def assert_reset_password(self, api_client, password_data):
response = api_client.post(self.reset_password_url, data=password_data)
response_json = response.json()
assert response.status_code == status.HTTP_200_OK
assert has_response_format(response)
assert response_json['code'] == response_codes.RESET_PASSWORD_SENT['code']
assert mail_outbox() == 1
def test_invalid_refresh_token(self, auth_api_client):
response = auth_api_client.post(self.test_logout_url,
{'refresh_token': 'invalid_token'})
response_json = response.json()
assert response.status_code == status.HTTP_401_UNAUTHORIZED
assert has_response_format(response)
assert response_json.get('code') == INVALID_REFRESH_TOKEN.get('code')
def test_reset_password_non_existent_user(self, api_client):
response = api_client.post(
self.reset_password_url,
data={'user': '******'},
)
response_json = response.json()
assert response.status_code == status.HTTP_404_NOT_FOUND
assert has_response_format(response)
assert response_json['code'] == response_codes.USER_NOT_FOUND['code']
def test_valid_refresh_token(self, api_client, test_user):
refresh_token = RefreshToken.for_user(test_user)
access_token = 'Bearer {0}'.format(str(refresh_token.access_token))
api_client.credentials(HTTP_AUTHORIZATION=access_token)
response = api_client.post(self.test_logout_url,
{'refresh_token': str(refresh_token)})
response_json = response.json()
assert response.status_code == status.HTTP_200_OK
assert has_response_format(response)
assert response_json.get('code') == LOGGED_OUT.get('code')
def test_confirm_reset_password__invalid_token(self, api_client):
response = api_client.post(
self.confirm_reset_password_url,
data={'token': 'anything', 'password': '******'},
)
response_json = response.json()
assert response.status_code == status.HTTP_400_BAD_REQUEST
assert has_response_format(response)
assert response_json['code'] == response_codes.INVALID_TOKEN['code']
def test_set_password__unusable_pasword(self, auth_api_client, test_user):
test_user.password = '******' # noqa
test_user.save()
data = {'password': self.new_test_password, 'confirm_password': self.new_test_password}
response = auth_api_client.post(self.password_url, data)
response_json = response.json()
assert response.status_code == status.HTTP_201_CREATED
assert has_response_format(response)
assert response_json['code'] == response_codes.PASSWORD_ADDED['code']
def test_change_password(self, auth_api_client):
data = {
'password': TEST_PASSWORD,
'new_password': '******',
'confirm_password': '******',
}
response = auth_api_client.put(self.password_url, data)
response_json = response.json()
assert response.status_code == status.HTTP_200_OK
assert has_response_format(response)
assert response_json['code'] == response_codes.PASSWORD_UPDATED['code']
def test_confirm_reset_password(self, api_client, test_user):
pending_action = PendingActionFactory(
user=test_user,
category=ActionCategory.RESET_PASSWORD.value,
)
response = api_client.post(
self.confirm_reset_password_url,
data={'token': pending_action.token, 'password': '******'}
)
response_json = response.json()
assert response.status_code == status.HTTP_200_OK
assert has_response_format(response)
assert response_json['code'] == response_codes.PASSWORD_UPDATED['code']
