def test_login_POST_bad_auth_with_no_user(mocker):
UserModel = get_user_model()
mocker.patch.object(UserModel._default_manager, "get_by_natural_key",
mock.Mock(side_effect=UserModel.DoesNotExist))
mocker.patch.object(UserModel.objects, "get",
mock.Mock(side_effect=UserModel.DoesNotExist))
JsonResponse = mocker.patch("projectx.users.api.JsonResponse")
authenticate = mocker.patch("projectx.users.api.authenticate")
authenticate.return_value = None
django_login = mocker.patch("projectx.users.api.django_login")
body = json.dumps(dict(email="*****@*****.**", password="******"))
user = mock.Mock(is_authenticated=False)
request = make_request(
method="POST",
user=user,
body=body,
META={"CSRF_COOKIE": "token"},
)
api.login(request)
assert JsonResponse.mock_calls[0:1] == [
mock.call(
{
"success": False,
},
status=401,
)
]
assert authenticate.mock_calls == [
mock.call(request, username="******", password="******")
]
assert django_login.mock_calls == []
def test_login_POST(mocker):
JsonResponse = mocker.patch("projectx.users.api.JsonResponse")
authenticate = mocker.patch("projectx.users.api.authenticate")
django_login = mocker.patch("projectx.users.api.django_login")
mocker.patch("projectx.users.api.new_jwt_token", return_value="jwt")
body = json.dumps(dict(email="*****@*****.**", password="******"))
user = mock.Mock(is_authenticated=False)
request = make_request(
method="POST",
user=user,
body=body,
META={"CSRF_COOKIE": "token"},
)
api.login(request)
assert authenticate.call_args_list == [
mock.call(request, username="******", password="******"),
]
assert JsonResponse.call_args_list[0:1] == [
mock.call({
"success": True,
"user": authenticate().to_json(),
"jwt": "jwt",
"token": mock.ANY,
"logout_url": "/app/users/logout/",
})
]
assert django_login.mock_calls == [mock.call(request, authenticate())]
def test_login_POST_rate_limited(settings, mocker):
settings.CACHES = {
"default": {
"BACKEND": "django.core.cache.backends.locmem.LocMemCache",
"LOCATION": "unique-snowflake",
}
}
mocker.patch("projectx.users.api.JsonResponse")
mocker.patch("projectx.users.api.authenticate")
mocker.patch("projectx.users.api.django_login")
mocker.patch("projectx.users.api.new_jwt_token")
user = mock.Mock(is_authenticated=False)
request = make_request(
method="POST",
user=user,
body="{}",
META={
"CSRF_COOKIE": "token",
"REMOTE_ADDR": "127.0.0.1"
},
session=mock.MagicMock(),
)
with pytest.raises(Ratelimited) as rate_limit_ex:
for _ in range(0, 6):
api.login(request)
assert str(rate_limit_ex.value) == ""
def test_login_GET_no_csrf(mocker):
JsonResponse = mocker.patch("projectx.users.api.JsonResponse")
user = mock.Mock(is_authenticated=False)
request = make_request(method="GET", user=user)
api.login(request)
assert JsonResponse.mock_calls[0] == mock.call({"token": mock.ANY})
def test_login_GET(mocker):
JsonResponse = mocker.patch("projectx.users.api.JsonResponse")
mocker.patch("projectx.users.api._get_token", return_value="token")
user = mock.Mock(is_authenticated=False)
request = make_request(method="GET",
user=user,
META={"CSRF_COOKIE": "token"})
api.login(request)
assert JsonResponse.mock_calls[0] == mock.call({"token": "token"})