def test_login_redirects_when_validation_succeeds(authn_policy):
request = DummyRequest(auth_domain='hypothes.is')
authn_policy.authenticated_userid.return_value = None # Logged out
controller = AuthController(request)
controller.form = form_validating_to({"user": FakeUser(username='******')})
result = controller.login()
assert isinstance(result, httpexceptions.HTTPFound)
def test_login_returns_form_when_validation_fails(authn_policy):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = None # Logged out
controller = AuthController(request)
controller.form = invalid_form()
result = controller.login()
assert result == {'form': 'invalid form'}
def test_login_no_event_when_validation_fails(loginevent,
authn_policy,
notify):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = None # Logged out
controller = AuthController(request)
controller.form = invalid_form()
controller.login()
assert not loginevent.called
assert not notify.called
def test_login_event_when_validation_succeeds(loginevent,
authn_policy,
notify):
request = DummyRequest(auth_domain='hypothes.is')
authn_policy.authenticated_userid.return_value = None # Logged out
elephant = FakeUser(username='******')
controller = AuthController(request)
controller.form = form_validating_to({"user": elephant})
controller.login()
loginevent.assert_called_with(request, elephant)
notify.assert_called_with(loginevent.return_value)
def test_logout_invalidates_session():
request = DummyRequest()
request.session["foo"] = "bar"
result = AuthController(request).logout()
assert "foo" not in request.session
def test_logout_event(logoutevent, notify):
request = DummyRequest()
result = AuthController(request).logout()
logoutevent.assert_called_with(request)
notify.assert_called_with(logoutevent.return_value)
def test_login_redirects_when_logged_in(authn_policy):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = "acct:[email protected]"
result = AuthController(request).login()
assert isinstance(result, httpexceptions.HTTPFound)
def test_logout_event(logoutevent, authn_policy, notify):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = "acct:[email protected]"
result = AuthController(request).logout()
logoutevent.assert_called_with(request)
notify.assert_called_with(logoutevent.return_value)
def test_logout_invalidates_session(authn_policy):
request = DummyRequest()
request.session["foo"] = "bar"
authn_policy.authenticated_userid.return_value = "acct:[email protected]"
result = AuthController(request).logout()
assert "foo" not in request.session
def test_login_redirects_to_next_param_when_logged_in(authn_policy):
request = DummyRequest(params={'next': '/foo/bar'})
authn_policy.authenticated_userid.return_value = "acct:[email protected]"
with pytest.raises(httpexceptions.HTTPFound) as e:
AuthController(request).login()
assert e.value.location == '/foo/bar'
def test_login_returns_success_when_validation_succeeds(
authn_policy, form_validator):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = None # Logged out
form_validator.return_value = (None, {"user": FakeUser()})
result = AuthController(request).login()
assert result == {}
def test_login_returns_error_when_validation_fails(authn_policy,
form_validator):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = None # Logged out
form_validator.return_value = ({"errors": "KABOOM!"}, None)
result = AuthController(request).login()
assert result == {"errors": "KABOOM!"}
def test_login_redirects_when_validation_succeeds(authn_policy,
form_validator):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = None # Logged out
form_validator.return_value = (None, {"user": FakeUser(username='******')})
result = AuthController(request).login()
assert isinstance(result, httpexceptions.HTTPFound)
def test_login_no_event_when_validation_fails(loginevent, authn_policy,
form_validator, notify):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = None # Logged out
form_validator.return_value = ({"errors": "KABOOM!"}, None)
AuthController(request).login()
assert not loginevent.called
assert not notify.called
def test_login_event_when_validation_succeeds(loginevent, authn_policy,
form_validator, notify):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = None # Logged out
elephant = FakeUser()
form_validator.return_value = (None, {"user": elephant})
AuthController(request).login()
loginevent.assert_called_with(request, elephant)
notify.assert_called_with(loginevent.return_value)
def test_logout_forgets_authenticated_user(authn_policy):
request = DummyRequest()
AuthController(request).logout()
authn_policy.forget.assert_called_with(request)
def test_logout_redirects():
request = DummyRequest()
result = AuthController(request).logout()
assert isinstance(result, httpexceptions.HTTPFound)
def test_login_redirects_when_logged_in(authn_policy):
request = DummyRequest()
authn_policy.authenticated_userid.return_value = "acct:[email protected]"
with pytest.raises(httpexceptions.HTTPFound):
AuthController(request).login()
