def test_basic_custom_forms(app, sqlalchemy_datastore):
class MyLoginForm(LoginForm):
email = StringField("My Login Email Address Field")
class MyRegisterForm(RegisterForm):
email = StringField("My Register Email Address Field")
class MyForgotPasswordForm(ForgotPasswordForm):
email = StringField(
"My Forgot Email Address Field",
validators=[email_required, email_validator, valid_user_email],
)
class MyResetPasswordForm(ResetPasswordForm):
password = StringField("My Reset Password Field")
class MyChangePasswordForm(ChangePasswordForm):
password = PasswordField("My Change Password Field")
app.security = Security(
app,
datastore=sqlalchemy_datastore,
login_form=MyLoginForm,
register_form=MyRegisterForm,
forgot_password_form=MyForgotPasswordForm,
reset_password_form=MyResetPasswordForm,
change_password_form=MyChangePasswordForm,
)
populate_data(app)
client = app.test_client()
response = client.get("/login")
assert b"My Login Email Address Field" in response.data
response = client.get("/register")
assert b"My Register Email Address Field" in response.data
response = client.get("/reset")
assert b"My Forgot Email Address Field" in response.data
with capture_reset_password_requests() as requests:
response = client.post("/reset", data=dict(email="*****@*****.**"))
token = requests[0]["token"]
response = client.get("/reset/" + token)
assert b"My Reset Password Field" in response.data
authenticate(client)
response = client.get("/change")
assert b"My Change Password Field" in response.data
def clients(request, app, tmpdir, realdburl):
if request.param == "cl-sqlalchemy":
ds = sqlalchemy_setup(request, app, tmpdir, realdburl)
elif request.param == "c2":
ds = sqlalchemy_session_setup(request, app, tmpdir, realdburl)
elif request.param == "cl-mongo":
ds = mongoengine_setup(request, app, tmpdir, realdburl)
elif request.param == "cl-peewee":
ds = peewee_setup(request, app, tmpdir, realdburl)
elif request.param == "cl-pony":
# Not working yet.
ds = pony_setup(request, app, tmpdir, realdburl)
app.security = Security(app, datastore=ds)
populate_data(app)
if request.param == "cl-peewee":
# peewee is insistent on a single connection?
ds.db.close_db(None)
return app.test_client()
def test_token_query(in_app_context):
# Verify that when authenticating with auth token (and not session)
# that there is just one DB query to get user.
app = in_app_context
populate_data(app)
client_nc = app.test_client(use_cookies=False)
response = json_authenticate(client_nc)
token = response.json["response"]["user"]["authentication_token"]
current_nqueries = get_num_queries(app.security.datastore)
response = client_nc.get(
"/token",
headers={"Content-Type": "application/json", "Authentication-Token": token},
)
assert response.status_code == 200
end_nqueries = get_num_queries(app.security.datastore)
assert current_nqueries is None or end_nqueries == (current_nqueries + 1)
def test_verifying_token_from_version_3x(in_app_context):
"""
Check token generated with flask security 3.x, which has different form
than token from version 4.0.0, can be verified
"""
app = in_app_context
populate_data(app)
with app.test_request_context("/"):
user = app.security.datastore.find_user(email="*****@*****.**")
token = get_auth_token_version_3x(app, user)
data = app.security.remember_token_serializer.loads(
token, max_age=app.security.token_max_age
)
assert user.verify_auth_token(data) is True
def test_auth_token_decorator(in_app_context):
"""
Test accessing endpoint decorated with auth_token_required
when using token generated by flask security 3.x algorithm
"""
app = in_app_context
populate_data(app)
client_nc = app.test_client(use_cookies=False)
with app.test_request_context("/"):
user = app.security.datastore.find_user(email="*****@*****.**")
token = get_auth_token_version_3x(app, user)
response = client_nc.get(
"/token",
headers={"Content-Type": "application/json", "Authentication-Token": token},
)
assert response.status_code == 200
def test_session_query(in_app_context):
# Verify that when authenticating with auth token (but also sending session)
# that there are 2 DB queries to get user.
# This is since the session will load one - but auth_token_required needs to
# verify that the TOKEN is valid (and it is possible that the user_id in the
# session is different that the one in the token (huh?)
app = in_app_context
populate_data(app)
client = app.test_client()
response = json_authenticate(client)
token = response.json["response"]["user"]["authentication_token"]
current_nqueries = get_num_queries(app.security.datastore)
response = client.get(
"/token",
headers={"Content-Type": "application/json", "Authentication-Token": token},
)
assert response.status_code == 200
end_nqueries = get_num_queries(app.security.datastore)
assert current_nqueries is None or end_nqueries == (current_nqueries + 2)
def client_nc(request, sqlalchemy_app):
# useful for testing token auth.
# No Cookies for You!
app = sqlalchemy_app()
populate_data(app)
return app.test_client(use_cookies=False)
def client(request, sqlalchemy_app):
app = sqlalchemy_app()
populate_data(app)
return app.test_client()
def client(request: pytest.FixtureRequest, sqlalchemy_app: t.Callable) -> "FlaskClient":
app = sqlalchemy_app()
populate_data(app)
return app.test_client()
