def test_invalid_refresh_token(self, auth_api_client):
response = auth_api_client.post(self.test_logout_url,
{'refreshToken': 'invalid_token'})
assert response.status_code == status.HTTP_401_UNAUTHORIZED
assert_error_code(
response_json=response.json(),
code=AccountsErrorCodes.INVALID_REFRESH_TOKEN.code,
)
def test_email_confirmation_request_unexistent_user(self, api_client):
response = api_client.post(self.email_confirmation_request_url,
data={'user': '******'})
assert response.status_code == status.HTTP_404_NOT_FOUND
assert_error_code(
response_json=response.json(),
code=AccountsErrorCodes.USER_NOT_FOUND.code,
)
def test_email_confirmation_invalid_token(self, api_client):
response = api_client.post(self.email_confirmation_url,
data={'token': 'anything'})
assert response.status_code == status.HTTP_401_UNAUTHORIZED
assert_error_code(
response_json=response.json(),
code=AccountsErrorCodes.INVALID_TOKEN.code,
)
def test_email_confirmation_request_email_verified_email(
self, api_client, test_user):
response = api_client.post(self.email_confirmation_request_url,
data={'user': test_user.email})
assert response.status_code == status.HTTP_400_BAD_REQUEST
assert_error_code(
response_json=response.json(),
code=AccountsResponses.EMAIL_VERIFIED['code'],
)
def test_invalid_token(self, api_client):
allow(SessionService).process_facebook_token.and_raise(
AccountsErrorCodes.INVALID_FACEBOOK_ACCESS_TOKEN)
login_data = {'accessToken': 'invalid_token'}
response = api_client.post(self.facebook_login_url, login_data)
assert response.status_code == status.HTTP_401_UNAUTHORIZED
assert_error_code(
response_json=response.json(),
code=AccountsErrorCodes.INVALID_FACEBOOK_ACCESS_TOKEN.code,
)
def test_invalid_token(self, api_client):
allow(SessionService).process_google_token.and_raise(AccountsErrorCodes.INVALID_GOOGLE_TOKEN_ID)
login_data = {'token': 'valid_token'}
response = api_client.post(self.google_login_url, login_data)
assert response.status_code == status.HTTP_401_UNAUTHORIZED
assert_error_code(
response_json=response.json(),
code=AccountsErrorCodes.INVALID_GOOGLE_TOKEN_ID.code,
)
def test_reset_password_non_existent_user(self, api_client):
response = api_client.post(
self.reset_password_url,
data={'user': '******'},
)
assert response.status_code == status.HTTP_404_NOT_FOUND
assert_error_code(
response_json=response.json(),
code=AccountsErrorCodes.USER_NOT_FOUND.code,
)
def test_confirm_reset_password__invalid_token(self, api_client):
response = api_client.post(
self.confirm_reset_password_url,
data={
'token': 'anything',
'password': '******'
},
)
assert response.status_code == status.HTTP_401_UNAUTHORIZED
assert_error_code(
response_json=response.json(),
code=AccountsErrorCodes.INVALID_TOKEN.code,
)
def test_change_password__password_mismatch(self, auth_api_client):
data = {
'password': TEST_PASSWORD,
'newPassword': '******',
'confirmPassword': '******',
}
response = auth_api_client.put(self.password_url,
data,
is_authenticated=True)
assert response.status_code == status.HTTP_400_BAD_REQUEST
assert_error_code(
response_json=response.json(),
code=AccountsErrorCodes.PASSWORD_MISTMATCH.code,
)
def test_set_password__password_mismatch(self, auth_api_client, test_user):
test_user.password = '******' # noqa
test_user.save()
data = {
'password': self.new_test_password,
'confirmPassword': '******'
}
response = auth_api_client.post(self.password_url, data)
assert response.status_code == status.HTTP_400_BAD_REQUEST
assert_error_code(
response_json=response.json(),
code=AccountsErrorCodes.PASSWORD_MISTMATCH.code,
)