def test_get_db_then_close(app): # Start up the app and check for a database connection while it's running with app.app_context(): db = get_db() assert db is get_db(), 'get_db should always return the same connection' # After app closes, database connection should close automatically so # running any queries with it should throw an error with pytest.raises(psycopg2.InterfaceError) as error: cur = db.cursor() cur.execute('SELECT 1') assert 'closed' in str(error)
def register(): if request.method == 'POST': email = request.form['email'] password = request.form['password'] cur = get_db().cursor() error = None if not email: error = 'email is required' elif not password: error = 'password is required' else: cur.execute( 'SELECT id FROM users WHERE email = %s', (email,) ) result = cur.fetchone() if result is not None: error = 'email not valid' if error is None: cur.execute( 'INSERT INTO users (email, password) VALUES (%s, %s)', (email, generate_password_hash(password)) ) g.db.commit() cur.close() return redirect(url_for('auth.login')) cur.close() flash(error) return render_template('auth/register.html')
def register(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] db = get_db() cur = db.cursor() error = None cur.execute('SELECT id FROM users WHERE username = %s', (username, )) if not username: error = 'Username is required' elif not password: error = 'Password is required' elif cur.fetchone() is not None: error = 'User {} is already registered.'.format(username) if error is None: cur.execute( 'INSERT INTO users (username, password) VALUES (%s, %s)', (username, generate_password_hash(password))) cur.close() db.commit() return redirect(url_for('auth.login')) flash(error) return render_template('auth/register.html')
def get_todo(id, check_author=True): todo = get_db().execute( 'SELECT t.id, todotitle, tododescription, created, author_id, username' ' FROM todo t JOIN user u ON t.author_id = u.id' ' WHERE t.id = ?', (id, )).fetchone() return todo
def load_logged_in_user(): user_id = session.get('user_id') if user_id is None: g.user = None else: g.user = get_db().execute('SELECT * FROM user WHERE id = ?', (user_id, )).fetchone()
def index(): user_id = session.get('user_id') db = get_db() todos = db.execute( ' SELECT t.id, todotitle, tododescription, created, author_id, username ' ' FROM todo t JOIN user u ON t.author_id = u.id ' ' WHERE t.author_id = ?' ' ORDER BY created DESC', (user_id, )).fetchall() return render_template('todolist/index.html', todos=todos)
def load_logged_in_user(): user_id = session.get('user_id') if user_id is None: g.user = None else: db = get_db() cur = db.cursor() cur.execute('SELECT * FROM users WHERE id = %s', (user_id, )) g.user = cur.fetchone() cur.close()
def test_register(client, app): assert client.get('/auth/register').status_code == 200 response = client.post('/auth/register', data={ 'username': '******', 'password': '******' }) assert 'http://localhost/auth/login' == response.headers['Location'] with app.app_context(): cur = get_db().cursor() cur.execute("SELECT * FROM users WHERE username = '******'") assert cur.fetchone() is not None
def add_item_test_db(client, app): assert client.get('/create-item') response = client.post( '/create-item', data={'description': 'test'} ) assert client.get('/') with app.app_context(): assert get_db().execute( "SELECT * FROM todos WHERE description = 'test'" ).fetchtone() is not None assert b'test' in response.data
def test_add_item(client, app): response = client.get('/create-item') assert b'<h1>Create a to-do item</h1>' in response.data assert b'Enter an item' in response.data response = client.post('/create-item', data={'description': 'feedthemax'}) with app.app_context(): cur = get_db().cursor() cur.execute("SELECT * FROM todos WHERE description = 'feedthemax'") assert cur.fetchone() is not None response = client.get('/') assert b'feedthemax' in response.data
def test_register(client, app): assert client.get('/auth/register').status_code == 200 response = client.post( '/auth/register', data={'email': 'a', 'password': '******'} ) assert 'http://localhost/auth/login' == response.headers['Location'] with app.app_context(): cur = db.get_db().cursor() cur.execute( "SELECT * from users WHERE email = 'a'", ); cur.fetchone() assert cur is not None cur.close()
def test_register(client, app): assert client.get('/register').status_code == 200 response = client.post('/register', data={ 'username': '******', 'password': '******' }) #A successful registration should redirect to the index assert response.headers['Location'] == 'http://localhost/' #Trying to register an already existing user should fail and return a message response = client.post('/register', data={ 'username': '******', 'password': '******' }) assert b'user1 is already registered' in response.data #Trying to register without a username should fail and return a message response = client.post('/register', data={ 'username': '', 'password': '******' }) assert b'Username is required' in response.data #Trying to register without a password should fail and return a message response = client.post('/register', data={ 'username': '******', 'password': '' }) assert b'Password is required' in response.data #Ensure that the registered user is in the database with app.app_context(): cur = get_db().cursor() cur.execute("SELECT password FROM users WHERE username = '******'") assert cur.fetchone()[0] == 'User1_123' cur.close()
def create_todo(): if request.method == 'POST': todotitle = request.form['todotitle'] tododescription = request.form['tododescription'] error = None if not todotitle: error = 'Title is required.' if error is not None: flash(error) else: db = get_db() db.execute( 'INSERT INTO todo (todotitle, tododescription, author_id)' ' VALUES (?, ?, ?)', (todotitle, tododescription, g.user['id'])) db.commit() return redirect(url_for('todolist.index')) return render_template('todolist/create.html')
def update_todo(id): todo = get_todo(id) if request.method == 'POST': todotitle = request.form['todotitle'] todotext = request.form['tododescription'] error = None if not title: error = 'Title is empty' if error is not None: flash(error) else: db = get_db() db.execute( 'UPDATE todo SET todotitle = ?, tododescription = ? WHERE id = ?', (todotitle, tododescription, id)) db.commit() return redirect(url_for('todolist.index')) return render_template('todolist/update.html', todo=todo)
def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] db = get_db() error = None user = db.execute('SELECT * FROM user WHERE username = ?', (username, )).fetchone() if user is None: error = 'Incorrect username.' elif not check_password_hash(user['password'], password): error = 'Incorrect password.' if error is None: session.clear() session['user_id'] = user['id'] return redirect(url_for('index')) flash(error) return render_template('auth/login.html')
def login(): if request.method == 'POST': email = request.form['email'] password = request.form['password'] cur = get_db().cursor() error = None cur.execute( 'SELECT * FROM users WHERE email = %s', (email,) ) user = cur.fetchone() if user is None: error = ' incorrect login credentials ' elif not check_password_hash(user['password'], password): error = ' incorrect login credentials ' if error is None: session.clear() session['user_id'] = user['id'] return redirect(url_for('todos.index')) flash(error) return render_template('auth/login.html', message=error)
def delete_todo(id): get_todo(id) db = get_db() db.execute('DELETE FROM todo WHERE id = ?', (id, )) db.commit() return redirect(url_for('todolist.index'))