def test_update_userinfo(client):
# test update user info
test_user_success_two['password'] = '******'
test_user_success_two['password_confirmed'] = 'testuser'
test_user_success_two['email'] = '*****@*****.**'
resp = client.post("/auth/login", json=test_staff_user)
access_token = json.loads(
resp.data.decode("utf-8"))['data']['access_token']
resp = client.put("/users/" + test_user_success_two['username'],
headers={'Authorization': access_token},
json=test_user_success_two)
assert resp.status_code == SUCCESS_OK
test_user_success_two['password_confirmed'] = 'test'
resp = client.put("/users/" + test_user_success_two['username'],
headers={'Authorization': access_token},
json=test_user_success_two)
assert resp.status_code == ERROR_BAD_REQUEST
# after test update user info, delete test_user_success_two
resp = client.delete("/users/" + test_user_success_two['username'],
headers={'Authorization': access_token})
assert resp.status_code == SUCCESS_OK
def test_login(client):
# test login
resp = client.post("/auth/login", json=test_user)
assert resp.status_code == SUCCESS_OK
# check access_token
access_token = json.loads(
resp.data.decode("utf-8"))['data']['access_token']
assert access_token
def test_get_userinfo(client):
# test get user info
resp = client.post("/auth/login", json=test_staff_user)
access_token = json.loads(
resp.data.decode("utf-8"))['data']['access_token']
resp = client.get("/users", headers={"Authorization": access_token})
assert resp.status_code == SUCCESS_OK
resp = client.post("/auth/login", json=test_is_not_staff_user)
access_token = json.loads(
resp.data.decode("utf-8"))['data']['access_token']
resp = client.get("/users", headers={"Authorization": access_token})
assert resp.status_code == ERROR_UNAUTHORIZED
resp = client.post("/auth/login", json=test_staff_user)
access_token = json.loads(
resp.data.decode("utf-8"))['data']['access_token']
resp = client.get("/users/" + test_staff_user['username'],
headers={'Authorization': access_token})
assert resp.status_code == SUCCESS_OK
def test_me(client):
# test login and get access_token
resp = client.post("/auth/login", json=test_user)
access_token = json.loads(
resp.data.decode("utf-8"))['data']['access_token']
assert access_token
# test me
resp = client.get('/auth/me', headers={"Authorization": access_token})
assert resp.status_code == SUCCESS_OK
# test me not given access_token
resp = client.get('/auth/me')
assert resp.status_code == ERROR_BAD_REQUEST
def test_create_delete(client):
# test create user
# test delete user
resp = client.post("/users", json=test_user_success_one)
assert resp.status_code == SUCCESS_OK
resp = client.post("/users", json=test_user_success_two)
assert resp.status_code == SUCCESS_OK
resp = client.post("/users", json=test_uesr_fail)
assert resp.status_code == ERROR_BAD_REQUEST
resp = client.post("/auth/login", json=test_user_success_one)
access_token = json.loads(
resp.data.decode("utf-8"))['data']['access_token']
resp = client.delete("/users/" + test_user_success_one['username'],
headers={'Authorization': access_token})
assert resp.status_code == SUCCESS_OK
# deleted user, unauthourized
resp = client.delete("/users/" + test_user_success_one['username'],
headers={'Authorization': access_token})
assert resp.status_code == ERROR_UNAUTHORIZED
def test_refresh(client):
# test login and get access_token
resp = client.post("/auth/login", json=test_user)
access_token = json.loads(
resp.data.decode("utf-8"))['data']['access_token']
assert access_token
# test refresh
resp = client.get('/auth/refresh', headers={"Authorization": access_token})
assert resp.status_code == SUCCESS_OK
new_access_token = json.loads(
resp.data.decode("utf-8"))['data']['access_token']
assert new_access_token
# access_token compare with new_access_token
assert access_token != new_access_token
# test refresh not given access_token
resp = client.get('auth/refresh')
assert resp.status_code == ERROR_BAD_REQUEST