def test_check_user_password(self):
'''验证用户的密码'''
self.add_users(10)
user_list = User.query.all()
u1 = user_list[0]
u1_login_info = u1.local_login.first()
self.assertTrue(
u1_login_info.verify_password(get_password_md5(u1.nickname)))
self.assertFalse(
u1_login_info.verify_password(get_password_md5('121212')))
def test_user_reset_password(self):
'''验证重置密码'''
user_id_list = self.add_users(1)
u = User.query.filter_by(id=user_id_list[0]).first()
login_info = u.local_login.first()
self.assertTrue(
login_info.verify_password(get_password_md5(u.nickname)))
login_info.reset_password(get_password_md5('12ABC'))
db.session.add(login_info)
self.assertTrue(login_info.verify_password(get_password_md5('12ABC')))
self.assertFalse(
login_info.verify_password(get_password_md5(u.nickname)))
def add_users(self, count=100):
'''该方法用于生成大批量的虚拟信息'''
from sqlalchemy.exc import IntegrityError
from random import seed
import forgery_py
import random
result = []
seed()
for i in range(count):
username = forgery_py.name.full_name()
user_id = uuid.uuid4().hex
mobile = int(random.random() * 100000000)
email = forgery_py.internet.email_address()
u = User(id=user_id,
nickname=username,
email=email,
mobile=mobile,
name=username,
is_disabled=0)
ul = UserLocalAuth(user_id=u.id,
xname=uuid.uuid4().hex,
password=get_password_md5(username))
db.session.add_all([u, ul])
try:
db.session.commit()
result.append(user_id)
except IntegrityError:
db.session.rollback()
return result
def test_verify_token(self):
'''验证 Token 的有效性'''
self.add_users(10)
user_list = User.query.all()
u = user_list[5]
# 获取Token
response = self.client.post('/wwwapi/v1/GetToken',
headers=self.get_api_headers(
auth_type='email-password',
account=u.email,
password=get_password_md5(
self.default_password)))
self.assertTrue(response.status_code == 200)
res = json.loads(response.data)
token = res.get('token')
# 通过获取 用户信息来验证 Token
response = self.client.post('/wwwapi/v1/GetUser',
headers=self.get_api_headers(
auth_type='token', token=token))
self.assertTrue(response.status_code == 200)
res = json.loads(response.data)
self.assertNotIn('code', res.keys())
self.assertIn('User', res.keys())
def test_user_set(self):
'''验证 设置用户个人信息的有效性'''
self.add_users(10)
user_list = User.query.all()
u = user_list[8]
# 旧的用户信息
old_info = u.to_dict()
# 待更新的信息
update_info = {
'intro':
forgery_py.currency.description(),
'note':
'{}x{}'.format(forgery_py.internet.user_name(),
forgery_py.internet.cctld())
}
# 更新用户信息 SetUser
response = self.client.post('/wwwapi/v1/SetUser',
headers=self.get_api_headers(
auth_type='email-password',
account=old_info.get('email'),
password=get_password_md5(
self.default_password)),
data=json.dumps(update_info))
self.assertTrue(response.status_code == 200)
# 重新获取用户信息
response = self.client.post('/wwwapi/v1/GetUser',
headers=self.get_api_headers(
auth_type='email-password',
account=old_info.get('email'),
password=get_password_md5(
self.default_password)))
self.assertTrue(response.status_code == 200)
res = json.loads(response.data)
for k, v in update_info.items():
self.assertTrue(res.get('User', {}).get(k) == v)
def test_user_reset_password(self):
'''验证密码重置后的有效性'''
user_list = self.add_users(1)
u = User.query.filter_by(email=user_list[0].get('email')).first()
login_info = u.local_login.first()
# 验证原始密码 有效
self.assertTrue(
login_info.verify_password(get_password_md5(
self.default_password)))
# 重置用户密码
login_info.reset_password(get_password_md5('12ABC'))
db.session.add(login_info)
# 验证新密码有效
self.assertTrue(login_info.verify_password(get_password_md5('12ABC')))
# 验证原密码无效
self.assertFalse(
login_info.verify_password(get_password_md5(
self.default_password)))
def test_api_GetToken(self):
'''验证-api-获取Token'''
user_id_list = self.add_users(1)
u = User.query.filter_by(id=user_id_list[0]).first()
# 验证密码错误的请求
response = self.client.post(url_for('api_www.gettoken'),
headers=self.get_api_headers(
auth_type='email-password',
account=u.email,
password=get_password_md5(u.nickname)))
self.assertTrue(response.status_code == 200)
def test_get_token(self):
'''验证获取 Token 是否成功'''
self.add_users(10)
user_list = User.query.all()
u = user_list[5]
# 验证密码错误的请求
response = self.client.post('/wwwapi/v1/GetToken',
headers=self.get_api_headers(
auth_type='email-password',
account=u.email,
password=get_password_md5(
self.default_password)))
self.assertTrue(response.status_code == 200)
def add_users(self, count=100):
'''该方法用于生成大批量的虚拟信息'''
from sqlalchemy.exc import IntegrityError
from random import seed
import random
result = []
seed()
for i in range(count):
new_user = {
'nickname': forgery_py.internet.user_name(),
'email': forgery_py.internet.email_address(),
'mobile': int(random.random() * 100000000),
'name': forgery_py.name.full_name(),
'password': get_password_md5(self.default_password),
}
# 获取Token
response = self.client.post('/wwwapi/v1/AddUser',
headers=self.get_api_headers(),
data=json.dumps(new_user))
self.assertTrue(response.status_code == 200)
new_user['password'] = self.default_password
result.append(new_user)
return result
