def test_login_logout(client):
# check that we can login and logout a client
rv = login(client, 'test_iris_admin', 'test')
# the login function will follow the redirection and should be a 200 code
assert rv.status_code == 200
assert b'*****@*****.**' in rv.data
assert b'Iris classification' in rv.data
assert b'Boston housing price regression' in rv.data
rv = logout(client)
assert rv.status_code == 200
assert b'Login' in rv.data
assert b'Username' in rv.data
assert b'Password' in rv.data
def test_login(client_session):
client, session = client_session
# GET without any previous login
rv = client.get('/login')
assert rv.status_code == 200
assert b'Login' in rv.data
assert b'Username' in rv.data
assert b'Password' in rv.data
# GET with a previous login
with login_scope(client, 'test_user', 'test') as client:
rv = client.get('/login')
assert rv.status_code == 302
assert rv.location == 'http://localhost/problems'
rv = client.get('/login', follow_redirects=True)
assert rv.status_code == 200
# POST with unknown username
login_info = {'user_name': 'unknown', 'password': '******'}
rv = client.post('/login', data=login_info)
with client.session_transaction() as cs:
flash_message = dict(cs['_flashes'])
assert flash_message['message'] == 'User "unknown" does not exist'
assert rv.status_code == 302
assert rv.location == 'http://localhost/login'
rv = client.post('/login', data=login_info, follow_redirects=True)
assert rv.status_code == 200
# POST with wrong password
login_info = {'user_name': 'test_user', 'password': '******'}
rv = client.post('/login', data=login_info)
with client.session_transaction() as cs:
flash_message = dict(cs['_flashes'])
assert flash_message['message'] == 'Wrong password'
assert rv.status_code == 302
assert rv.location == 'http://localhost/login'
rv = client.post('/login', data=login_info, follow_redirects=True)
assert rv.status_code == 200
# POST with a right login and password
login_info = {'user_name': 'test_user', 'password': '******'}
rv = client.post('/login', data=login_info)
assert rv.status_code == 302
assert rv.location == 'http://localhost/problems'
user = get_user_by_name_or_email(session, login_info['user_name'])
assert user.is_authenticated
logout(client)
rv = client.post('/login', data=login_info, follow_redirects=True)
assert rv.status_code == 200
logout(client)
# POST with a right email as login and password
login_info = {
'user_name': 'test_user',
'password': '******',
'email': '*****@*****.**'
}
rv = client.post('/login', data=login_info)
assert rv.status_code == 302
assert rv.location == 'http://localhost/problems'
user = get_user_by_name_or_email(session, login_info['email'])
assert user.is_authenticated
logout(client)
rv = client.post('/login', data=login_info, follow_redirects=True)
assert rv.status_code == 200
logout(client)
# POST with right login and password from a different location webpage
login_info = {'user_name': 'test_user', 'password': '******'}
landing_page = {'next': 'http://localhost/events/iris_test'}
rv = client.post('/login', data=login_info, query_string=landing_page)
assert rv.status_code == 302
assert rv.location == landing_page['next']
logout(client)
rv = client.post('/login',
data=login_info,
query_string=landing_page,
follow_redirects=True)
assert rv.status_code == 200
logout(client)