def test_request_login_token_sends_email_and_can_login(self):
e = "*****@*****.**"
r, user, token = None, None, None
with capture_passwordless_login_requests() as requests:
with self.app.extensions["mail"].record_messages() as outbox:
r = self.client.post("/login", data=dict(email=e), follow_redirects=True)
self.assertEqual(len(outbox), 1)
self.assertEquals(1, len(requests))
self.assertIn("user", requests[0])
self.assertIn("login_token", requests[0])
user = requests[0]["user"]
token = requests[0]["login_token"]
msg = self.app.config["SECURITY_MSG_LOGIN_EMAIL_SENT"][0] % dict(email=user.email)
self.assertIn(msg, r.data)
r = self.client.get("/login/" + token, follow_redirects=True)
self.assertIn(self.get_message("PASSWORDLESS_LOGIN_SUCCESSFUL"), r.data)
r = self.client.get("/profile")
self.assertIn("Profile Page", r.data)
def test_request_login_token_sends_email_and_can_login(self):
e = '*****@*****.**'
r, user, token = None, None, None
with capture_passwordless_login_requests() as requests:
with self.app.extensions['mail'].record_messages() as outbox:
r = self._post('/login', data=dict(email=e),
follow_redirects=True)
self.assertEqual(len(outbox), 1)
self.assertEquals(1, len(requests))
self.assertIn('user', requests[0])
self.assertIn('login_token', requests[0])
user = requests[0]['user']
token = requests[0]['login_token']
msg = self.app.config['SECURITY_MSG_LOGIN_EMAIL_SENT'][0]
msg = msg % dict(email=user.email)
self.assertIn(msg, r.data)
r = self.client.get('/login/' + token, follow_redirects=True)
msg = self.get_message('PASSWORDLESS_LOGIN_SUCCESSFUL')
self.assertIn(msg, r.data)
r = self.client.get('/profile')
self.assertIn('Profile Page', r.data)
def test_request_login_token_sends_email_and_can_login(self):
e = '*****@*****.**'
r, user, token = None, None, None
with capture_passwordless_login_requests() as requests:
with self.app.extensions['mail'].record_messages() as outbox:
r = self._post('/login',
data=dict(email=e),
follow_redirects=True)
self.assertEqual(len(outbox), 1)
self.assertEquals(1, len(requests))
self.assertIn('user', requests[0])
self.assertIn('login_token', requests[0])
user = requests[0]['user']
token = requests[0]['login_token']
msg = self.app.config['SECURITY_MSG_LOGIN_EMAIL_SENT'][0]
msg = msg % dict(email=user.email)
self.assertIn(msg, r.data)
r = self.client.get('/login/' + token, follow_redirects=True)
msg = self.get_message('PASSWORDLESS_LOGIN_SUCCESSFUL')
self.assertIn(msg, r.data)
r = self.client.get('/profile')
self.assertIn('Profile Page', r.data)
def test_token_login_forwards_to_post_login_view_when_already_authenticated(self):
with capture_passwordless_login_requests() as requests:
self.client.post("/login", data=dict(email="*****@*****.**"), follow_redirects=True)
token = requests[0]["login_token"]
r = self.client.get("/login/" + token, follow_redirects=True)
self.assertIn(self.get_message("PASSWORDLESS_LOGIN_SUCCESSFUL"), r.data)
r = self.client.get("/login/" + token, follow_redirects=True)
self.assertNotIn(self.get_message("PASSWORDLESS_LOGIN_SUCCESSFUL"), r.data)
def test_token_login_when_already_authenticated(self):
with capture_passwordless_login_requests() as requests:
self._post('/login', data=dict(email='*****@*****.**'),
follow_redirects=True)
token = requests[0]['login_token']
r = self.client.get('/login/' + token, follow_redirects=True)
msg = self.get_message('PASSWORDLESS_LOGIN_SUCCESSFUL')
self.assertIn(msg, r.data)
r = self.client.get('/login/' + token, follow_redirects=True)
msg = self.get_message('PASSWORDLESS_LOGIN_SUCCESSFUL')
self.assertNotIn(msg, r.data)
def test_token_login_when_already_authenticated(self):
with capture_passwordless_login_requests() as requests:
self._post('/login', data=dict(email='*****@*****.**'),
follow_redirects=True)
token = requests[0]['login_token']
r = self.client.get('/login/' + token, follow_redirects=True)
msg = self.get_message('PASSWORDLESS_LOGIN_SUCCESSFUL')
self.assertIn(msg, r.data)
r = self.client.get('/login/' + token, follow_redirects=True)
msg = self.get_message('PASSWORDLESS_LOGIN_SUCCESSFUL')
self.assertNotIn(msg, r.data)
def test_expired_login_token_sends_email(self):
e = "*****@*****.**"
with capture_passwordless_login_requests() as requests:
self.client.post("/login", data=dict(email=e), follow_redirects=True)
token = requests[0]["login_token"]
time.sleep(3)
with self.app.extensions["mail"].record_messages() as outbox:
r = self.client.get("/login/" + token, follow_redirects=True)
self.assertEqual(len(outbox), 1)
self.assertIn(e, outbox[0].html)
self.assertNotIn(token, outbox[0].html)
expire_text = self.AUTH_CONFIG["SECURITY_LOGIN_WITHIN"]
msg = self.app.config["SECURITY_MSG_LOGIN_EXPIRED"][0] % dict(within=expire_text, email=e)
self.assertIn(msg, r.data)
def test_expired_login_token_sends_email(self):
e = '*****@*****.**'
with capture_passwordless_login_requests() as requests:
self._post('/login', data=dict(email=e), follow_redirects=True)
token = requests[0]['login_token']
time.sleep(1.25)
with self.app.extensions['mail'].record_messages() as outbox:
r = self.client.get('/login/' + token, follow_redirects=True)
expire_text = self.AUTH_CONFIG['SECURITY_LOGIN_WITHIN']
msg = self.app.config['SECURITY_MSG_LOGIN_EXPIRED'][0]
msg = msg % dict(within=expire_text, email=e)
self.assertIn(msg, r.data)
self.assertEqual(len(outbox), 1)
self.assertIn(e, outbox[0].html)
self.assertNotIn(token, outbox[0].html)
def test_expired_login_token_sends_email(self):
e = '*****@*****.**'
with capture_passwordless_login_requests() as requests:
self._post('/login', data=dict(email=e), follow_redirects=True)
token = requests[0]['login_token']
time.sleep(1.25)
with self.app.extensions['mail'].record_messages() as outbox:
r = self.client.get('/login/' + token, follow_redirects=True)
expire_text = self.AUTH_CONFIG['SECURITY_LOGIN_WITHIN']
msg = self.app.config['SECURITY_MSG_LOGIN_EXPIRED'][0]
msg = msg % dict(within=expire_text, email=e)
self.assertIn(msg, r.data)
self.assertEqual(len(outbox), 1)
self.assertIn(e, outbox[0].html)
self.assertNotIn(token, outbox[0].html)
