def test_login__form_submission__success(self, remember): from nuvavaalit.models import Voter from nuvavaalit.views.login import login session = DBSession() session.add(Voter(u'buck.rogers', u'secret', u'Bück', u'Rögers')) session.flush() self.assertEquals( session.query(Voter).filter_by(username=u'buck.rogers').first().fullname(), u'Bück Rögers') remember.return_value = [('X-Login', 'buck.rogers')] request = testing.DummyRequest(statsd=False) token = request.session.new_csrf_token() request.POST = { 'form.submitted': u'1', 'username': u'buck.rogers', 'password': u'secret', 'csrf_token': token, } response = login(request) self.assertEquals(dict(response.headers), { 'Content-Length': '0', 'Content-Type': 'text/html; charset=UTF-8', 'Location': 'http://example.com/valitse', 'X-Login': '******'})
def test_login__form_submission__invalid_password(self): from nuvavaalit.models import Voter from nuvavaalit.views.login import login session = DBSession() session.add(Voter(u'buck.rogers', u'secret', u'Bück', u'Rögers')) session.flush() self.assertEquals( session.query(Voter).filter_by(username=u'buck.rogers').first().fullname(), u'Bück Rögers') request = testing.DummyRequest(statsd=False) token = request.session.new_csrf_token() request.POST = { 'form.submitted': u'1', 'username': u'buck.rogers', 'password': u'thisiswrong', 'csrf_token': token, } options = login(request) self.assertEquals(options, { 'action_url': 'http://example.com/tunnistaudu', 'csrf_token': token, 'error': u'Tunnistautuminen epäonnistui. Kokeile tunnistautua uudelleen!'})
def test_login__no_submission(self): from nuvavaalit.views.login import login request = testing.DummyRequest(statsd=False) token = request.session.new_csrf_token() options = login(request) self.assertEquals(options, { 'action_url': 'http://example.com/tunnistaudu', 'csrf_token': token, 'error': None})
def test_login__form_submission__csrf_mismatch(self): from nuvavaalit.views.login import login request = testing.DummyRequest(statsd=False) token = request.session.new_csrf_token() request.POST = { 'form.submitted': u'1', 'username': u'john.doe', 'password': u'thisiswrong', 'csrf_token': u'invalid', } self.assertFalse(token == u'invalid') self.assertRaises(HTTPForbidden, lambda: login(request))
def test_login__form_submission__non_existing_user(self): from nuvavaalit.views.login import login request = testing.DummyRequest(statsd=False) token = request.session.new_csrf_token() request.POST = { 'form.submitted': u'1', 'username': u'john.doe', 'password': u'thisiswrong', 'csrf_token': token, } options = login(request) self.assertEquals(options, { 'action_url': 'http://example.com/tunnistaudu', 'csrf_token': token, 'error': u'Tunnistautuminen epäonnistui. Kokeile tunnistautua uudelleen!'})