def test_non_registered_user_login(self): response = auth.login(dict(email='*****@*****.**',password='******',username='******')) data = response.json self.assertTrue(data['status'] == 'fail') self.assertTrue(data['message'] == 'User does not exist.') self.assertTrue(response.content_type == 'application/json') self.assertEqual(response.status_code, 404)
def login():
if not request.json:
abort(401)
if request.json["username"] is None:
abort(403)
if request.json["password"] is None:
abort(403)
return auth.login(request.json)
def test_non_registered_user_login(self):
response = auth.login(
dict(email='*****@*****.**', password='******', username='******'))
data = response.json
self.assertTrue(data['status'] == 'fail')
self.assertTrue(data['message'] == 'User does not exist.')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 404)
def test_registered_user_login(self):
response = self.do_register('*****@*****.**', '123456789')
data_register = response.json
response = auth.login(dict(email='*****@*****.**',password='******',username='******'))
data = response.json
self.assertTrue(data['status'] == 'success')
self.assertTrue(data['message'] == 'Successfully logged in.')
self.assertTrue(data['auth_token'])
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 201)
def test_banned_user_login(self):
response = self.do_register('*****@*****.**', '123456789')
data_register = response.json
user = User.query.filter_by(email='*****@*****.**').first()
user_logic.ban_user(user.id)
response = auth.login(dict(email='*****@*****.**',password='******',username='******'))
data = response.json
self.assertTrue(data['status'] == 'fail')
self.assertTrue(data['message'] == 'User is banned.')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 403)
def test_registered_user_login(self):
response = self.do_register('*****@*****.**', '123456789')
data_register = response.json
response = auth.login(
dict(email='*****@*****.**',
password='******',
username='******'))
data = response.json
self.assertTrue(data['status'] == 'success')
self.assertTrue(data['message'] == 'Successfully logged in.')
self.assertTrue(data['auth_token'])
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 201)
def test_send_to_user_who_blocked_me(self):
data = self.build_data()
user_logic.add_blocklist(2, 1)
resp_login = auth.login(dict(email='*****@*****.**',password='******',username='******'))
response = self.client.post(
'/api/message/',
headers={'Authorization':'Bearer ' +
resp_login.json['auth_token'], 'CSRF-Token':'2018-10-14 18:54:25.991752.DqUiYQ.dNTEDv7Ay6xxz9JMCmUUvBPYpf0'},
content_type='application/json',
data=json.dumps(data)
)
self.assertTrue(response.status_code == 403)
self.assertTrue(response.json['message'] == 'Cannot message user who has you blocked.')
def test_banned_user_login(self):
response = self.do_register('*****@*****.**', '123456789')
data_register = response.json
user = User.query.filter_by(email='*****@*****.**').first()
user_logic.ban_user(user.id)
response = auth.login(
dict(email='*****@*****.**',
password='******',
username='******'))
data = response.json
self.assertTrue(data['status'] == 'fail')
self.assertTrue(data['message'] == 'User is banned.')
self.assertTrue(response.content_type == 'application/json')
self.assertEqual(response.status_code, 403)
def test_invalid_logout(self):
resp_register = auth.register(
dict(email='*****@*****.**', password='******', username='******'))
data_register = resp_register.json
resp_login = auth.login(
dict(email='*****@*****.**', password='******', username='******'))
data_login = resp_login.json
response = self.client.post('/api/user/logout/',
headers=dict(Authorization='Bearer ' +
'sdflksjdflds'),
content_type='application/json',
data=json.dumps(dict(empty='empty')))
data = json.loads(response.data.decode())
self.assertTrue(data['status'] == 'fail')
self.assertTrue(
data['message'] == 'Invalid token. Please log in again.')
self.assertEqual(response.status_code, 401)
def test_valid_logout(self):
resp_register = self.do_register('*****@*****.**', '123456789')
data_register = resp_register.json
resp_login = auth.login(
dict(email='*****@*****.**',
password='******',
username='******'))
data_login = resp_login.json
response = self.client.post('/api/user/logout/',
headers=dict(Authorization='Bearer ' +
data_login['auth_token']),
content_type='application/json',
data=json.dumps(dict(empty='empty')))
data = response.json
self.assertTrue(data['status'] == 'success')
self.assertTrue(data['message'] == 'Successfully logged out.')
self.assertEqual(response.status_code, 201)
def test_send_to_user_who_blocked_me(self):
data = self.build_data()
user_logic.add_blocklist(2, 1)
resp_login = auth.login(
dict(email='*****@*****.**', password='******', username='******'))
response = self.client.post(
'/api/message/',
headers={
'Authorization':
'Bearer ' + resp_login.json['auth_token'],
'CSRF-Token':
'2018-10-14 18:54:25.991752.DqUiYQ.dNTEDv7Ay6xxz9JMCmUUvBPYpf0'
},
content_type='application/json',
data=json.dumps(data))
self.assertTrue(response.status_code == 403)
self.assertTrue(response.json['message'] ==
'Cannot message user who has you blocked.')
def test_valid_logout(self):
resp_register = self.do_register('*****@*****.**', '123456789')
data_register = resp_register.json
resp_login = auth.login(dict(email='*****@*****.**',password='******',username='******'))
data_login = resp_login.json
response = self.client.post(
'/api/user/logout/',
headers=dict(Authorization='Bearer ' +
data_login['auth_token']),
content_type='application/json',
data=json.dumps(dict(
empty='empty'
))
)
data = response.json
self.assertTrue(data['status'] == 'success')
self.assertTrue(data['message'] == 'Successfully logged out.')
self.assertEqual(response.status_code, 201)
def test_invalid_logout(self):
resp_register = auth.register(dict(email='*****@*****.**',password='******',username='******'))
data_register = resp_register.json
resp_login = auth.login(dict(email='*****@*****.**',password='******',username='******'))
data_login = resp_login.json
response = self.client.post(
'/api/user/logout/',
headers=dict(Authorization='Bearer ' +
'sdflksjdflds'),
content_type='application/json',
data=json.dumps(dict(
empty='empty'
))
)
data = json.loads(response.data.decode())
self.assertTrue(data['status'] == 'fail')
self.assertTrue(
data['message'] == 'Invalid token. Please log in again.')
self.assertEqual(response.status_code, 401)
def test_valid_blacklisted_token_logout(self):
resp_register = auth.register(
dict(email='*****@*****.**', password='******', username='******'))
data_register = resp_register.json
resp_login = auth.login(
dict(email='*****@*****.**', password='******', username='******'))
data_login = resp_login.json
blacklist_token = BlacklistToken(token=data_login['auth_token'])
db.session.add(blacklist_token)
db.session.commit()
# blacklisted valid token logout
response = self.client.post('/api/user/logout/',
headers=dict(Authorization='Bearer ' +
data_login['auth_token']),
content_type='application/json',
data=json.dumps(dict(empty='empty')))
data = response.json
self.assertTrue(data['status'] == 'fail')
self.assertTrue(
data['message'] == 'Token blacklisted. Please log in again.')
self.assertEqual(response.status_code, 401)
def test_valid_blacklisted_token_logout(self):
resp_register = auth.register(dict(email='*****@*****.**',password='******',username='******'))
data_register = resp_register.json
resp_login = auth.login(dict(email='*****@*****.**',password='******',username='******'))
data_login = resp_login.json
blacklist_token = BlacklistToken(token=data_login['auth_token'])
db.session.add(blacklist_token)
db.session.commit()
# blacklisted valid token logout
response = self.client.post(
'/api/user/logout/',
headers=dict(Authorization='Bearer ' +
data_login['auth_token']),
content_type='application/json',
data=json.dumps(dict(
empty='empty'
))
)
data = response.json
self.assertTrue(data['status'] == 'fail')
self.assertTrue(data['message'] == 'Token blacklisted. Please log in again.')
self.assertEqual(response.status_code, 401)