def test_valid_submit(self, user, client, security_service, password_resets, outbox, templates): security_service.send_reset_password_instructions(user) token = password_resets[0]['token'] r = client.post('security_controller.reset_password', token=token, data=dict(password='******', password_confirm='new password')) assert r.status_code == 302 assert r.path == '/' # user should be logged in assert current_user == user assert len(outbox) == len(templates) == 2 # first email is for the valid reset request assert templates[0].template.name == \ 'security/email/reset_password_instructions.html' assert templates[0].context.get('reset_link') # second email is to notify of the changed password assert templates[ 1].template.name == 'security/email/password_reset_notice.html' # make sure the password got updated in the database client.logout() assert isinstance(current_user._get_current_object(), AnonymousUser) client.login_with_creds(user.email, 'new password') assert current_user == user
def test_create_confirmable(self, api_client, outbox, templates): r = api_client.post('user_resource.create', data=NEW_USER_DATA) assert r.status_code == 201, r.json assert 'user' in r.json assert 'token' not in r.json assert isinstance(current_user._get_current_object(), AnonymousUser) assert len(outbox) == 1 assert templates[0].template.name == 'security/email/welcome.html' assert templates[0].context.get('confirmation_link')
def test_invalid_token(self, client, registrations, confirmations, outbox, templates, user_manager: UserManager, security_service: SecurityService): user = self.register(user_manager, security_service) assert len(registrations) == 1 r = client.get('security.confirm_email', token='fail') assert r.status_code == 302 assert r.path == url_for('frontend.resend_confirmation_email') assert len(confirmations) == 0 assert len(outbox) == len(templates) == 1 assert templates[0].template.name == 'security/email/welcome.html' assert not user.active assert not user.confirmed_at assert isinstance(current_user._get_current_object(), AnonymousUser)
def test_expired_token(self, client, user, registrations, confirmations, outbox, templates, security_service): security_service.register_user(user) assert len(registrations) == 1 confirm_token = registrations[0]['confirm_token'] r = client.get( url_for('security_controller.confirm_email', token=confirm_token)) assert r.status_code == 302 assert r.path == url_for('security_controller.send_confirmation_email') assert len(confirmations) == 0 assert len(outbox) == len(templates) == 2 assert templates[0].template.name == 'security/email/welcome.html' assert templates[1].template.name == \ 'security/email/email_confirmation_instructions.html' assert templates[1].context.get('confirmation_link') assert not user.active assert not user.confirmed_at assert isinstance(current_user._get_current_object(), AnonymousUser)
def test_html_logout(self, client): client.login_user() r = client.get('admin.logout') assert r.status_code == 302 assert r.path == url_for('frontend.index') assert isinstance(current_user._get_current_object(), AnonymousUser)
def test_api_logout(self, api_client): api_client.login_user() r = api_client.get('security.logout') assert r.status_code == 204 assert isinstance(current_user._get_current_object(), AnonymousUser)
def test_html_get(self, client): client.login_user() r = client.get('security_controller.logout') assert r.status_code == 302 assert r.path == url_for('SECURITY_POST_LOGOUT_REDIRECT_ENDPOINT') assert isinstance(current_user._get_current_object(), AnonymousUser)