def test_user_cannot_reset_password_with_invalid_token(mockdata, client,
session):
with current_app.test_request_context():
form = PasswordResetForm(email='*****@*****.**',
password='******',
password2='catdog')
token = 'beepboopbeep'
rv = client.post(url_for('auth.password_reset', token=token),
data=form.data,
follow_redirects=True)
assert 'Your password has been updated.' not in rv.data
def test_user_can_get_reset_password_with_valid_token(mockdata, client,
session):
with current_app.test_request_context():
form = PasswordResetForm(email='*****@*****.**',
password='******',
password2='catdog')
user = User.query.filter_by(email='*****@*****.**').one()
token = user.generate_reset_token()
rv = client.post(url_for('auth.password_reset', token=token),
data=form.data,
follow_redirects=True)
assert 'Your password has been updated.' in rv.data