def login_route():
'''
- It logins a user in the system.
'''
user_dict = json.loads(request.data)
email = user_dict['email']
password = user_dict['password']
if UserModel.check_auth_by_pass(email, password):
user = UserModel.load_by_email(email)
login(user)
return jsonify(dict(
success=True,
message='You have been authenticated successfuly.',
user=dict(
id=user.id,
email=user.email
)
))
else:
return jsonify(dict(
success=False,
message='Wrong authentication data.'
))
def test_user(self):
user_dict = dict(
name='user_1',
password='******',
email='*****@*****.**'
)
user_obj = UserModel.register(user_dict['email'], user_dict['password'], user_dict['name'])
@app.route('/test_auth_route/')
@requires_auth
def requires_auth_route():
return 'text'
@app.route('/test_anonym_route/')
@requires_anonym
def requires_anonym_route():
return 'text'
# It tests the auth lib.
with app.test_request_context():
# The user is not authenticated yet.
assert not is_authenticated()
# Default user state.
logged_user_dict = get_current_user()
assert None is logged_user_dict
# The user is logged in.
login(user_obj)
logged_user_dict = get_current_user()
assert logged_user_dict['id'] > 0 and logged_user_dict['id'] == user_obj.id
# The user is authenticated.
assert is_authenticated()
# It tests the main
with app.test_client() as client:
# The stricted page. It is forbidden.
response = client.get('/test_auth_route/')
assert response.status_code == 401
# Anonymous only. It is allowed.
response = client.get('/test_anonym_route/')
assert response.status_code == 200
# It makes an user authenticated.
with client.session_transaction() as session:
session['user'] = dict(
id=user_obj.id,
name=user_obj.name
)
# It test the restricted route.
response = client.get('/test_auth_route/')
assert response.status_code == 200
# Anonymous only. It is forbidden.
response = client.get('/test_anonym_route/')
assert response.status_code == 401
