def test_login_queries(party_account_fixture, web_fixture): """""" context = ExecutionContext.get_context() config = context.config user_session = context.session login_session = LoginSession.for_session(context.session) system_account = party_account_fixture.system_account web_fixture.request.scheme = 'https' context.request.cookies[ config.web.secure_key_name] = user_session.secure_salt assert config.web.idle_secure_lifetime < config.web.idle_lifetime assert config.web.idle_lifetime < config.web.idle_lifetime_max # Case: user logs in user_session.last_activity = None login_session.set_as_logged_in(system_account, False) assert login_session.is_logged_in() assert login_session.is_logged_in(secured=True) # Case: user logs out login_session.log_out() assert not login_session.is_logged_in() assert not login_session.is_logged_in(secured=True) # Case: user activity is older than secure lifetime assert (config.web.idle_lifetime - config.web.idle_secure_lifetime) > 50 login_session.set_as_logged_in(system_account, False) user_session.last_activity = datetime.now() - timedelta( seconds=config.web.idle_secure_lifetime + 50) assert login_session.is_logged_in() assert not login_session.is_logged_in(secured=True) # Case: user activity is older than all lifetimes assert (config.web.idle_lifetime - config.web.idle_secure_lifetime) > 50 login_session.set_as_logged_in(system_account, False) user_session.last_activity = datetime.now() - timedelta( seconds=config.web.idle_lifetime + 50) assert not login_session.is_logged_in() assert not login_session.is_logged_in(secured=True) # Case: user activity is older than non-secure lifetime, but keep_me_logged_in is set assert (config.web.idle_lifetime - config.web.idle_secure_lifetime) > 50 assert (config.web.idle_lifetime_max - config.web.idle_lifetime) > 50 login_session.set_as_logged_in(system_account, True) user_session.last_activity = datetime.now() - timedelta( seconds=config.web.idle_lifetime + 50) assert login_session.is_logged_in() assert not login_session.is_logged_in(secured=True) # Case: user activity is older than non-secure lifetime max, but keep_me_logged_in is set assert (config.web.idle_lifetime - config.web.idle_secure_lifetime) > 50 assert (config.web.idle_lifetime_max - config.web.idle_lifetime) > 50 login_session.set_as_logged_in(system_account, True) Session.flush() user_session.last_activity = datetime.now() - timedelta( seconds=config.web.idle_lifetime_max + 50) assert not login_session.is_logged_in() assert not login_session.is_logged_in(secured=True)
def log_in(self, browser=None, session=None, system_account=None, stay_logged_in=False): """Logs the user into the current webapp without having to navigate to a login page.""" session = session or self.party_account_fixture.session browser = browser or self.driver_browser login_session = LoginSession.for_session(session) login_session.set_as_logged_in( system_account or self.party_account_fixture.system_account, stay_logged_in) self.set_session_cookies(browser, session)
def test_logging_in(reahl_system_fixture, party_account_fixture): fixture = party_account_fixture system_account = fixture.system_account login_session = LoginSession.for_session( reahl_system_fixture.context.session) account_management_interface = fixture.account_management_interface account_management_interface.stay_logged_in = False # Case: successful email attempt assert login_session.account is not system_account account_management_interface.log_in() assert login_session.account is system_account # Case: failed email attempts disable the account login_session.account = None assert system_account.account_enabled account_management_interface.email = system_account.email account_management_interface.password = '******' for i in list(range(3)): with expected(InvalidPasswordException, test=assert_is_set_to_commit): account_management_interface.log_in() assert system_account.failed_logins == i + 1 assert login_session.account is None assert not system_account.account_enabled # Case: Account is locked system_account.disable() assert isinstance(system_account.status, AccountDisabled) with expected(AccountNotActiveException): account_management_interface.log_in() assert login_session.account is None # Case: Account is not activated yet login_session.account = None system_account = fixture.new_system_account(email='*****@*****.**', activated=False) assert isinstance(system_account.status, AccountNotActivated) with expected(AccountNotActiveException): account_management_interface.log_in() assert login_session.account is None # Case: Login for nonexistant email name account_management_interface.email = 'i@do not exist' account_management_interface.password = '******' with expected(InvalidPasswordException, test=assert_not_set_to_commit): account_management_interface.log_in() assert login_session.account is None
def logging_in(self, fixture): system_account = fixture.system_account login_session = LoginSession.for_session(fixture.context.session) account_management_interface = fixture.account_management_interface account_management_interface.stay_logged_in = False # Case: successful email attempt vassert(login_session.account is not system_account) account_management_interface.log_in() vassert(login_session.account is system_account) # Case: failed email attempts disable the account login_session.account = None vassert(system_account.account_enabled) account_management_interface.email = system_account.email account_management_interface.password = '******' for i in list(range(3)): with expected(InvalidPasswordException, test=lambda e: vassert(e.commit)): account_management_interface.log_in() vassert(system_account.failed_logins == i + 1) vassert(login_session.account is None) vassert(not system_account.account_enabled) # Case: Account is locked system_account.disable() vassert(isinstance(system_account.status, AccountDisabled)) with expected(AccountNotActiveException): account_management_interface.log_in() vassert(login_session.account is None) # Case: Account is not activated yet login_session.account = None system_account = fixture.new_system_account(email='*****@*****.**', activated=False) vassert(isinstance(system_account.status, AccountNotActivated)) with expected(AccountNotActiveException): account_management_interface.log_in() vassert(login_session.account is None) # Case: Login for nonexistant email name account_management_interface.email = 'i@do not exist' account_management_interface.password = '******' with expected(InvalidPasswordException, test=lambda e: vassert(not e.commit)): account_management_interface.log_in() vassert(login_session.account is None)
def log_in(self, browser=None, session=None, system_account=None, stay_logged_in=False): session = session or self.session browser = browser or self.driver_browser login_session = LoginSession.for_session(session) login_session.set_as_logged_in(system_account or self.system_account, stay_logged_in) # quickly create a response so the fw sets the cookies, which we copy and explicitly set on selenium. response = Response() self.session.set_session_key(response) cookies = http_cookies.BaseCookie( ascii_as_bytes_or_str(', '.join( response.headers.getall('set-cookie')))) for name, morsel in cookies.items(): cookie = {'name': name, 'value': morsel.value} cookie.update( dict([(key, value) for key, value in morsel.items() if value])) browser.create_cookie(cookie)
def log_in(self, browser=None, session=None, system_account=None, stay_logged_in=False): """Logs the user into the current webapp without having to navigate to a login page.""" session = session or self.party_account_fixture.session browser = browser or self.driver_browser login_session = LoginSession.for_session(session) login_session.set_as_logged_in( system_account or self.party_account_fixture.system_account, stay_logged_in) # quickly create a response so the fw sets the cookies, which we copy and explicitly set on selenium. response = Response() session.set_session_key(response) cookies = http.cookies.BaseCookie(', '.join( response.headers.getall('set-cookie'))) for name, morsel in cookies.items(): cookie = {'name': name, 'value': morsel.value} cookie.update( dict([(key, value) for key, value in morsel.items() if value])) browser.create_cookie(cookie)
def log_in_test_user(self): session = self.party_account_fixture.session system_account = self.party_account_fixture.system_account login_session = LoginSession.for_session(session) login_session.set_as_logged_in(system_account, True)
def new_session(self, system_account=None): session = super(TaskQueueZooMixin, self).new_session() system_account = self.new_system_account(party=self.party) login_session = LoginSession.for_session(session) login_session.set_as_logged_in(system_account, True) return session
def login_queries(self, fixture): """""" user_session = fixture.context.session login_session = LoginSession.for_session(fixture.context.session) system_account = fixture.system_account config = fixture.context.config context = fixture.context fixture.request.scheme = 'https' context.request.cookies[ context.config.web.secure_key_name] = user_session.secure_salt vassert(config.web.idle_secure_lifetime < config.web.idle_lifetime) vassert(config.web.idle_lifetime < config.web.idle_lifetime_max) # Case: user logs in user_session.last_activity = None login_session.set_as_logged_in(system_account, False) vassert(login_session.is_logged_in()) vassert(login_session.is_logged_in(secured=True)) # Case: user logs out login_session.log_out() vassert(not login_session.is_logged_in()) vassert(not login_session.is_logged_in(secured=True)) # Case: user activity is older than secure lifetime vassert( (config.web.idle_lifetime - config.web.idle_secure_lifetime) > 50) login_session.set_as_logged_in(system_account, False) user_session.last_activity = datetime.now() - timedelta( seconds=config.web.idle_secure_lifetime + 50) vassert(login_session.is_logged_in()) vassert(not login_session.is_logged_in(secured=True)) # Case: user activity is older than all lifetimes vassert( (config.web.idle_lifetime - config.web.idle_secure_lifetime) > 50) login_session.set_as_logged_in(system_account, False) user_session.last_activity = datetime.now() - timedelta( seconds=config.web.idle_lifetime + 50) vassert(not login_session.is_logged_in()) vassert(not login_session.is_logged_in(secured=True)) # Case: user activity is older than non-secure lifetime, but keep_me_logged_in is set vassert( (config.web.idle_lifetime - config.web.idle_secure_lifetime) > 50) vassert((config.web.idle_lifetime_max - config.web.idle_lifetime) > 50) login_session.set_as_logged_in(system_account, True) user_session.last_activity = datetime.now() - timedelta( seconds=config.web.idle_lifetime + 50) vassert(login_session.is_logged_in()) vassert(not login_session.is_logged_in(secured=True)) # Case: user activity is older than non-secure lifetime max, but keep_me_logged_in is set vassert( (config.web.idle_lifetime - config.web.idle_secure_lifetime) > 50) vassert((config.web.idle_lifetime_max - config.web.idle_lifetime) > 50) login_session.set_as_logged_in(system_account, True) Session.flush() user_session.last_activity = datetime.now() - timedelta( seconds=config.web.idle_lifetime_max + 50) vassert(not login_session.is_logged_in()) vassert(not login_session.is_logged_in(secured=True))