Esempio n. 1
0
    def test_login__form_submission__success(self, remember):
        from nuvavaalit.models import Voter
        from nuvavaalit.views.login import login

        session = DBSession()
        session.add(Voter(u'buck.rogers', u'secret', u'Bück', u'Rögers'))
        session.flush()
        self.assertEquals(
            session.query(Voter).filter_by(username=u'buck.rogers').first().fullname(),
            u'Bück Rögers')

        remember.return_value = [('X-Login', 'buck.rogers')]
        request = testing.DummyRequest(statsd=False)
        token = request.session.new_csrf_token()
        request.POST = {
            'form.submitted': u'1',
            'username': u'buck.rogers',
            'password': u'secret',
            'csrf_token': token,
        }

        response = login(request)
        self.assertEquals(dict(response.headers), {
            'Content-Length': '0',
            'Content-Type': 'text/html; charset=UTF-8',
            'Location': 'http://example.com/valitse',
            'X-Login': '******'})
Esempio n. 2
0
    def test_login__form_submission__invalid_password(self):
        from nuvavaalit.models import Voter
        from nuvavaalit.views.login import login

        session = DBSession()
        session.add(Voter(u'buck.rogers', u'secret', u'Bück', u'Rögers'))
        session.flush()
        self.assertEquals(
            session.query(Voter).filter_by(username=u'buck.rogers').first().fullname(),
            u'Bück Rögers')

        request = testing.DummyRequest(statsd=False)
        token = request.session.new_csrf_token()
        request.POST = {
            'form.submitted': u'1',
            'username': u'buck.rogers',
            'password': u'thisiswrong',
            'csrf_token': token,
        }

        options = login(request)
        self.assertEquals(options, {
            'action_url': 'http://example.com/tunnistaudu',
            'csrf_token': token,
            'error': u'Tunnistautuminen epäonnistui. Kokeile tunnistautua uudelleen!'})
Esempio n. 3
0
    def test_login__no_submission(self):
        from nuvavaalit.views.login import login
        request = testing.DummyRequest(statsd=False)
        token = request.session.new_csrf_token()

        options = login(request)
        self.assertEquals(options, {
            'action_url': 'http://example.com/tunnistaudu',
            'csrf_token': token,
            'error': None})
Esempio n. 4
0
    def test_login__form_submission__csrf_mismatch(self):
        from nuvavaalit.views.login import login

        request = testing.DummyRequest(statsd=False)
        token = request.session.new_csrf_token()
        request.POST = {
            'form.submitted': u'1',
            'username': u'john.doe',
            'password': u'thisiswrong',
            'csrf_token': u'invalid',
        }

        self.assertFalse(token == u'invalid')
        self.assertRaises(HTTPForbidden, lambda: login(request))
Esempio n. 5
0
    def test_login__form_submission__non_existing_user(self):
        from nuvavaalit.views.login import login
        request = testing.DummyRequest(statsd=False)
        token = request.session.new_csrf_token()
        request.POST = {
            'form.submitted': u'1',
            'username': u'john.doe',
            'password': u'thisiswrong',
            'csrf_token': token,
        }

        options = login(request)
        self.assertEquals(options, {
            'action_url': 'http://example.com/tunnistaudu',
            'csrf_token': token,
            'error': u'Tunnistautuminen epäonnistui. Kokeile tunnistautua uudelleen!'})