def test_inactive_login_fails(self):
"""Make sure we can't log in with an inactive user."""
from horus.tests.models import User
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
user = User(username='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
from horus.views import AuthController
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
request = self.get_csrf_request(post={
'submit': True,
'username': '******',
'password': '******',
}, request_method='POST')
view = AuthController(request)
with patch('horus.views.FlashMessage') as FlashMessage:
view.login()
FlashMessage.assert_called_with(request,
'Your account is not active, please check your e-mail.',
kind='danger')
def test_login_fails_bad_credentials(self):
""" Make sure we can't login with bad credentials"""
from horus.views import AuthController
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
request = self.get_csrf_request(post={
'submit': True,
'username': '******',
'password': '******',
}, request_method='POST')
view = AuthController(request)
with patch('horus.views.FlashMessage') as FlashMessage:
view.login()
FlashMessage.assert_called_with(request,
"Invalid username or password.", kind="danger")
def test_login_fails_bad_credentials(self):
""" Make sure we can't login with bad credentials"""
from horus.views import AuthController
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
request = self.get_csrf_request(post={
'submit': True,
'username': '******',
'password': '******',
}, request_method='POST')
flash = Mock()
request.session.flash = flash
view = AuthController(request)
view.login()
flash.assert_called_with('Invalid username or password.', 'error')
def test_inactive_login_fails(self):
"""Make sure we can't log in with an inactive user."""
from horus.tests.models import User
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
user = User(username='******', email='*****@*****.**')
user.password = '******'
user.activation = Activation()
self.session.add(user)
self.session.flush()
from horus.views import AuthController
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
request = self.get_csrf_request(post={
'submit': True,
'username': '******',
'password': '******',
}, request_method='POST')
view = AuthController(request)
with patch('horus.views.FlashMessage') as FlashMessage:
view.login()
FlashMessage.assert_called_with(request,
'Your account is not active, please check your e-mail.',
kind='error')
def test_inactive_login_fails(self):
""" Make sure we can't login with an inactive user """
from horus.tests.models import User
from horus.interfaces import IHorusUserClass
from horus.interfaces import IHorusActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IHorusActivationClass)
self.config.registry.registerUtility(User, IHorusUserClass)
user = User(username='******', email='*****@*****.**')
user.set_password('foo')
user.activation = Activation()
self.session.add(user)
self.session.flush()
from horus.views import AuthController
self.config.add_route('index', '/')
self.config.include('horus')
request = self.get_csrf_request(post={
'submit': True,
'Username': '******',
'Password': '******',
}, request_method='POST')
flash = Mock()
request.session.flash = flash
view = AuthController(request)
view.login()
flash.assert_called_with(u'Your account is not active, please check your e-mail.',
'error')
def test_login_fails_bad_credentials(self):
""" Make sure we can't login with bad credentials"""
from horus.views import AuthController
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
request = self.get_csrf_request(post={
'submit': True,
'username': '******',
'password': '******',
}, request_method='POST')
view = AuthController(request)
with patch('horus.views.FlashMessage') as FlashMessage:
view.login()
FlashMessage.assert_called_with(request,
"Invalid username or password.", kind="error")
def test_login_fails_empty(self):
"""Make sure we can't log in with empty credentials."""
from horus.views import AuthController
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
request = testing.DummyRequest(post={
'submit': True,
}, request_method='POST')
view = AuthController(request)
response = view.login()
errors = response['errors']
assert errors[0].node.name == 'csrf_token'
assert errors[0].msg == 'Required'
assert errors[1].node.name == 'username'
assert errors[1].msg == 'Required'
assert errors[2].node.name == 'password'
assert errors[2].msg == 'Required'
def test_login_succeeds(self):
"""Make sure we can log in."""
from horus.tests.models import User
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
admin = User(username='******', email='*****@*****.**')
admin.password = '******'
self.session.add(admin)
self.session.flush()
from horus.views import AuthController
self.config.add_route('index', '/')
self.config.include('horus')
request = self.get_csrf_request(post={
'submit': True,
'username': '******',
'password': '******',
}, request_method='POST')
view = AuthController(request)
response = view.login()
assert response.status_int == 302
def test_csrf_invalid_fails(self):
""" Make sure we can't login with a bad csrf """
from horus.views import AuthController
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
request = self.get_csrf_request(post={
'submit': True,
'login': '******',
'password': '******',
'csrf_token': 'abc2'
}, request_method='POST')
view = AuthController(request)
response = view.login()
errors = response['errors']
assert errors[0].node.name == 'csrf_token'
assert errors[0].msg == 'Invalid cross-site scripting token'
def test_login_fails_empty(self):
"""Make sure we can't log in with empty credentials."""
from horus.views import AuthController
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
request = testing.DummyRequest(post={
'submit': True,
}, request_method='POST')
view = AuthController(request)
response = view.login()
errors = response['errors']
assert errors[0].node.name == 'csrf_token'
assert errors[0].msg == 'Required'
assert errors[1].node.name == 'username'
assert errors[1].msg == 'Required'
assert errors[2].node.name == 'password'
assert errors[2].msg == 'Required'
def test_login_succeeds(self):
"""Make sure we can log in."""
from horus.tests.models import User
from horus.interfaces import IUserClass
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
admin = User(username='******', email='*****@*****.**')
admin.password = '******'
self.session.add(admin)
self.session.flush()
from horus.views import AuthController
self.config.add_route('index', '/')
self.config.include('horus')
request = self.get_csrf_request(post={
'submit': True,
'username': '******',
'password': '******',
}, request_method='POST')
view = AuthController(request)
response = view.login()
assert response.status_int == 302
def test_csrf_invalid_fails(self):
""" Make sure we can't login with a bad csrf """
from horus.views import AuthController
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
request = self.get_csrf_request(post={
'submit': True,
'login': '******',
'password': '******',
'csrf_token': 'abc2'
}, request_method='POST')
view = AuthController(request)
response = view.login()
errors = response['errors']
assert errors[0].node.name == 'csrf_token'
assert errors[0].msg == 'Invalid cross-site scripting token'
def test_login_redirects_if_logged_in(self):
from horus.views import AuthController
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
request = testing.DummyRequest()
request.user = Mock()
view = AuthController(request)
response = view.login()
assert response.status_int == 302
def test_login_loads(self):
from horus.views import AuthController
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
request = testing.DummyRequest()
request.user = None
view = AuthController(request)
response = view.login()
assert response.get('form', None)
def test_login_redirects_if_logged_in(self):
from horus.views import AuthController
from horus.interfaces import IUserClass
from horus.tests.models import User
from horus.interfaces import IActivationClass
from horus.tests.models import Activation
self.config.registry.registerUtility(Activation, IActivationClass)
self.config.registry.registerUtility(User, IUserClass)
self.config.add_route('index', '/')
self.config.include('horus')
self.config.registry.settings['horus.login_redirect'] = 'index'
self.config.registry.settings['horus.logout_redirect'] = 'index'
request = testing.DummyRequest()
request.user = Mock()
view = AuthController(request)
response = view.login()
assert response.status_int == 302