user.delete()
self.token.delete()
def test_authentication_without_password(self):
response = self.client.post(self.url, {"username": "******"})
self.assertEqual(400, response.status_code)
def test_authentication_with_wrong_password(self):
user_data = {"username": self.username, "password": "******"}
response = self.client.post(self.url, user_data)
self.assertEqual(400, response.status_code)
def test_authentication_with_valid_data(self):
response = self.client.post(self.url, {
"username": self.username,
"password": self.password
})
content = json.loads(response.content)
self.assertEqual(200, response.status_code)
self.assertTrue("token" in content)
self.assertEqual(content["token"], self.token.key)
class PasswordResetConfirmViewTest(TestCase):
"""
PasswordResetConfirmViewTest tests. Note that in order for tests to pass
all client requests need to have kwarg follow=True set, as the im-
plementation relies on a redirect for security.
"""
token_generator = reset_token_generator
def setUp(self):
self.user = User(email=EMAIL,
username=USERNAME,
accepted_tos=True,
is_verified=True,
is_active=True)
self.user.set_password(PASSWORD)
self.user.save()
self.token = self.token_generator.make_token(self.user)
self.uid = urlsafe_base64_encode(force_bytes(self.user.pk)).decode()
self.url = reverse('accounts:password_reset_confirm',
kwargs={
'uidb64': self.uid,
'token': self.token,
})
def tearDown(self):
self.user.delete()
def test_right_template_is_used(self):
response = self.client.get(self.url, follow=True)
self.assertTemplateUsed(response,
'accounts/password_reset_confirm.html')
def test_token_is_replaced_on_url(self):
response = self.client.get(self.url, follow=True)
self.assertNotIn(self.token, response.request.get('PATH_INFO'))
self.assertIn(INTERNAL_RESET_URL_TOKEN,
response.request.get('PATH_INFO'))
def test_uid_is_kept_on_url(self):
response = self.client.get(self.url)
self.assertIn(self.uid, response.url)
def test_proper_token_passed_displays_form(self):
response = self.client.get(self.url, follow=True)
self.assertIsNotNone(response.context_data['form'])
def test_wrong_token_passed_does_display_form_user(self):
url = reverse('accounts:password_reset_confirm',
kwargs={
'uidb64': self.uid,
'token': self.token + 'a',
})
response = self.client.get(url, follow=True)
self.assertIsNone(response.context_data['form'])
def test_proper_token_sets_validlink_true(self):
url = reverse('accounts:password_reset_confirm',
kwargs={
'uidb64': self.uid,
'token': self.token,
})
response = self.client.get(self.url, follow=True)
self.assertTrue(response.context_data['validlink'])
def test_wrong_token_sets_validlink_false(self):
url = reverse('accounts:password_reset_confirm',
kwargs={
'uidb64': self.uid,
'token': self.token + 'wrongotokeno',
})
response = self.client.get(url, follow=True)
self.assertFalse(response.context_data['validlink'])
def test_view_redirects_to_tokenless_view(self):
expected_url = reverse('accounts:password_reset_confirm',
kwargs={
'uidb64': self.uid,
'token': self.token,
}).replace(self.token, INTERNAL_RESET_URL_TOKEN)
response = self.client.get(self.url, follow=False)
self.assertRedirects(response, expected_url)
class RegistrationVerifyViewTest(TestCase):
"""
RegistrationVerifyView tests. Note that in order for tests to pass
all client requests need to have kwarg follow=True set, as the im-
plementation relies on a redirect for security.
"""
token_generator = verify_token_generator
def setUp(self):
self.unregistered_user = User(email=EMAIL,
username=USERNAME,
accepted_tos=True)
self.unregistered_user.set_password(PASSWORD)
self.unregistered_user.save()
self.token = self.token_generator.make_token(self.unregistered_user)
self.uid = urlsafe_base64_encode(force_bytes(
self.unregistered_user.pk)).decode()
self.url = reverse('accounts:register_verify',
kwargs={
'uidb64': self.uid,
'token': self.token,
})
def tearDown(self):
self.unregistered_user.delete()
def test_right_template_is_used(self):
response = self.client.get(self.url, follow=True)
self.assertTemplateUsed(response, 'accounts/registration_verify.html')
def test_token_is_replaced_on_url(self):
response = self.client.get(self.url)
self.assertNotIn(self.token, response.url)
self.assertIn(INTERNAL_VERIFICATION_URL_TOKEN, response.url)
def test_uid_is_kept_on_url(self):
response = self.client.get(self.url)
self.assertIn(self.uid, response.url)
def test_proper_token_passed_verifies_user(self):
response = self.client.get(self.url, follow=True)
refreshed_user = User.objects.get(pk=self.unregistered_user.pk)
self.assertTrue(refreshed_user.is_verified)
def test_wrong_token_passed_does_not_verify_user(self):
url = reverse('accounts:register_verify',
kwargs={
'uidb64': self.uid,
'token': self.token + 'a',
})
response = self.client.get(url, follow=True)
refreshed_user = User.objects.get(pk=self.unregistered_user.pk)
self.assertFalse(refreshed_user.is_verified)
def test_proper_token_sets_validlink_true(self):
url = reverse('accounts:register_verify',
kwargs={
'uidb64': self.uid,
'token': self.token,
})
response = self.client.get(self.url, follow=True)
self.assertTrue(response.context_data['validlink'])
def test_wrong_token_sets_validlink_false(self):
url = reverse('accounts:register_verify',
kwargs={
'uidb64': self.uid,
'token': self.token + 'wrongotokeno',
})
response = self.client.get(url, follow=True)
self.assertFalse(response.context_data['validlink'])
def test_view_redirects_to_tokenless_view(self):
expected_url = reverse('accounts:register_verify',
kwargs={
'uidb64': self.uid,
'token': self.token,
}).replace(self.token,
INTERNAL_VERIFICATION_URL_TOKEN)
response = self.client.get(self.url, follow=False)
self.assertRedirects(response, expected_url)
