def test_check_user_password(self): '''验证用户的密码''' self.add_users(10) user_list = User.query.all() u1 = user_list[0] u1_login_info = u1.local_login.first() self.assertTrue( u1_login_info.verify_password(get_password_md5(u1.nickname))) self.assertFalse( u1_login_info.verify_password(get_password_md5('121212')))
def test_user_reset_password(self): '''验证重置密码''' user_id_list = self.add_users(1) u = User.query.filter_by(id=user_id_list[0]).first() login_info = u.local_login.first() self.assertTrue( login_info.verify_password(get_password_md5(u.nickname))) login_info.reset_password(get_password_md5('12ABC')) db.session.add(login_info) self.assertTrue(login_info.verify_password(get_password_md5('12ABC'))) self.assertFalse( login_info.verify_password(get_password_md5(u.nickname)))
def add_users(self, count=100): '''该方法用于生成大批量的虚拟信息''' from sqlalchemy.exc import IntegrityError from random import seed import forgery_py import random result = [] seed() for i in range(count): username = forgery_py.name.full_name() user_id = uuid.uuid4().hex mobile = int(random.random() * 100000000) email = forgery_py.internet.email_address() u = User(id=user_id, nickname=username, email=email, mobile=mobile, name=username, is_disabled=0) ul = UserLocalAuth(user_id=u.id, xname=uuid.uuid4().hex, password=get_password_md5(username)) db.session.add_all([u, ul]) try: db.session.commit() result.append(user_id) except IntegrityError: db.session.rollback() return result
def test_verify_token(self): '''验证 Token 的有效性''' self.add_users(10) user_list = User.query.all() u = user_list[5] # 获取Token response = self.client.post('/wwwapi/v1/GetToken', headers=self.get_api_headers( auth_type='email-password', account=u.email, password=get_password_md5( self.default_password))) self.assertTrue(response.status_code == 200) res = json.loads(response.data) token = res.get('token') # 通过获取 用户信息来验证 Token response = self.client.post('/wwwapi/v1/GetUser', headers=self.get_api_headers( auth_type='token', token=token)) self.assertTrue(response.status_code == 200) res = json.loads(response.data) self.assertNotIn('code', res.keys()) self.assertIn('User', res.keys())
def test_user_set(self): '''验证 设置用户个人信息的有效性''' self.add_users(10) user_list = User.query.all() u = user_list[8] # 旧的用户信息 old_info = u.to_dict() # 待更新的信息 update_info = { 'intro': forgery_py.currency.description(), 'note': '{}x{}'.format(forgery_py.internet.user_name(), forgery_py.internet.cctld()) } # 更新用户信息 SetUser response = self.client.post('/wwwapi/v1/SetUser', headers=self.get_api_headers( auth_type='email-password', account=old_info.get('email'), password=get_password_md5( self.default_password)), data=json.dumps(update_info)) self.assertTrue(response.status_code == 200) # 重新获取用户信息 response = self.client.post('/wwwapi/v1/GetUser', headers=self.get_api_headers( auth_type='email-password', account=old_info.get('email'), password=get_password_md5( self.default_password))) self.assertTrue(response.status_code == 200) res = json.loads(response.data) for k, v in update_info.items(): self.assertTrue(res.get('User', {}).get(k) == v)
def test_user_reset_password(self): '''验证密码重置后的有效性''' user_list = self.add_users(1) u = User.query.filter_by(email=user_list[0].get('email')).first() login_info = u.local_login.first() # 验证原始密码 有效 self.assertTrue( login_info.verify_password(get_password_md5( self.default_password))) # 重置用户密码 login_info.reset_password(get_password_md5('12ABC')) db.session.add(login_info) # 验证新密码有效 self.assertTrue(login_info.verify_password(get_password_md5('12ABC'))) # 验证原密码无效 self.assertFalse( login_info.verify_password(get_password_md5( self.default_password)))
def test_api_GetToken(self): '''验证-api-获取Token''' user_id_list = self.add_users(1) u = User.query.filter_by(id=user_id_list[0]).first() # 验证密码错误的请求 response = self.client.post(url_for('api_www.gettoken'), headers=self.get_api_headers( auth_type='email-password', account=u.email, password=get_password_md5(u.nickname))) self.assertTrue(response.status_code == 200)
def test_get_token(self): '''验证获取 Token 是否成功''' self.add_users(10) user_list = User.query.all() u = user_list[5] # 验证密码错误的请求 response = self.client.post('/wwwapi/v1/GetToken', headers=self.get_api_headers( auth_type='email-password', account=u.email, password=get_password_md5( self.default_password))) self.assertTrue(response.status_code == 200)
def add_users(self, count=100): '''该方法用于生成大批量的虚拟信息''' from sqlalchemy.exc import IntegrityError from random import seed import random result = [] seed() for i in range(count): new_user = { 'nickname': forgery_py.internet.user_name(), 'email': forgery_py.internet.email_address(), 'mobile': int(random.random() * 100000000), 'name': forgery_py.name.full_name(), 'password': get_password_md5(self.default_password), } # 获取Token response = self.client.post('/wwwapi/v1/AddUser', headers=self.get_api_headers(), data=json.dumps(new_user)) self.assertTrue(response.status_code == 200) new_user['password'] = self.default_password result.append(new_user) return result