def test_request_login_token_sends_email_and_can_login(self): e = "*****@*****.**" r, user, token = None, None, None with capture_passwordless_login_requests() as requests: with self.app.extensions["mail"].record_messages() as outbox: r = self.client.post("/login", data=dict(email=e), follow_redirects=True) self.assertEqual(len(outbox), 1) self.assertEquals(1, len(requests)) self.assertIn("user", requests[0]) self.assertIn("login_token", requests[0]) user = requests[0]["user"] token = requests[0]["login_token"] msg = self.app.config["SECURITY_MSG_LOGIN_EMAIL_SENT"][0] % dict(email=user.email) self.assertIn(msg, r.data) r = self.client.get("/login/" + token, follow_redirects=True) self.assertIn(self.get_message("PASSWORDLESS_LOGIN_SUCCESSFUL"), r.data) r = self.client.get("/profile") self.assertIn("Profile Page", r.data)
def test_request_login_token_sends_email_and_can_login(self): e = '*****@*****.**' r, user, token = None, None, None with capture_passwordless_login_requests() as requests: with self.app.extensions['mail'].record_messages() as outbox: r = self._post('/login', data=dict(email=e), follow_redirects=True) self.assertEqual(len(outbox), 1) self.assertEquals(1, len(requests)) self.assertIn('user', requests[0]) self.assertIn('login_token', requests[0]) user = requests[0]['user'] token = requests[0]['login_token'] msg = self.app.config['SECURITY_MSG_LOGIN_EMAIL_SENT'][0] msg = msg % dict(email=user.email) self.assertIn(msg, r.data) r = self.client.get('/login/' + token, follow_redirects=True) msg = self.get_message('PASSWORDLESS_LOGIN_SUCCESSFUL') self.assertIn(msg, r.data) r = self.client.get('/profile') self.assertIn('Profile Page', r.data)
def test_token_login_forwards_to_post_login_view_when_already_authenticated(self): with capture_passwordless_login_requests() as requests: self.client.post("/login", data=dict(email="*****@*****.**"), follow_redirects=True) token = requests[0]["login_token"] r = self.client.get("/login/" + token, follow_redirects=True) self.assertIn(self.get_message("PASSWORDLESS_LOGIN_SUCCESSFUL"), r.data) r = self.client.get("/login/" + token, follow_redirects=True) self.assertNotIn(self.get_message("PASSWORDLESS_LOGIN_SUCCESSFUL"), r.data)
def test_token_login_when_already_authenticated(self): with capture_passwordless_login_requests() as requests: self._post('/login', data=dict(email='*****@*****.**'), follow_redirects=True) token = requests[0]['login_token'] r = self.client.get('/login/' + token, follow_redirects=True) msg = self.get_message('PASSWORDLESS_LOGIN_SUCCESSFUL') self.assertIn(msg, r.data) r = self.client.get('/login/' + token, follow_redirects=True) msg = self.get_message('PASSWORDLESS_LOGIN_SUCCESSFUL') self.assertNotIn(msg, r.data)
def test_expired_login_token_sends_email(self): e = "*****@*****.**" with capture_passwordless_login_requests() as requests: self.client.post("/login", data=dict(email=e), follow_redirects=True) token = requests[0]["login_token"] time.sleep(3) with self.app.extensions["mail"].record_messages() as outbox: r = self.client.get("/login/" + token, follow_redirects=True) self.assertEqual(len(outbox), 1) self.assertIn(e, outbox[0].html) self.assertNotIn(token, outbox[0].html) expire_text = self.AUTH_CONFIG["SECURITY_LOGIN_WITHIN"] msg = self.app.config["SECURITY_MSG_LOGIN_EXPIRED"][0] % dict(within=expire_text, email=e) self.assertIn(msg, r.data)
def test_expired_login_token_sends_email(self): e = '*****@*****.**' with capture_passwordless_login_requests() as requests: self._post('/login', data=dict(email=e), follow_redirects=True) token = requests[0]['login_token'] time.sleep(1.25) with self.app.extensions['mail'].record_messages() as outbox: r = self.client.get('/login/' + token, follow_redirects=True) expire_text = self.AUTH_CONFIG['SECURITY_LOGIN_WITHIN'] msg = self.app.config['SECURITY_MSG_LOGIN_EXPIRED'][0] msg = msg % dict(within=expire_text, email=e) self.assertIn(msg, r.data) self.assertEqual(len(outbox), 1) self.assertIn(e, outbox[0].html) self.assertNotIn(token, outbox[0].html)