def test_add_user_duplicate_email(self): """Ensure error is thrown if the email already exists.""" add_user('test', '*****@*****.**', 'test', True) with self.client: token = get_auth_token(self.client) self.client.post('/users', data=json.dumps({ 'username': '******', 'email': '*****@*****.**', 'password': '******', }), content_type='application/json', headers={'Authorization': f'Bearer {token}'}) token_two = get_auth_token(self.client) response = self.client.post( '/users', data=json.dumps({ 'username': '******', 'email': '*****@*****.**', 'password': '******' }), content_type='application/json', headers={'Authorization': f'Bearer {token_two}'}) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 400) self.assertIn('Sorry. That email already exists.', data['message']) self.assertIn('fail', data['status'])
def test_valid_logout(self): add_user('test', '*****@*****.**', 'test') with self.client: token = get_auth_token(self.client) response = self.client.get( '/auth/logout', headers={'Authorization': f'Bearer {token}'}) data = json.loads(response.data.decode()) self.assertTrue(data['status'] == 'success') self.assertTrue(data['message'] == 'Successfully logged out.') self.assertEqual(response.status_code, 200)
def test_invalid_logout_expired_token(self): add_user('test', '*****@*****.**', 'test') current_app.config['TOKEN_EXPIRATION_SECONDS'] = -1 with self.client: token = get_auth_token(self.client) response = self.client.get( '/auth/logout', headers={'Authorization': f'Bearer {token}'}) data = json.loads(response.data.decode()) self.assertTrue(data['status'] == 'fail') self.assertTrue( data['message'] == 'Signature expired. Please log in again.') self.assertEqual(response.status_code, 401)
def test_invalid_status_inactive(self): add_user('test', '*****@*****.**', 'test') # update user user = User.query.filter_by(email='*****@*****.**').first() user.active = False db.session.commit() with self.client: token = get_auth_token(self.client) response = self.client.get( '/auth/status', headers={'Authorization': f'Bearer {token}'}) data = json.loads(response.data.decode()) self.assertTrue(data['status'] == 'fail') self.assertTrue(data['message'] == 'Provide a valid auth token.') self.assertEqual(response.status_code, 401)
def test_user_status(self): add_user('test', '*****@*****.**', 'test') with self.client: token = get_auth_token(self.client) response = self.client.get( '/auth/status', headers={'Authorization': f'Bearer {token}'}) data = json.loads(response.data.decode()) self.assertTrue(data['status'] == 'success') self.assertTrue(data['data'] is not None) self.assertTrue(data['data']['username'] == 'test') self.assertTrue(data['data']['email'] == '*****@*****.**') self.assertTrue(data['data']['active']) self.assertFalse(data['data']['admin']) self.assertEqual(response.status_code, 200)
def test_add_user_invalid_json(self): """Ensure error is thrown if the JSON object is empty.""" add_user('test', '*****@*****.**', 'test', True) with self.client: token = token = get_auth_token(self.client) response = self.client.post( '/users', data=json.dumps({}), content_type='application/json', headers={'Authorization': f'Bearer {token}'}) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 400) self.assertIn('Invalid payload.', data['message']) self.assertIn('fail', data['status'])
def test_add_user_invalid_json_keys(self): """Ensure error is thrown if the JSON object does not have a username key.""" add_user('test', '*****@*****.**', 'test', True) with self.client: token = get_auth_token(self.client) response = self.client.post( '/users', data=json.dumps({ 'email': '*****@*****.**', 'password': '******' }), content_type='application/json', headers={'Authorization': f'Bearer {token}'}) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 400) self.assertIn('Invalid payload.', data['message']) self.assertIn('fail', data['status'])
def test_add_user(self): """Ensure a new user can be added to the database.""" add_user('test', '*****@*****.**', 'test', True) with self.client: token = get_auth_token(self.client) response = self.client.post( '/users', data=json.dumps({ 'username': '******', 'email': '*****@*****.**', 'password': '******', }), content_type='application/json', headers={'Authorization': f'Bearer {token}'}) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 201) self.assertIn('[email protected] was added!', data['message']) self.assertIn('success', data['status'])
def test_add_users_not_admin(self): add_user('test', '*****@*****.**', 'test') with self.client: # user login token = get_auth_token(self.client) response = self.client.post( '/users', data=json.dumps({ 'username': '******', 'email': '*****@*****.**', 'password': '******' }), content_type='application/json', headers={'Authorization': f'Bearer {token}'}) data = json.loads(response.data.decode()) self.assertTrue(data['status'] == 'fail') self.assertTrue( data['message'] == 'You do not have permission to do that.') self.assertEqual(response.status_code, 401)
def test_add_user_inactive(self): add_user('test', '*****@*****.**', 'test') # update user user = User.query.filter_by(email='*****@*****.**').first() user.active = False db.session.commit() with self.client: token = get_auth_token(self.client) response = self.client.post( '/users', data=json.dumps({ 'username': '******', 'email': '*****@*****.**', 'password': '******' }), content_type='application/json', headers={'Authorization': f'Bearer {token}'}) data = json.loads(response.data.decode()) self.assertTrue(data['status'] == 'fail') self.assertTrue(data['message'] == 'Provide a valid auth token.') self.assertEqual(response.status_code, 401)