def test_basic_custom_forms(app, sqlalchemy_datastore): class MyLoginForm(LoginForm): email = StringField("My Login Email Address Field") class MyRegisterForm(RegisterForm): email = StringField("My Register Email Address Field") class MyForgotPasswordForm(ForgotPasswordForm): email = StringField( "My Forgot Email Address Field", validators=[email_required, email_validator, valid_user_email], ) class MyResetPasswordForm(ResetPasswordForm): password = StringField("My Reset Password Field") class MyChangePasswordForm(ChangePasswordForm): password = PasswordField("My Change Password Field") app.security = Security( app, datastore=sqlalchemy_datastore, login_form=MyLoginForm, register_form=MyRegisterForm, forgot_password_form=MyForgotPasswordForm, reset_password_form=MyResetPasswordForm, change_password_form=MyChangePasswordForm, ) populate_data(app) client = app.test_client() response = client.get("/login") assert b"My Login Email Address Field" in response.data response = client.get("/register") assert b"My Register Email Address Field" in response.data response = client.get("/reset") assert b"My Forgot Email Address Field" in response.data with capture_reset_password_requests() as requests: response = client.post("/reset", data=dict(email="*****@*****.**")) token = requests[0]["token"] response = client.get("/reset/" + token) assert b"My Reset Password Field" in response.data authenticate(client) response = client.get("/change") assert b"My Change Password Field" in response.data
def clients(request, app, tmpdir, realdburl): if request.param == "cl-sqlalchemy": ds = sqlalchemy_setup(request, app, tmpdir, realdburl) elif request.param == "c2": ds = sqlalchemy_session_setup(request, app, tmpdir, realdburl) elif request.param == "cl-mongo": ds = mongoengine_setup(request, app, tmpdir, realdburl) elif request.param == "cl-peewee": ds = peewee_setup(request, app, tmpdir, realdburl) elif request.param == "cl-pony": # Not working yet. ds = pony_setup(request, app, tmpdir, realdburl) app.security = Security(app, datastore=ds) populate_data(app) if request.param == "cl-peewee": # peewee is insistent on a single connection? ds.db.close_db(None) return app.test_client()
def test_token_query(in_app_context): # Verify that when authenticating with auth token (and not session) # that there is just one DB query to get user. app = in_app_context populate_data(app) client_nc = app.test_client(use_cookies=False) response = json_authenticate(client_nc) token = response.json["response"]["user"]["authentication_token"] current_nqueries = get_num_queries(app.security.datastore) response = client_nc.get( "/token", headers={"Content-Type": "application/json", "Authentication-Token": token}, ) assert response.status_code == 200 end_nqueries = get_num_queries(app.security.datastore) assert current_nqueries is None or end_nqueries == (current_nqueries + 1)
def test_verifying_token_from_version_3x(in_app_context): """ Check token generated with flask security 3.x, which has different form than token from version 4.0.0, can be verified """ app = in_app_context populate_data(app) with app.test_request_context("/"): user = app.security.datastore.find_user(email="*****@*****.**") token = get_auth_token_version_3x(app, user) data = app.security.remember_token_serializer.loads( token, max_age=app.security.token_max_age ) assert user.verify_auth_token(data) is True
def test_auth_token_decorator(in_app_context): """ Test accessing endpoint decorated with auth_token_required when using token generated by flask security 3.x algorithm """ app = in_app_context populate_data(app) client_nc = app.test_client(use_cookies=False) with app.test_request_context("/"): user = app.security.datastore.find_user(email="*****@*****.**") token = get_auth_token_version_3x(app, user) response = client_nc.get( "/token", headers={"Content-Type": "application/json", "Authentication-Token": token}, ) assert response.status_code == 200
def test_session_query(in_app_context): # Verify that when authenticating with auth token (but also sending session) # that there are 2 DB queries to get user. # This is since the session will load one - but auth_token_required needs to # verify that the TOKEN is valid (and it is possible that the user_id in the # session is different that the one in the token (huh?) app = in_app_context populate_data(app) client = app.test_client() response = json_authenticate(client) token = response.json["response"]["user"]["authentication_token"] current_nqueries = get_num_queries(app.security.datastore) response = client.get( "/token", headers={"Content-Type": "application/json", "Authentication-Token": token}, ) assert response.status_code == 200 end_nqueries = get_num_queries(app.security.datastore) assert current_nqueries is None or end_nqueries == (current_nqueries + 2)
def client_nc(request, sqlalchemy_app): # useful for testing token auth. # No Cookies for You! app = sqlalchemy_app() populate_data(app) return app.test_client(use_cookies=False)
def client(request, sqlalchemy_app): app = sqlalchemy_app() populate_data(app) return app.test_client()
def client(request: pytest.FixtureRequest, sqlalchemy_app: t.Callable) -> "FlaskClient": app = sqlalchemy_app() populate_data(app) return app.test_client()