def test_create_user_success(self, client, admin):
"""测试创建用户成功
"""
# 当前数据库只有 admin 账户
assert User.query.count() == 1
# 用于创建用户的数据
data = {
'name': 'test_user',
'email': '*****@*****.**',
'password': '******'
}
# 通过 '/users/' 接口创建用户
resp = client.post(url_for(self.endpoint),
data=json.dumps(data),
headers=self.token_header(admin))
# 创建成功, 返回状态码 201
assert resp.status_code == 201
assert resp.json == {'ok': True}
# 成功写入数据库
assert User.query.count() == 2
user = User.query.filter_by(name=data['name']).first()
assert user is not None
assert user.email == data['email']
# 创建的用户可以进行登录
assert User.authenticate(data['name'], data['password']) == user
assert User.authenticate(data['email'], data['password']) == user
def post(self):
"""登录认证用户
用户可以使用昵称或者邮箱进行登录,登录成功后返回用于后续认证的 token
"""
# FIXME 没有处理 data 为 None 的情况
data = request.get_json()
if data is None:
raise AuthenticationError(403, 'user name or password required')
name = data.get('name')
password = data.get('password')
if not name or not password:
raise AuthenticationError(403, 'user name or password required')
# FIXME 只有管理员用户允许登录管理后台
user = User.authenticate(name, password)
if not user.is_admin:
raise AuthenticationError(403, 'administrator required')
user.login_at = datetime.utcnow()
user.save()
return {'ok': True, 'token': user.generate_token()}
def post(self):
"""登录认证用户
用户可以使用昵称或者邮箱进行登录,登录成功后返回用于后续认证的 token
"""
# FIXME 没有处理 data 为 None 的情况
data = request.get_json()
if data is None:
raise AuthenticationError(403, 'user name or password required')
name = data.get('name')
password = data.get('password')
if not name or not password:
raise AuthenticationError(403, 'user name or password required')
# FIXME 只有管理员用户允许登录管理后台
user = User.authenticate(name, password)
if not user.is_admin:
raise AuthenticationError(403, 'user name or password required')
user.login_at = datetime.utcnow()
user.save()
return {'ok': True, 'token': user.generate_token()}
def test_authenticate(self, user):
"""测试 User.authenticate 类方法
"""
assert User.authenticate(user.name, PASSWORD)
assert user.authenticate(user.email, PASSWORD)
wrong_password = PASSWORD + '0'
try:
User.authenticate(user.name, wrong_password)
except AuthenticationError as e:
assert e.code == 403
assert e.message == 'authentication failed'
try:
User.authenticate(user.email, wrong_password)
except AuthenticationError as e:
assert e.code == 403
assert e.message == 'authentication failed'
def post(self, wx_id):
"""绑定用户
"""
data = request.get_json()
if data is None or 'name' not in data or 'password' not in data:
return {'ok': False, 'message': '无效用户数据'}, 400
user = User.authenticate(data['name'], data['password'])
if user.wx_id is not None:
return {'ok': False, 'message': '已绑定到其他微信账户'}, 400
user.wx_id = wx_id
user.save()
return {'ok': True, 'message': '绑定成功'}