def test_register_user_approval_required(mockdata, client, session):
current_app.config['APPROVE_REGISTRATIONS'] = True
with current_app.test_request_context():
diceware_password = '******'
form = RegistrationForm(email='*****@*****.**',
username='******',
password=diceware_password,
password2=diceware_password)
rv = client.post(url_for('auth.register'),
data=form.data,
follow_redirects=True)
assert 'Once an administrator approves your registration, you will ' \
'receive a confirmation email to activate your account.' in rv.data.decode('utf-8')
form = LoginForm(email='*****@*****.**',
password=diceware_password,
remember_me=True)
rv = client.post(url_for('auth.login'),
data=form.data,
follow_redirects=False)
assert b'Invalid username or password' not in rv.data
rv = client.get(url_for('auth.unconfirmed'), follow_redirects=False)
assert b'administrator has not approved your account yet' in rv.data
def test_user_cannot_register_with_weak_password(mockdata, client, session):
with current_app.test_request_context():
form = RegistrationForm(email='*****@*****.**',
username='******',
password='******',
password2='weak')
rv = client.post(url_for('auth.register'),
data=form.data,
follow_redirects=True)
assert 'A confirmation email has been sent to you.' not in rv.data
def test_user_can_register_with_legit_credentials(mockdata, client, session):
with current_app.test_request_context():
diceware_password = '******'
form = RegistrationForm(email='*****@*****.**',
username='******',
password=diceware_password,
password2=diceware_password)
rv = client.post(url_for('auth.register'),
data=form.data,
follow_redirects=True)
assert 'A confirmation email has been sent to you.' in rv.data
def test_user_cannot_register_with_existing_email(mockdata, client, session):
with current_app.test_request_context():
form = RegistrationForm(email='*****@*****.**',
username='******',
password='******',
password2='dog')
rv = client.post(url_for('auth.register'),
data=form.data,
follow_redirects=False)
# Form will return 200 only if the form does not validate
assert rv.status_code == 200
assert 'Email already registered' in rv.data
def test_user_cannot_register_if_passwords_dont_match(mockdata, client,
session):
with current_app.test_request_context():
form = RegistrationForm(email='*****@*****.**',
username='******',
password='******',
password2='cat')
rv = client.post(url_for('auth.register'),
data=form.data,
follow_redirects=False)
# Form will return 200 only if the form does not validate
assert rv.status_code == 200
assert 'Passwords must match' in rv.data
