def test_get_user_info(self): # hold own token to access own profile user = User.query.get(1) response = self.client.get('/api/v1/users/1', headers={'token': generate_token(1)}) json_data = response.get_json() self.assertEqual(user.serialize(), json_data) # hold own token to access other's profile response = self.client.get('/api/v1/users/1', headers={'token': generate_token(2)}) json_data = response.get_json() self.assertEqual(1002, json_data['error_code']) self.assertEqual('No permission.', json_data['description'])
def register(): name = request.json.get('name') username = request.json.get('username') password = request.json.get('password') gender = request.json.get('gender') faculty = request.json.get('faculty') department = request.json.get('department') following = request.json.get('following') if username is None or password is None: raise e.MissingData() if User.query.filter_by(username=username).first(): raise e.ExistingUsername() user = User(name=name, username=username, gender=gender, admin=False, faculty=faculty, department=department, following=following) user.set_password(password) db.session.add(user) db.session.commit() user = User.query.filter_by(username=username).first() return jsonify(id=user.id, token=generate_token(user.id)), 201
def test_verify_token(self): # token is valid token = generate_token(1) self.assertEqual(User.query.get(1), verify_token(token)) # token is 'admin' token = 'admin' self.assertEqual('admin', verify_token(token)) # token is None with self.assertRaises(e.LoginRequired): verify_token(None) # token is expired token = generate_token(1, 1) time.sleep(2) with self.assertRaises(e.ExpiredToken): verify_token(token) # token is invalid with self.assertRaises(e.InvalidToken): verify_token('wrong token')
def login(): username = request.json.get('username') password = request.json.get('password') if username is None or password is None: raise e.MissingData() user = User.query.filter_by(username=username).first() if user is None or not user.verify_password(password): raise e.AuthenticationFailure() return jsonify(id=user.id, token=generate_token(user.id))
def test_get_user_list(self): # as admin, success response = self.client.get('/api/v1/users', headers={'token': 'admin'}) json_data = response.get_json() user_list = User.query.all() users = User.serialize_list(user_list) self.assertEqual(users, json_data['user_list']) # not as admin, fail response = self.client.get('/api/v1/users', headers={'token': generate_token(1)}) json_data = response.get_json() user_list = User.query.all() users = User.serialize_list(user_list) self.assertEqual(1002, json_data['error_code']) self.assertEqual('No permission.', json_data['description'])
def test_get_news(self): # user_id = None response = self.client.get('/api/v1/news') news_list = News.query.order_by(News.date.desc()).all() json_data = response.get_json() news = News.serialize_list(news_list) # because the format of date is not the same, but value is same, ignore it is fine for item in json_data['news']: item.pop('date') for item in news: item.pop('date') self.assertEqual(news,json_data['news']) # user_id = user.id, has following response = self.client.get('/api/v1/news', headers={'token': generate_token(1)}) news_list = News.query.filter(or_(News.source_id == 1, News.source_id == 2)).order_by(News.date.desc()) json_data = response.get_json() news = News.serialize_list(news_list) # because the format of date is not the same, but value is same, ignore it is fine for item in json_data['news']: item.pop('date') for item in news: item.pop('date') self.assertEqual(json_data['news'], news) # user_id = user.id, no following response = self.client.get('/api/v1/news', headers={'token': generate_token(2)}) news_list = News.query.order_by(News.date.desc()).all() json_data = response.get_json() news = News.serialize_list(news_list) # because the format of date is not the same, but value is same, ignore it is fine for item in json_data['news']: item.pop('date') for item in news: item.pop('date') self.assertEqual(news, json_data['news'])
def test_update_user_info(self): # change password # old password is wrong response = self.client.patch('/api/v1/users/1', headers={'token': generate_token(1)}, json={'old_password': '******', 'new_password': '******'}) json_data = response.get_json() self.assertEqual(1004, json_data['error_code']) self.assertEqual('Authentication failure.', json_data['description']) # new password is None response = self.client.patch('/api/v1/users/1', headers={'token': generate_token(1)}, json={'old_password': '******'}) json_data = response.get_json() self.assertEqual(1006, json_data['error_code']) # change password success response = self.client.patch('/api/v1/users/1', headers={'token': generate_token(1)}, json={'old_password': '******', 'new_password': '******'}) user = User.query.get(1) self.assertTrue(user.verify_password('222')) # change username # new username is existed response = self.client.patch('/api/v1/users/1', headers={'token': generate_token(1)}, json={'username': '******'}) json_data = response.get_json() self.assertEqual(1005, json_data['error_code']) # change username success response = self.client.patch('/api/v1/users/1', headers={'token': generate_token(1)}, json={'username': '******'}) user = User.query.get(1) self.assertEqual(user.username, 'new_username') # change ['name', 'gender', 'faculty', 'department', 'following'] response = self.client.patch('/api/v1/users/1', headers={'token': generate_token(1)}, json={'gender': 0, 'faculty': 'Arts', 'department': 'Communication Arts', 'following': '1, 2, 3'}) user = User.query.get(1) self.assertEqual(user.faculty, 'Arts') self.assertEqual(user.department, 'Communication Arts') self.assertEqual(user.following, '1, 2, 3')