def test_redirect_can_use_301(self): request = Request(generate_wsgi()) route = Redirect('/test1', '/test3', status=301) route.load_request(request) request.load_app(App()) route.get_response() assert request.is_status(301) assert request.redirect_url == '/test3'
def test_redirect_route(self): route = Redirect('/test1', '/test2') request = Request(generate_wsgi()) route.load_request(request) request.load_app(App()) route.get_response() assert request.is_status(302) assert request.redirect_url == '/test2'
class TestCorsMiddleware: def setup_method(self): self.request = Request(generate_wsgi()) self.middleware = CorsMiddleware(self.request) self.app = TestSuite().create_container().container self.app.bind('Request', self.request.load_app(self.app)) self.request = self.app.make('Request') def test_secure_headers_middleware(self): self.middleware.CORS = {"Access-Control-Allow-Origin": "*"} self.middleware.after() assert self.request.header('Access-Control-Allow-Origin') == '*'
class TestCorsMiddleware(unittest.TestCase): def setUp(self): self.request = Request(generate_wsgi()) self.middleware = CorsMiddleware(self.request) self.app = TestSuite().create_container().container self.app.bind('Request', self.request.load_app(self.app)) self.request = self.app.make('Request') def test_secure_headers_middleware(self): self.middleware.CORS = {"Access-Control-Allow-Origin": "*"} self.middleware.before() self.assertEqual(self.request.header('Access-Control-Allow-Origin'), '*')
class TestSecureHeadersMiddleware: def setup_method(self): self.request = Request(generate_wsgi()) self.middleware = SecureHeadersMiddleware(self.request) self.app = TestSuite().create_container().container self.app.bind('Request', self.request.load_app(self.app)) self.request = self.app.make('Request') def test_secure_headers_middleware(self): self.middleware.after() assert self.request.header('Strict-Transport-Security' ) == 'max-age=63072000; includeSubdomains' assert self.request.header('X-Frame-Options') == 'SAMEORIGIN' def test_secure_headers_gets_middleware_from_the_config(self): self.request = self.app.make('Request') self.middleware.after() assert self.request.header('X-Content-Type-Options') == 'sniff-test'
class TestAuth(TestCase): """Start and rollback transactions for this test """ transactions = True def setUp(self): super().setUp() self.container = App() self.app = self.container self.app.bind('Container', self.app) view = View(self.container) self.request = Request(generate_wsgi()) self.request.key(application.KEY) self.app.bind('Request', self.request) # self.auth = Auth(self.request, MockUser()) self.container.bind('View', view.render) self.container.bind('ViewClass', view) self.app.bind('Application', application) self.app.bind('Auth', Auth) self.app.bind('AuthConfig', auth) self.app.bind('AuthManager', AuthManager) self.app.bind('AuthCookieDriver', AuthCookieDriver) self.app.bind('AuthJwtDriver', AuthJwtDriver) self.auth = self.app.make('Auth', User) self.request.load_app(self.app) def setUpFactories(self): User.create({ 'name': 'testuser123', 'email': '*****@*****.**', 'password': bcrypt_password('secret'), 'second_password': bcrypt_password('pass123'), }) def test_auth(self): self.assertTrue(self.auth) def test_login_user(self): for driver in ('cookie', 'jwt'): self.auth.driver = driver self.assertTrue(self.auth.login('*****@*****.**', 'secret')) self.assertTrue(self.request.get_cookie('token')) self.assertEqual(self.auth.user().name, 'testuser123') def test_login_with_no_password(self): with self.assertRaises(TypeError): for driver in ('cookie', 'jwt'): self.auth.driver = driver self.assertTrue(self.auth.login('*****@*****.**', None)) # def test_can_login_with_second_password(self): # self.auth.auth_model.__password__ = 'second_password' # self.assertTrue(self.auth.login('*****@*****.**', 'pass123')) # self.assertTrue(self.request.get_cookie('token')) def test_login_user_with_list_auth_column(self): for driver in ('cookie', 'jwt'): self.auth.driver = driver self.auth.auth_model.__auth__ = ['name', 'email'] self.assertTrue(self.auth.login('testuser123', 'secret')) self.assertTrue(self.request.get_cookie('token')) def test_can_register(self): self.auth.register({ 'name': 'Joe', 'email': '*****@*****.**', 'password': '******' }) for driver in ('cookie', 'jwt'): self.auth.driver = driver self.assertTrue(User.where('email', '*****@*****.**').first()) self.assertNotEqual(User.where('email', '*****@*****.**').first().password, 'secret') def test_get_user(self): for driver in ('cookie', 'jwt'): self.auth.driver = driver self.assertTrue(self.auth.login_by_id(1)) def test_get_user_returns_false_if_not_loggedin(self): for driver in ('cookie', 'jwt'): self.auth.driver = driver self.auth.login('*****@*****.**', 'wrong_secret') self.assertFalse(self.auth.user()) def test_logout_user(self): for driver in ('cookie', 'jwt'): self.auth.driver = driver self.auth.login('*****@*****.**', 'secret') self.assertTrue(self.request.get_cookie('token')) self.assertTrue(self.auth.user()) self.auth.logout() self.assertFalse(self.request.get_cookie('token')) self.assertFalse(self.auth.user()) def test_login_user_fails(self): for driver in ('cookie', 'jwt'): self.auth.driver = driver self.assertFalse(self.auth.login('*****@*****.**', 'bad_password')) def test_login_user_success(self): for driver in ('cookie', 'jwt'): self.auth.driver = driver self.assertTrue(self.auth.login('*****@*****.**', 'secret')) def test_login_by_id(self): for driver in ('cookie', 'jwt'): self.auth.driver = driver self.assertTrue(self.auth.login_by_id(1)) self.assertTrue(self.request.get_cookie('token')) self.assertFalse(self.auth.login_by_id(3)) def test_login_once_does_not_set_cookie(self): for driver in ('cookie', 'jwt'): self.auth.driver = driver self.assertTrue(self.auth.once().login_by_id(1)) self.assertIsNone(self.request.get_cookie('token')) # def test_user_is_mustverify_instance(self): # self.assertIsInstance(self.auth.once().login_by_id(1), MustVerifyEmail) # self.assertNotIsInstance(self.auth.once().login_by_id(1), MustVerifyEmail) def test_confirm_controller_success(self): for driver in ('jwt', 'cookie'): self.auth.driver = driver params = {'id': Sign().sign('{0}::{1}'.format(1, time.time()))} self.request.set_params(params) user = self.auth.once().login_by_id(1) self.request.set_user(user) self.app.bind('Request', self.request) self.app.make('Request').load_app(self.app) # Create the route route = Get('/email/verify/@id', ConfirmController.confirm_email) ConfirmController.get_user = User # Resolve the controller constructor controller = self.app.resolve(route.controller) # Resolve the method response = self.app.resolve(getattr(controller, route.controller_method)) self.assertEqual(response.rendered_template, 'confirm') self.refreshDatabase() def test_confirm_controller_failure(self): for driver in ('cookie', 'jwt'): self.auth.driver = driver timestamp_plus_11 = datetime.datetime.now() - datetime.timedelta(minutes=11) params = {'id': Sign().sign('{0}::{1}'.format(1, timestamp_plus_11.timestamp()))} self.request.set_params(params) user = self.auth.once().login_by_id(1) self.request.set_user(user) self.app.bind('Request', self.request) self.app.make('Request').load_app(self.app) # Create the route route = Get('/email/verify/@id', ConfirmController.confirm_email) ConfirmController.get_user = User # Resolve the controller constructor controller = self.app.resolve(route.controller) # Resolve the method response = self.app.resolve(getattr(controller, route.controller_method)) self.assertEqual(response.rendered_template, 'error')