def test_basic_custom_forms(app, sqlalchemy_datastore): class MyLoginForm(LoginForm): email = StringField("My Login Email Address Field") class MyRegisterForm(RegisterForm): email = StringField("My Register Email Address Field") class MyForgotPasswordForm(ForgotPasswordForm): email = StringField( "My Forgot Email Address Field", validators=[email_required, email_validator, valid_user_email], ) class MyResetPasswordForm(ResetPasswordForm): password = StringField("My Reset Password Field") class MyChangePasswordForm(ChangePasswordForm): password = PasswordField("My Change Password Field") app.security = Security( app, datastore=sqlalchemy_datastore, login_form=MyLoginForm, register_form=MyRegisterForm, forgot_password_form=MyForgotPasswordForm, reset_password_form=MyResetPasswordForm, change_password_form=MyChangePasswordForm, ) populate_data(app) client = app.test_client() response = client.get("/login") assert b"My Login Email Address Field" in response.data response = client.get("/register") assert b"My Register Email Address Field" in response.data response = client.get("/reset") assert b"My Forgot Email Address Field" in response.data with capture_reset_password_requests() as requests: response = client.post("/reset", data=dict(email="*****@*****.**")) token = requests[0]["token"] response = client.get("/reset/" + token) assert b"My Reset Password Field" in response.data authenticate(client) response = client.get("/change") assert b"My Change Password Field" in response.data
def test_basic_custom_forms(app, sqlalchemy_datastore): class MyLoginForm(LoginForm): email = StringField('My Login Email Address Field') class MyRegisterForm(RegisterForm): email = StringField('My Register Email Address Field') class MyForgotPasswordForm(ForgotPasswordForm): email = StringField( 'My Forgot Email Address Field', validators=[ email_required, email_validator, valid_user_email]) class MyResetPasswordForm(ResetPasswordForm): password = StringField('My Reset Password Field') class MyChangePasswordForm(ChangePasswordForm): password = PasswordField('My Change Password Field') app.security = Security(app, datastore=sqlalchemy_datastore, login_form=MyLoginForm, register_form=MyRegisterForm, forgot_password_form=MyForgotPasswordForm, reset_password_form=MyResetPasswordForm, change_password_form=MyChangePasswordForm) populate_data(app) client = app.test_client() response = client.get('/login') assert b'My Login Email Address Field' in response.data response = client.get('/register') assert b'My Register Email Address Field' in response.data response = client.get('/reset') assert b'My Forgot Email Address Field' in response.data with capture_reset_password_requests() as requests: response = client.post('/reset', data=dict(email='*****@*****.**')) token = requests[0]['token'] response = client.get('/reset/' + token) assert b'My Reset Password Field' in response.data authenticate(client) response = client.get('/change') assert b'My Change Password Field' in response.data
def app(app_config): """An application for the tests.""" _app = create_app() _app.config.update(app_config) ctx = _app.test_request_context() ctx.push() populate_data(_app.security.datastore) create_subjects(_db) create_assignments(_db) yield _app ctx.pop()
def test_token_query(in_app_context): # Verify that when authenticating with auth token (and not session) # that there is just one DB query to get user. app = in_app_context populate_data(app) client_nc = app.test_client(use_cookies=False) response = json_authenticate(client_nc) token = response.jdata["response"]["user"]["authentication_token"] current_nqueries = get_num_queries(app.security.datastore) response = client_nc.get( "/token", headers={"Content-Type": "application/json", "Authentication-Token": token}, ) assert response.status_code == 200 end_nqueries = get_num_queries(app.security.datastore) assert current_nqueries is None or end_nqueries == (current_nqueries + 1)
def test_session_query(in_app_context): # Verify that when authenticating with auth token (but also sending session) # that there are 2 DB queries to get user. # This is since the session will load one - but auth_token_required needs to # verify that the TOKEN is valid (and it is possible that the user_id in the # session is different that the one in the token (huh?) app = in_app_context populate_data(app) client = app.test_client() response = json_authenticate(client) token = response.jdata["response"]["user"]["authentication_token"] current_nqueries = get_num_queries(app.security.datastore) response = client.get( "/token", headers={"Content-Type": "application/json", "Authentication-Token": token}, ) assert response.status_code == 200 end_nqueries = get_num_queries(app.security.datastore) assert current_nqueries is None or end_nqueries == (current_nqueries + 2)
def client(request, sqlalchemy_app): app = sqlalchemy_app() populate_data(app) return app.test_client()
def client_nc(request, sqlalchemy_app): # useful for testing token auth. # No Cookies for You! app = sqlalchemy_app() populate_data(app) return app.test_client(use_cookies=False)