def test_delete_account(client: FlaskClient, auth: AuthenticationManager):
auth.login()
data = {'confirmation': 'testuser'}
# Check user is redirected after successful account deletion
response = client.post('/user/testuser/delete', data=data)
assert response.status_code == 302
assert response.headers['location'] == 'http://localhost/'
# Check user is signed out
with client:
response = client.get('/')
assert response.status_code == 200
assert 'username' not in session
# Check user no longer exists
response = client.get('/user/testuser')
assert response.status_code == 404
# Check user's old credentials no longer work
response = auth.login()
assert response.status_code == 200
assert movie.auth.auth.UNKNOWN_USER_MESSAGE.encode() in response.data
def test_delete_account_invalid_input(client: FlaskClient,
auth: AuthenticationManager,
confirmation, message):
auth.login()
data = {'confirmation': confirmation}
response = client.post('/user/testuser/delete', data=data)
assert message.encode() in response.data
def test_change_username_invalid_input(client: FlaskClient,
auth: AuthenticationManager,
new_username, message):
auth.login()
data = {'new_username': new_username}
response = client.post('/user/testuser/username/change',
data=data,
follow_redirects=True)
assert message.encode() in response.data
def test_change_username_unauthorized(client: FlaskClient,
auth: AuthenticationManager):
auth.login()
data = {'new_username': '******'}
response = client.post('/user/testuser2/username/change', data=data)
assert response.status_code == 401
# Check the other user's account is okay
response = client.get('/user/testuser2')
assert response.status_code == 200
def test_delete_account_unauthorized(client: FlaskClient,
auth: AuthenticationManager):
auth.login()
data = {'confirmation': 'testuser'}
response = client.post('/user/testuser2/delete', data=data)
assert response.status_code == 401
# Check the other user's account is okay
response = client.get('/user/testuser2')
assert response.status_code == 200
def test_change_password_unauthorized(client: FlaskClient,
auth: AuthenticationManager):
auth.login()
data = {'current_password': '******', "new_password": "******"}
response = client.post('/user/testuser2/password/change', data=data)
assert response.status_code == 401
# Check the other user's account is okay
response = client.get('/user/testuser2')
assert response.status_code == 200
def test_change_password_invalid_input(client: FlaskClient,
auth: AuthenticationManager,
current_password, new_password,
message):
auth.login()
data = {'current_password': current_password, "new_password": new_password}
# Check user is redirected after a successful password change
response = client.post('/user/testuser/password/change', data=data)
assert message.encode() in response.data
def test_change_username(client: FlaskClient, auth: AuthenticationManager,
username):
auth.login()
data = {'new_username': username}
# Check user is redirected after a successful username change
response = client.post('/user/testuser/username/change',
data=data,
follow_redirects=False)
assert response.status_code == 302
assert response.headers['location'] == f'http://localhost/user/{username}'
# Check old user no longer exists
response = client.get('/user/testuser')
assert response.status_code == 404
def test_change_password(client: FlaskClient, auth: AuthenticationManager):
auth.login()
data = {'current_password': '******', "new_password": "******"}
# Check user is redirected after a successful password change
response = client.post('/user/testuser/password/change', data=data)
assert response.status_code == 302
assert response.headers['location'] == 'http://localhost/user/testuser'
# Check the new credentials work
auth.logout()
with client:
response = auth.login(username='******',
password='******',
follow_redirects=True)
assert response.status_code == 200
assert session['username'] == 'testuser'
def test_login(client: FlaskClient, auth):
response = client.get('/login')
assert response.status_code == 200
response = auth.login()
# Check client is redirected to homepage
assert response.status_code == 302
assert response.headers['location'] == 'http://localhost/'
# Check a session is created
with client:
client.get('/')
assert session['username'] == 'testuser'