def test_add_user_inactive(self):
add_user()
# update user
user = User.query.filter_by(email=EMAIL).first()
user.active = False
db.session.commit()
with self.client:
resp_login = self.client.post('/auth/login',
data=json.dumps(
dict(email=EMAIL,
password=PASSWORD)),
content_type='application/json')
response = self.client.post(
'/users',
data=json.dumps(
dict(username=JOHN,
email=JOHN_EMAIL,
password=JOHN_PASSWORD)),
content_type='application/json',
headers=dict(
Authorization='Bearer ' +
json.loads(resp_login.data.decode())['auth_token']))
self.assertEqual(response.status_code, http_response.UNAUTHORIZED)
data = json.loads(response.data.decode())
self.assertTrue(data['status'] == 'error')
self.assertTrue(
data['message'] == 'Something went wrong. Please contact us.')
def test_add_user_duplicate_username(self):
add_user()
duplicate_user = User(username=NAME,
email='*****@*****.**',
password=PASSWORD)
db.session.add(duplicate_user)
self.assertRaises(IntegrityError, db.session.commit)
def test_add_user_duplicate_email(self):
add_user()
duplicate_user = User(username='******',
email=EMAIL,
password=PASSWORD)
db.session.add(duplicate_user)
self.assertRaises(IntegrityError, db.session.commit)
def test_user_registration_duplicate_email(self):
add_user()
with self.client:
response = self.client.post(
'/auth/register',
data=json.dumps(
dict(username=JOHN, email=EMAIL, password='******')),
content_type='application/json',
)
self.assertEqual(response.status_code, http_response.BAD_REQUEST)
data = json.loads(response.data.decode())
self.assertIn('Sorry. That user already exists.', data['message'])
self.assertIn('error', data['status'])
def test_all_users(test_app, test_database):
recreate_db()
add_user("michael", "*****@*****.**")
add_user("fletcher", "*****@*****.**")
client = test_app.test_client()
resp = client.get("/users")
data = json.loads(resp.data.decode())
assert resp.status_code == 200
assert len(data["data"]["users"]) == 2
assert "michael" in data["data"]["users"][0]["username"]
assert "*****@*****.**" in data["data"]["users"][0]["email"]
assert "fletcher" in data["data"]["users"][1]["username"]
assert "*****@*****.**" in data["data"]["users"][1]["email"]
assert "success" in data["status"]
def test_all_users(self):
"""Ensure get all users behaves correctly."""
created = datetime.datetime.utcnow() + datetime.timedelta(-30)
add_user(JOHN, JOHN_EMAIL, JOHN_PASSWORD, created)
add_user(JANE, JANE_EMAIL, JANE_PASSWORD)
with self.client:
response = self.client.get('/users')
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, http_response.OK)
self.assertEqual(len(data['data']['users']), 2)
self.assertTrue('created_at' in data['data']['users'][0])
self.assertTrue('created_at' in data['data']['users'][1])
self.assertIn(JOHN, data['data']['users'][0]['username'])
self.assertIn(JOHN_EMAIL, data['data']['users'][0]['email'])
self.assertIn(JANE, data['data']['users'][1]['username'])
self.assertIn(JANE_EMAIL, data['data']['users'][1]['email'])
self.assertIn('success', data['status'])
def test_single_user(test_app, test_database):
user = add_user("jeffrey", "*****@*****.**")
client = test_app.test_client()
resp = client.get(f"/users/{user.id}")
data = json.loads(resp.data.decode())
assert resp.status_code == 200
assert "jeffrey" in data["data"]["username"]
assert "*****@*****.**" in data["data"]["email"]
assert "success" in data["status"]
def test_user_to_json(self):
user_json = add_user().to_json()
self.assertEqual(user_json['username'], NAME)
self.assertEqual(user_json['email'], EMAIL)
self.assertTrue('id' in user_json)
self.assertTrue('created_at' in user_json)
self.assertTrue('admin' in user_json)
self.assertTrue('active' in user_json)
self.assertFalse('password' in user_json)
def test_add_user(self):
user = add_user()
self.assertTrue(user.id)
self.assertEqual(user.username, NAME)
self.assertEqual(user.email, EMAIL)
self.assertTrue(user.password)
self.assertTrue(user.active)
self.assertTrue(user.created_at)
self.assertFalse(user.admin)
def test_valid_logout(self):
add_user()
with self.client:
# user login
resp_login = self.client.post('/auth/login',
data=json.dumps(
dict(email=EMAIL,
password=PASSWORD)),
content_type='application/json')
# valid token logout
response = self.client.get(
'/auth/logout',
headers=dict(
Authorization='Bearer ' +
json.loads(resp_login.data.decode())['auth_token']))
self.assertEqual(response.status_code, http_response.OK)
data = json.loads(response.data.decode())
self.assertTrue(data['status'] == 'success')
self.assertTrue(data['message'] == 'Successfully logged out.')
def test_invalid_logout_expired_token(self):
add_user()
with self.client:
resp_login = self.client.post('/auth/login',
data=json.dumps(
dict(email=EMAIL,
password=PASSWORD)),
content_type='application/json')
# invalid token logout
time.sleep(4)
response = self.client.get(
'/auth/logout',
headers=dict(
Authorization='Bearer ' +
json.loads(resp_login.data.decode())['auth_token']))
self.assertEqual(response.status_code, http_response.UNAUTHORIZED)
data = json.loads(response.data.decode())
self.assertTrue(data['status'] == 'error')
self.assertTrue(data['message'] == 'ExpiredSignatureError')
def test_single_user(self):
"""Ensure get single user behaves correctly."""
user = add_user(JOHN, JOHN_EMAIL, JOHN_PASSWORD)
with self.client:
response = self.client.get(f'/users/{user.id}')
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, http_response.OK)
self.assertTrue('created_at' in data['data'])
self.assertIn(JOHN, data['data']['username'])
self.assertIn(JOHN_EMAIL, data['data']['email'])
self.assertIn('success', data['status'])
def test_user_status(self):
add_user()
with self.client:
resp_login = self.client.post('/auth/login',
data=json.dumps(
dict(email=EMAIL,
password=PASSWORD)),
content_type='application/json')
response = self.client.get(
'/auth/status',
headers=dict(
Authorization='Bearer ' +
json.loads(resp_login.data.decode())['auth_token']))
self.assertEqual(response.status_code, http_response.OK)
data = json.loads(response.data.decode())
self.assertTrue(data['status'] == 'success')
self.assertTrue(data['data'] is not None)
self.assertTrue(data['data']['username'] == NAME)
self.assertTrue(data['data']['email'] == EMAIL)
self.assertTrue(data['data']['active'] is True)
self.assertTrue(data['data']['created_at'])
def _add_user_and_login(self, as_admin):
user = add_user()
if as_admin:
user = User.query.filter_by(email=EMAIL).first()
user.admin = True
db.session.commit()
resp_login = self.client.post(
'/auth/login',
data=json.dumps(dict(
email=EMAIL,
password=PASSWORD
)),
content_type='application/json'
)
return user, resp_login
def test_remove_user(test_app, test_database):
recreate_db()
user = add_user("user-to-be-removed", "*****@*****.**")
client = test_app.test_client()
resp_one = client.get("/users")
data = json.loads(resp_one.data.decode())
assert resp_one.status_code == 200
assert len(data["data"]["users"]) == 1
resp_two = client.delete(f"/users/{user.id}")
data = json.loads(resp_two.data.decode())
assert resp_two.status_code == 200
assert "[email protected] was removed!" in data["message"]
assert "success" in data["status"]
resp_three = client.get("/users")
data = json.loads(resp_three.data.decode())
assert resp_three.status_code == 200
assert len(data["data"]["users"]) == 0
def test_update_user(test_app, test_database):
user = add_user("user-to-be-updated", "*****@*****.**")
client = test_app.test_client()
resp_one = client.put(
f"/users/{user.id}",
data=json.dumps({
"username": "******",
"email": "*****@*****.**"
}),
content_type="application/json",
)
data = json.loads(resp_one.data.decode())
assert resp_one.status_code == 200
assert f"{user.id} was updated!" in data["message"]
assert "success" in data["status"]
resp_two = client.get(f"/users/{user.id}")
data = json.loads(resp_two.data.decode())
assert resp_two.status_code == 200
assert "me" in data["data"]["username"]
assert "*****@*****.**" in data["data"]["email"]
assert "success" in data["status"]
def test_decode_auth_token(self):
user = add_user()
auth_token = encode_auth_token(user.id)
self.assertTrue(isinstance(auth_token, bytes))
self.assertTrue(decode_auth_token(auth_token), user.id)