def test_login_success(self): cookies = {'PHPSESSID': 1111, ACCESS_TOKEN_COOKIE_KEY: self.generate_access_token()} client = Client(HTTP_COOKIE=SimpleCookie(cookies).output(header='', sep='; ')) api = StoreApi() with requests_mock.mock() as m: m.get(api._make_url(StoreApi.ACCOUNT_INFO), json={'result': {'idx': 1, 'id': 'testuser'}}) response = client.get(reverse('account:login'), secure=True) self.assertEqual(response.status_code, 302) self.assertEqual(response.url, '/')
def logout(self) -> None: """Log out the user by removing the cookies and session object.""" request = HttpRequest() engine: SessionStore = import_module(settings.SESSION_ENGINE) if self.session: request.session = self.session request.user = auth.get_user(request) else: request.session = engine.SessionStore() auth.logout(request) self.cookies = SimpleCookie()
def simulate_simple_authentication(factory, client, email, password, path, add_messages_middleware, views): auth_request = factory.post('/sessions/') add_messages_middleware(auth_request) auth_response = views.sessions_index(auth_request, email=email, password=password, path=path) # Add auth token cookie to request auth_token = auth_response.cookies['auth_token'].value client.cookies = SimpleCookie({'auth_token': auth_token})
def test_pickle(self): rawdata = 'Customer="WILE_E_COYOTE"; Path=/acme; Version=1' expected_output = 'Set-Cookie: %s' % rawdata C = SimpleCookie() C.load(rawdata) self.assertEqual(C.output(), expected_output) for proto in range(pickle.HIGHEST_PROTOCOL + 1): C1 = pickle.loads(pickle.dumps(C, protocol=proto)) self.assertEqual(C1.output(), expected_output)
def test_encode(self): """ Test that we don't output tricky characters in encoded value """ # Python 2.4 compatibility note: Python 2.4's cookie implementation # always returns Set-Cookie headers terminating in semi-colons. # That's not the bug this test is looking for, so ignore it. c = SimpleCookie() c['test'] = "An,awkward;value" self.assertTrue(";" not in c.output().rstrip(';')) # IE compat self.assertTrue("," not in c.output().rstrip(';')) # Safari compat
def test_existing(client): """ When requesting with existing door device secret this is loaded """ door_device = DoorDeviceFactory() client.cookies = SimpleCookie({'screen_secret': door_device.secret}) response = client.get(reverse('screen')) assert response.status_code == 200 assert response.context['device'] == door_device assert response.cookies['screen_secret'].value == door_device.secret assert DoorDevice.objects.count() == 1
def logout(self): """ Removes the authenticated user's cookies and session object. Causes the authenticated user to be logged out. """ session = import_module(settings.SESSION_ENGINE).SessionStore() session_cookie = self.cookies.get(settings.SESSION_COOKIE_NAME) if session_cookie: session.delete(session_key=session_cookie.value) self.cookies = SimpleCookie()
def post_request(self, page, lang, data, path=None): if not path: path = page.get_path(lang) request = self.request_factory.post(path, data) request.current_page = page request.user = self.user request.session = {} request.cookies = SimpleCookie() request.errors = StringIO() request._dont_enforce_csrf_checks = True return request
def test_no_page(self): request = self.request_factory.get('/en/sample/login/') request.user = self.user request.session = {} request.cookies = SimpleCookie() request.errors = StringIO() # when config is requested on a non-CMS url, just return empty data with self.settings(ROOT_URLCONF='cms.test_utils.project.urls'): config = get_app_instance(request) self.assertEqual((u'', None), config)
def test_delete_not_owner(self): """Testing the DELETE <URL> API when not logged in""" self.load_fixtures(self.basic_delete_fixtures) url, cb_args = self.setup_basic_delete_test(self.user, False, None) self.client.logout() self.client.cookies = SimpleCookie() rsp = self.api_delete(url, expected_status=401) self.assertEqual(rsp['stat'], 'fail') self.assertEqual(rsp['err']['code'], NOT_LOGGED_IN.code)
def logout(self): """Log out the user by removing the cookies and session object.""" from django.contrib.auth import get_user, logout request = HttpRequest() if self.session: request.session = self.session request.user = get_user(request) else: engine = import_module(settings.SESSION_ENGINE) request.session = engine.SessionStore() logout(request) self.cookies = SimpleCookie()
def list_view_test(test_case, resource_name): with patch('custom_admin.services.auth.is_authenticated') as is_authenticated: is_authenticated.return_value = True with patch('custom_admin.services.lists.get_paginator') as paginator: paginator.return_value = static_paginator mock_fail_get_list = extract_mock_file('fail_list', resource_name[:-1]) with patch('custom_admin.services.lists.requests.get') as mocked_get: mocked_get.return_value.json = lambda: mock_fail_get_list mocked_get.return_value.status_code = 500 test_case.client.cookies = SimpleCookie({'token': token}) resp = test_case.client.get(reverse('custom_admin:{}'.format(resource_name))) test_case.assertIs(resp.status_code, 200) test_case.assertTemplateUsed(resp, 'custom_admin/error_page.html') test_case.assertDictEqual(resp.context['msg'], { 'error_message': 'failed to get {}'.format(resource_name), 'response': mock_fail_get_list, }) with patch('custom_admin.services.lists.requests.get') as mocked_get: mocked_get.return_value.json = lambda: extract_mock_file('list', resource_name[:-1]) mocked_get.return_value.status_code = 200 test_case.client.cookies = SimpleCookie({'token': token}) resp = test_case.client.get(reverse('custom_admin:{}'.format(resource_name))) test_case.assertIs(resp.status_code, 200) test_case.assertTemplateUsed(resp, 'custom_admin/list_items.html') result = get_result('list', resource_name[:-1]) for key, val in result.items(): if type(val) == list: test_case.assertListEqual(list(resp.context[key]), list(val)) else: test_case.assertEqual(resp.context[key], val)
def test_bypass_maintenance_by_cookie(self): settings_cookie = 'some_cookie_value' with self.settings(MIDDLEWARE_CLASSES=self.MIDDLEWARE_CLASSES, INSTALLED_APPS=self.INSTALLED_APPS, MAINTENANCE_BYPASS_COOKIE=settings_cookie): self._activate(verbosity=1) response = self.client.get('/admin/') self.assertEqual(response.status_code, 302) self.client.cookies = SimpleCookie( {'django_maintenance_bypass_cookie': settings_cookie}) response = self.client.get('/admin/') self.assertEqual(response.status_code, 200)
def process_request(self, request): domain = request.META.get('HTTP_HOST', '') mobile_domain = settings.OPPS_DOMAIN_MOBILE current_cookie = request.COOKIES.get('template_mode', None) template_mode = request.GET.get('template_mode', None) THREAD_LOCALS.template_dirs = settings.TEMPLATE_DIRS_WEB if hasattr(request, "is_mobile"): agent_is_mobile = request.is_mobile else: agent_is_mobile = is_mobile_agent(request) domain_is_mobile = domain == mobile_domain request_is_mobile = agent_is_mobile and domain_is_mobile if not template_mode and not current_cookie: if domain_is_mobile: template_mode = u'mobile' else: return if request_is_mobile and template_mode == u'desktop': prot = settings.OPPS_PROTOCOL_WEB web_domain = settings.OPPS_DOMAIN_WEB url = u"{}://{}/?template_mode=desktop".format(prot, web_domain) return HttpResponseRedirect(url) elif not request_is_mobile and template_mode == u'mobile': prot = settings.OPPS_PROTOCOL_MOBILE url = u"{}://{}/?template_mode=mobile".format(prot, mobile_domain) # set cache prefix randon in mobile device settings.CACHE_MIDDLEWARE_KEY_PREFIX = u"opps_site-{}-{}".format( settings.SITE_ID, random.getrandbits(32)) return HttpResponseRedirect(url) request._resp_cookies = SimpleCookie() request.set_cookie = MethodType(_set_cookie, request, HttpRequest) request.delete_cookie = MethodType( _delete_cookie, request, HttpRequest ) if template_mode: request.set_cookie('template_mode', template_mode) current_cookie = template_mode if current_cookie and current_cookie.strip().lower() == u"mobile": THREAD_LOCALS.template_dirs = settings.TEMPLATE_DIRS_MOBILE
def test_logout03(self): # Iniciar sesión via ajax. response = self.client.post('/auth/login', self.credentials, follow=True) self.assertTrue('sessionid' in response.cookies, "La respuesta no contiene la cookie de sesión.") sessionid = response.cookies['sessionid'] # Cerrar sesión response = self.client.get('/auth/logout', follow=True) self.assertEqual("", response.cookies['sessionid'].value, "No se eliminó la cookie de sesión.") # No debería estar autenticado self.client.cookies = SimpleCookie({'sessionid': sessionid}) response = self.client.get('/buscar') self.assertFalse(response.context['user'].is_authenticated) # Iniciar sesión en la pagina de ingresar data = { 'usuario': self.credentials['usuario'], 'contrasenia': self.credentials['password'], 'accion': 'login' } response = self.client.post('/ingresar', data, follow=True) # Cerrar sesión response = self.client.get('/auth/logout', follow=True) self.assertEqual("", response.cookies['sessionid'].value, "No se eliminó la cookie de sesión.") # No debería estar autenticado self.client.cookies = SimpleCookie({'sessionid': sessionid}) response = self.client.get('/buscar') self.assertFalse(response.context['user'].is_authenticated)
def test_fetch_demo_manifest_en(self, resource_kind, api_client): """测试获取资源列表接口(英文版)""" api_client.cookies = SimpleCookie( {settings.LANGUAGE_COOKIE_NAME: 'en-US'}) response = api_client.get( f'{self.common_prefix}/manifests/?kind={resource_kind}') assert resource_kind == getitems(response.json(), 'data.kind') assert response.json()['code'] == 0 if resource_kind not in [ K8sResourceKind.HorizontalPodAutoscaler.value, K8sResourceKind.CustomObject.value ]: assert response.json( )['data']['items'][0]['alias'] == f'{resource_kind} Simple Demo'
def test_cache_headers_with_bad_auth(client, case): # visiting homepage when logged out is cached ... response = client.get(reverse('home')) assert is_cached(response) # ... but visiting with a bad Authorization header is not cached client.credentials(HTTP_AUTHORIZATION='Token fake') response = client.get(reverse('home')) assert not is_cached(response) # ... and visiting with a bad session cookie is not cached client.credentials() client.cookies = SimpleCookie({settings.SESSION_COOKIE_NAME: 'fake'}) response = client.get(reverse('home')) assert not is_cached(response)
def test_extension_uninstalled_hook(self): cid = "{}.{}".format(mommy.random_gen.gen_integer(0), mommy.random_gen.gen_integer(0)) cid_cookie_val = "{}.{}".format(CID_COOKIE_PREFIX, cid) self.client.cookies = SimpleCookie( {ga_cookies.CID_COOKIE: cid_cookie_val}) mocked_consumer_instance = MagicMock() with patch('apps.analytics.views.GAConsumer', return_value=mocked_consumer_instance) as MockGAConsumer: response = self.client.get(self.extension_installed_url) self.assertEqual(response.status_code, 200) MockGAConsumer.assert_called_once_with(cid) mocked_consumer_instance.send_event_extension_uninstalled.assert_called_once_with( )
def get_request(self, page, lang): """ Create a GET request for the given page and language :param page: current page object :param lang: request language :return: request """ request = self.request_factory.get(page.get_path(lang)) request.current_page = page request.user = self.user request.session = {} request.cookies = SimpleCookie() request.errors = StringIO() return request
def post_request(self, page, lang, data): """ Create a POST request for the given page and language with CSRF disabled :param page: current page object :param lang: request language :return: request """ request = self.request_factory.post(page.get_path(lang), data) request.current_page = page request.user = self.user request.session = {} request.cookies = SimpleCookie() request.errors = StringIO() request._dont_enforce_csrf_checks = True return request
def artificial_login(**credentials): from django.contrib.auth import authenticate, login cookies = SimpleCookie() user = authenticate(**credentials) engine = import_module(settings.SESSION_ENGINE) # Create a fake request that goes through request middleware request = WSGIRequest({ "HTTP_COOKIE": cookies.output(header="", sep=";"), "PATH_INFO": "/", "REMOTE_ADDR": "127.0.0.1", "REQUEST_METHOD": "GET", "SCRIPT_NAME": "", "SERVER_NAME": "testserver", "SERVER_PORT": "80", "SERVER_PROTOCOL": "HTTP/1.1", "wsgi.version": (1, 0), "wsgi.url_scheme": "http", "wsgi.input": BytesIO(), "wsgi.errors": BytesIO(), "wsgi.multiprocess": True, "wsgi.multithread": False, "wsgi.run_once": False, }) request.session = engine.SessionStore() login(request, user) # Save the session values. request.session.save() # Set the cookie to represent the session. session_cookie = settings.SESSION_COOKIE_NAME cookies[session_cookie] = request.session.session_key cookie_data = { "max-age": None, "path": "/", "domain": settings.SESSION_COOKIE_DOMAIN, "secure": settings.SESSION_COOKIE_SECURE or None, "expires": None, } cookies[session_cookie].update(cookie_data) return { session_cookie: cookies[session_cookie].value, settings.CSRF_COOKIE_NAME: csrf._get_new_csrf_key(), }
def artificial_login(**credentials): from django.contrib.auth import authenticate, login cookies = SimpleCookie() user = authenticate(**credentials) engine = import_module(settings.SESSION_ENGINE) # Create a fake request that goes through request middleware request = WSGIRequest({ 'HTTP_COOKIE': cookies.output(header='', sep=';'), 'PATH_INFO': str('/'), 'REMOTE_ADDR': str('127.0.0.1'), 'REQUEST_METHOD': str('GET'), 'SCRIPT_NAME': str(''), 'SERVER_NAME': str('testserver'), 'SERVER_PORT': str('80'), 'SERVER_PROTOCOL': str('HTTP/1.1'), 'wsgi.version': (1, 0), 'wsgi.url_scheme': str('http'), 'wsgi.input': BytesIO(), 'wsgi.errors': BytesIO(), 'wsgi.multiprocess': True, 'wsgi.multithread': False, 'wsgi.run_once': False, }) request.session = engine.SessionStore() login(request, user) # Save the session values. request.session.save() # Set the cookie to represent the session. session_cookie = settings.SESSION_COOKIE_NAME cookies[session_cookie] = request.session.session_key cookie_data = { 'max-age': None, 'path': '/', 'domain': settings.SESSION_COOKIE_DOMAIN, 'secure': settings.SESSION_COOKIE_SECURE or None, 'expires': None, } cookies[session_cookie].update(cookie_data) return { session_cookie: cookies[session_cookie].value, settings.CSRF_COOKIE_NAME: csrf._get_new_csrf_key(), }
def logout(self): """ Removes the authenticated user's cookies and session object. Causes the authenticated user to be logged out. """ from django.contrib.auth import get_user, logout request = HttpRequest() engine = import_module(settings.SESSION_ENGINE) if self.session: request.session = self.session request.user = get_user(request) else: request.session = engine.SessionStore() logout(request) self.cookies = SimpleCookie()
def test_logout03(self): # Iniciar sesión. response = self.client.post('/auth/login', self.credentials, follow=True) self.assertTrue('sessionid' in response.cookies, "La respuesta no contiene la cookie de sesión.") sessionid = response.cookies['sessionid'] # Cerrar sesión response = self.client.get('/auth/logout', follow=True) self.assertEqual("", response.cookies['sessionid'].value, "No se eliminó la cookie de sesión.") # No debería estar autenticado self.client.cookies = SimpleCookie({'sessionid': sessionid}) response = self.client.get('/buscar') self.assertFalse(response.context['user'].is_authenticated)
def logout(self): """ Removes the authenticated user's cookies and session object. Causes the authenticated user to be logged out. """ request = HttpRequest() engine = import_module(settings.SESSION_ENGINE) UserModel = get_user_model() if self.session: request.session = self.session uid = self.session.get("_auth_user_id") if uid: request.user = UserModel._default_manager.get(pk=uid) else: request.session = engine.SessionStore() logout(request) self.cookies = SimpleCookie()
def _prepare_request(self, request, page, user, lang, use_middlewares, use_toolbar=False, secure=False): from django.contrib.auth.models import AnonymousUser from importlib import import_module engine = import_module(settings.SESSION_ENGINE) request.current_page = SimpleLazyObject(lambda: page) if not user: if self._login_context: user = self._login_context.user else: user = AnonymousUser() if user.is_authenticated: session_key = user._meta.pk.value_to_string(user) else: session_key = 'session_key' request.user = user request._cached_user = user request.session = engine.SessionStore(session_key) if secure: request.environ['SERVER_PORT'] = str('443') request.environ['wsgi.url_scheme'] = str('https') request.cookies = SimpleCookie() request.errors = StringIO() request.LANGUAGE_CODE = lang if request.method == 'POST': request._dont_enforce_csrf_checks = True # Let's use middleware in case requested, otherwise just use CMS toolbar if needed if use_middlewares: self._apply_middlewares(request) elif use_toolbar: from cms.middleware.toolbar import ToolbarMiddleware mid = ToolbarMiddleware() mid.process_request(request) return request
def _prepare_request(self, request, page, user, lang, use_middlewares, use_toolbar=False, secure=False): from django.contrib.auth.models import AnonymousUser request.current_page = SimpleLazyObject(lambda: page) if not user: if self._login_context: user = self._login_context.user else: user = AnonymousUser() request.user = user request._cached_user = user request.session = {} if secure: request.environ['SERVER_PORT'] = str('443') request.environ['wsgi.url_scheme'] = str('https') if user.is_authenticated(): request.session[SESSION_KEY] = user._meta.pk.value_to_string(user) request.cookies = SimpleCookie() request.errors = StringIO() request.LANGUAGE_CODE = lang if request.method == 'POST': request._dont_enforce_csrf_checks = True # Let's use middleware in case requested, otherwise just use CMS toolbar if needed if use_middlewares: handler = BaseHandler() handler.load_middleware() for middleware_method in handler._request_middleware: if middleware_method(request): raise Exception('Couldn\'t create request mock object -' 'request middleware returned a response') elif use_toolbar: from cms.middleware.toolbar import ToolbarMiddleware mid = ToolbarMiddleware() mid.process_request(request) return request
def get_request(self, path, user, lang, secure=False): from django.contrib.auth.models import AnonymousUser request = self.request_factory.get(path, secure=secure) if not user: user = AnonymousUser() request.user = user request._cached_user = user request.session = {} if secure: request.environ['SERVER_PORT'] = str('443') request.environ['wsgi.url_scheme'] = str('https') if callable_or_bool(user.is_authenticated): request.session[SESSION_KEY] = user._meta.pk.value_to_string(user) request.cookies = SimpleCookie() request.errors = StringIO() request.LANGUAGE_CODE = lang if request.method == 'POST': request._dont_enforce_csrf_checks = True return request
def logout(self): """ Removes the authenticated user's cookies and session object. Causes the authenticated user to be logged out. """ # Create a fake request that goes through request middleware request = self.request().request_instance engine = import_module(settings.SESSION_ENGINE) UserModel = get_user_model() if self.session: request.session = self.session uid = self.session.get("_auth_user_id") if uid: request.user = UserModel._default_manager.get(pk=uid) else: request.session = engine.SessionStore() logout(request) self.cookies = SimpleCookie()
def test_not_refresh_but_success(self): class req: user = self.user client = self.client scopes = ['all'] at = JwtHandler.generate(req) response = Client().post(reverse('ridi:token'), HTTP_HOST=GeneralConfig.get_site_domain(), HTTP_COOKIE=SimpleCookie({ 'ridi-at': at }).output(header='', sep='; '), secure=True) self.assertEqual(response.status_code, 200) data = json.dumps(response.content.decode('utf8')) self.assertIn('expires_at', data) self.assertIn('expires_in', data)