def login_route(): ''' - It logins a user in the system. ''' user_dict = json.loads(request.data) email = user_dict['email'] password = user_dict['password'] if UserModel.check_auth_by_pass(email, password): user = UserModel.load_by_email(email) login(user) return jsonify(dict( success=True, message='You have been authenticated successfuly.', user=dict( id=user.id, email=user.email ) )) else: return jsonify(dict( success=False, message='Wrong authentication data.' ))
def test_user(self): user_dict = dict( name='user_1', password='******', email='*****@*****.**' ) user_obj = UserModel.register(user_dict['email'], user_dict['password'], user_dict['name']) @app.route('/test_auth_route/') @requires_auth def requires_auth_route(): return 'text' @app.route('/test_anonym_route/') @requires_anonym def requires_anonym_route(): return 'text' # It tests the auth lib. with app.test_request_context(): # The user is not authenticated yet. assert not is_authenticated() # Default user state. logged_user_dict = get_current_user() assert None is logged_user_dict # The user is logged in. login(user_obj) logged_user_dict = get_current_user() assert logged_user_dict['id'] > 0 and logged_user_dict['id'] == user_obj.id # The user is authenticated. assert is_authenticated() # It tests the main with app.test_client() as client: # The stricted page. It is forbidden. response = client.get('/test_auth_route/') assert response.status_code == 401 # Anonymous only. It is allowed. response = client.get('/test_anonym_route/') assert response.status_code == 200 # It makes an user authenticated. with client.session_transaction() as session: session['user'] = dict( id=user_obj.id, name=user_obj.name ) # It test the restricted route. response = client.get('/test_auth_route/') assert response.status_code == 200 # Anonymous only. It is forbidden. response = client.get('/test_anonym_route/') assert response.status_code == 401