async def test_can_change_password(client, user, login): url = app.url_path_for("auth:password_change") response = await client.post( url, data={ "current_password": "******", "new_password": "******", "confirm_new_password": "******", }, ) assert response.status_code == 302 assert response.is_redirect assert response.next_request.url == "http://test/" # can then use new password url = app.url_path_for("auth:logout") response = await client.get(url) assert response.status_code == 302 assert response.is_redirect assert response.next_request.url == "http://test/" url = app.url_path_for("auth:login") response = await client.post(url, data={"email": user.email, "password": "******"}) assert response.status_code == 302 assert response.is_redirect assert response.next_request.url == "http://test/"
def test_reset_password(self, db): pass_before_reset = hash_password('beforereset') user = User(email='*****@*****.**', first_name='forgot', last_name='password', hashed_password=pass_before_reset, email_verified=True) db.add(user) db.commit() reset_token = password_reset_token(user.email) data = {'token': reset_token, 'password': '******'} response = client.post(app.url_path_for('password_reset_confirm'), json=data) assert response.status_code == status.HTTP_200_OK # log in with new password data = {'username': user.email, 'password': '******'} response = client.post(app.url_path_for('login'), data=data) assert response.status_code == status.HTTP_200_OK assert 'access_token' in response.json() # confirm cannot login with old password: data = {'username': user.email, 'password': '******'} response = client.post(app.url_path_for('login'), data=data) assert response.status_code == status.HTTP_401_UNAUTHORIZED assert 'access_token' not in response.json()
async def test_get(client, user): url = app.url_path_for("auth:login") await client.post(url, data={"email": user.email, "password": "******"}) url = app.url_path_for("auth:password_change") response = await client.get(url) assert response.status_code == 200
def urls(self): from app.main import app return { "edit": app.url_path_for("blog:edit_blog", blog_id=self.id), "delete": app.url_path_for("blog:delete_blog", blog_id=self.id), }
async def test_txt_email_sent_if_user_exists(client, user, monkeypatch): async def fake_send(msg): assert msg.get_content_maintype() == "text" assert msg["To"] == user.email monkeypatch.setattr("app.auth.forms.password_reset.send_message", fake_send) url = app.url_path_for("auth:password_reset") response = await client.post(url, data={"email": user.email}) assert response.status_code == 302 assert response.is_redirect url = app.url_path_for("auth:password_reset_done") assert response.next_request.url == f"http://test{url}"
async def test_relay_anything_all_restaurants(client, cache_log_msg, caplog): response = await client.get( app.url_path_for("relay_anything", query=config["RESTAURANTS_PATH"])) assert response.status_code == 200 assert response.json() assert test_constants.VALID_MANY_RESTAURANTS_STRING in response.text assert cache_log_msg in caplog.text
async def test_email_not_sent_if_user_is_not_active(client, user, monkeypatch): user.is_active = False await user.save() async def fake_send(msg): raise Exception("An email should not have been sent") monkeypatch.setattr("app.auth.forms.password_reset.send_message", fake_send) url = app.url_path_for("auth:password_reset") response = await client.post(url, data={"email": user.email}) assert response.status_code == 302 assert response.is_redirect url = app.url_path_for("auth:password_reset_done") assert response.next_request.url == f"http://test{url}"
async def test_post_redirects(client, monkeypatch): # its important here that the post will redirect regardless # of whether the user exists or not so we specifally dont use a valid email async def fake_send(msg): raise Exception("An email should not have been sent") monkeypatch.setattr("app.auth.forms.password_reset.send_message", fake_send) url = app.url_path_for("auth:password_reset") response = await client.post(url, data={"email": "*****@*****.**"}) assert response.status_code == 302 assert response.is_redirect url = app.url_path_for("auth:password_reset_done") assert response.next_request.url == f"http://test{url}"
def test_update_me(self, db, current_user): data = {'first_name': 'NewName'} response = client.patch(app.url_path_for('update_user_me'), json=data) assert response.status_code == status.HTTP_200_OK assert response.json()['first_name'] == data['first_name'] db.refresh(current_user) assert current_user.first_name == data['first_name']
async def test_post(client, user): uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = token_generator.make_token(user) url = app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) response = await client.post(url, data={ "new_password": "******", "confirm_new_password": "******" }) assert response.status_code == 302 assert response.is_redirect url = app.url_path_for("auth:password_reset_complete") assert response.next_request.url == f"http://test{url}"
async def test_login_get(user, client, login): url = app.url_path_for("auth:logout") response = await client.get(url) assert response.status_code == 302 assert response.is_redirect assert response.next_request.url == "http://test/" assert "session" not in response.cookies
async def test_single_valid_restaurant(client, cache_log_msg, caplog): response = await client.get( app.url_path_for("get_single_restaurant", restaurant=test_constants.VALID_RESTAURANT_ID)) assert response.status_code == 200 assert response.json() assert test_constants.VALID_RESTAURANT_TITLE in response.text assert cache_log_msg in caplog.text
def test_post_main(): input_json = dict(sorted(get_json_input_files().items())) output_json = dict(sorted(get_json_output_files().items())) test_list = zip(input_json.values(), output_json.values()) for injson, outjson in test_list: response = client.post(app.url_path_for("stocks"), json=injson) assert response.json() == outjson assert response.status_code == 200
async def test_get_invalid_uid(client, user): uidb64 = "XX" token = token_generator.make_token(user) url = app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) response = await client.get(url) assert response.status_code == 404
async def test_get_invalid_token(client, user): uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = "9t9olo-f3de2d54710b829c6a59" url = app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) response = await client.get(url) assert response.status_code == 404
async def test_get_200(client, user): uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = token_generator.make_token(user) url = app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) response = await client.get(url) assert response.status_code == 200
async def test_invalid(test_data, client, user): uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = token_generator.make_token(user) url = app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) response = await client.post(url, data=test_data) assert response.status_code == 200 assert response.url == f"http://test{url}"
def test_update_password(self, db, current_user): current_user.hashed_password = hash_password('oldpassword') db.commit() data = {'current_password': '******', 'password': '******'} response = client.post(app.url_path_for('update_password_me'), json=data) assert response.status_code == status.HTTP_200_OK assert response.json()['detail'] == 'ok' db.refresh(current_user) assert verify_password(data['password'], current_user.hashed_password)
async def test_can_login(client, user): url = app.url_path_for("auth:login") response = await client.post(url, data={ "email": user.email, "password": "******" }) assert response.status_code == 302 assert response.is_redirect assert response.next_request.url == "http://test/" assert "session" in response.cookies
async def test_relay_anything_single_restaurants(client, cache_log_msg, caplog): response = await client.get( app.url_path_for( "relay_anything", query= f"{config['RESTAURANTS_PATH']}/{test_constants.VALID_RESTAURANT_ID}", )) assert response.status_code == 200 assert response.json() assert test_constants.VALID_RESTAURANT_TITLE in response.text assert cache_log_msg in caplog.text
def test_register_email_taken(self, db, current_user): data = { 'email': current_user.email, 'first_name': 'Bilbo', 'last_name': 'Taggins', 'password': '******' } with record_messages() as outbox: response = client.post(app.url_path_for('register'), json=data) assert len(outbox) == 0 assert response.status_code == status.HTTP_422_UNPROCESSABLE_ENTITY assert 'email already exists' in response.json()['detail'].lower()
async def test_get_user_url_is_invalid_by_logging_in(client, user): uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = token_generator.make_token(user) url = app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) # here we just update the last_login to simulate the user logging # in after the pw request is created user.last_login = datetime.utcnow() await user.save() response = await client.get(url) assert response.status_code == 404
def test_login(self, db): password = '******' hashed_password = hash_password(password) new_user = User(email='*****@*****.**', first_name='hi', last_name='there', hashed_password=hashed_password) db.add(new_user) db.commit() data = {'username': '******', 'password': password} response = client.post(app.url_path_for('login'), data=data) assert response.status_code == 200 assert 'access_token' in response.json()
async def test_post_changed_password(client, user): uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = token_generator.make_token(user) url = app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) await client.post(url, data={ "new_password": "******", "confirm_new_password": "******" }) user = await User.get(user.id) assert user.check_password("foobar25")
async def test_post_url_is_one_time_use(client, user): uidb64 = urlsafe_base64_encode(bytes(str(user.id), encoding="utf-8")) token = token_generator.make_token(user) url = app.url_path_for("auth:password_reset_confirm", uidb64=uidb64, token=token) await client.post(url, data={ "new_password": "******", "confirm_new_password": "******" }) another = await client.get(url) assert another.status_code == 404
def test_request_reset_password_not_verified(self, db): user = User(email='*****@*****.**', first_name='forgot', last_name='password', hashed_password='******') db.add(user) db.commit() data = {'email': user.email} with record_messages() as outbox: response = client.post(app.url_path_for('request_password_reset'), json=data) assert len(outbox) == 0 assert response.status_code == status.HTTP_200_OK
def test_register(self, db): data = { 'email': '*****@*****.**', 'first_name': 'Bilbo', 'last_name': 'Taggins', 'password': '******' } with record_messages() as outbox: response = client.post(app.url_path_for('register'), json=data) assert len(outbox) == 1 assert 'verify' in outbox[0].get('subject').lower() assert response.json()['email'] == data['email'] assert response.status_code == status.HTTP_201_CREATED assert db.query(exists().where(User.email == data['email'])).scalar()
def test_confirm_email(self, db): unverified_user = User(email='*****@*****.**', first_name='hi', last_name='there', hashed_password='******') db.add(unverified_user) db.commit() assert not unverified_user.email_verified confirm_link = get_email_confirmation_link( app.url_path_for('confirm_email'), unverified_user.email) response = client.get(confirm_link) assert response.status_code == status.HTTP_200_OK assert response.json()['detail'] == 'ok' db.refresh(unverified_user) assert unverified_user.email_verified
async def test_get(client): url = app.url_path_for("auth:password_reset_complete") response = await client.get(url) assert response.status_code == 200
async def test_home_get(client): url = app.url_path_for("home") response = await client.get(url) assert response.status_code == 200