def user():
data = {"email": "*****@*****.**", "first_name": "Test", "last_name": "User"}
try:
return User.query.filter(User.email == data["email"]).one()
except:
usr = User(**data)
usr.set_password("password")
usr.save()
return usr
def user():
data = {"email": "*****@*****.**", "first_name": "Test", "last_name": "User"}
try:
return db_session.query(User).query.filter(User.email == data["email"]).one()
except:
usr = User(**data)
usr.set_password("password")
db_session.add(usr)
db_session.commit()
return usr
def test_scoped_endpoints(session):
user = User(email="*****@*****.**")
user.set_password("password")
read_scope = Scope(code="read")
write_scope = Scope(code="write")
session.add_all([user, read_scope, write_scope])
session.flush()
app = create_app()
with TestClient(app) as client:
assert client.get("/unauthed").status_code == 200
assert client.get("/authed").status_code == 403
assert client.get("/read").status_code == 403
assert client.get("/write").status_code == 403
login = client.post("/auth/login",
data={
"email": "*****@*****.**",
"password": "******"
})
assert login.status_code == 302
assert client.get("/unauthed").status_code == 403
assert client.get("/authed").status_code == 200
assert client.get("/read").status_code == 403
assert client.get("/write").status_code == 403
user.scopes.append(read_scope)
session.add(user)
session.flush()
assert client.get("/unauthed").status_code == 403
assert client.get("/authed").status_code == 200
assert client.get("/read").status_code == 200
assert client.get("/write").status_code == 403
user.scopes.append(write_scope)
session.add(user)
session.flush()
assert client.get("/unauthed").status_code == 403
assert client.get("/authed").status_code == 200
assert client.get("/read").status_code == 200
assert client.get("/write").status_code == 200
def user():
from starlette_auth.tables import User # noqa isort:skip
data = {
"email": "*****@*****.**",
"first_name": "Test",
"last_name": "User"
}
try:
return User.query.filter(email == data["email"]).one()
except:
usr = User(**data)
usr.set_password("password")
usr.save()
return usr
def test_password():
user = User(**data)
user.set_password("password")
assert user.check_password("password")
def user():
test_user = User(email="*****@*****.**")
test_user.set_password("password")
test_user.save()
return test_user