def test_good_login(app): url = phase2_url + 'login/' init_data(app.application.redis) rv = app.post(url, data={'username': '******', 'password': '******'}) assert rv.status_code == 303 assert 'session=' in rv.headers.get('Set-Cookie') assert 'dashboard' in rv.headers.get('Location') rv = app.post(url, data={'username': '******', 'password': admin_password}) assert rv.status_code == 303 assert 'session=' in rv.headers.get('Set-Cookie') assert 'dashboard' in rv.headers.get('Location')
def test_bad_login(app): url = phase2_url + 'login/' init_data(app.application.redis) rv = app.post(url) assert 'dashboard' not in rv.headers.get('Location') assert rv.status_code == 303 rv = app.post(url, data={'username': '******', 'password': '******'}) assert 'dashboard' not in rv.headers.get('Location') assert rv.status_code == 303 rv = app.post(url, data={'username': '******'}) assert 'dashboard' not in rv.headers.get('Location') assert rv.status_code == 303 rv = app.post(url, data={'username': '******', 'password': '******'}) assert 'dashboard' not in rv.headers.get('Location') assert rv.status_code == 303
def test_post_405(app): """Be sure this returns 405, instead of 404 or 403.""" for url in ('', 'dashboard/', 'dashboard/test/1/', 'dashboard/abc/def/'): rv = app.post(phase2_url + url) assert rv.status_code == 405