def test_login_incorrect_password(self): with self.app as client: client.get('/login') client.post('/login', data=dict( username=self.username, password='******', _csrf_token=session.get('_csrf_token'))) self.assertFalse(session.get('current_user'))
def test_login_correct(self): with self.app as client: client.get('/login') client.post('/login', data=dict( username=self.username, password=self.password, _csrf_token=session.get('_csrf_token')), follow_redirects=True) self.assertTrue(session.get('current_user'))
def test_login_registration_not_confirmed(self): """Temp users cannot login""" registered = Registration.query.filter_by(username="******").first() self.assertTrue(registered) with self.app as client: client.get('/login') client.post('/login', data=dict( username='******', password=self.password, _csrf_token=session.get('_csrf_token'))) self.assertFalse(session.get('current_user'))
def test_add_view_post_not_logged_in(self): self.setup_posts() with self.app as client: client.get('/login') client.post("/add", data=dict( title="Perl", body="Perl Body Text", _csrf_token=session.get('_csrf_token')), follow_redirects=True) current_user = session.get('current_user') self.assertFalse(current_user) posts = Post.query.filter_by(title="Perl").all() #Post does not contain posting self.assertFalse(posts)
def test_login_post_forbidden(self): """Prevents non-CSRF access""" with self.app as client: client.get('/login') client.post('/login', data=dict( username=self.username, password=self.password), follow_redirects=True) self.assertIsNone(session.get('current_user'))
def test_registration_post_registered_username(self): with self.app as client: client.get('/register') client.post('/register', data=dict( email=self.registrant['email'], username='******', password=self.registrant['password'], _csrf_token=session.get('_csrf_token'), follow_redirects=True)) registered = Registration.query.filter_by( email=self.registrant['email']).first() self.assertIsNone(registered)
def test_registration_post_author_email(self): with self.app as client: client.get('/register') client.post('/register', data=dict( email='*****@*****.**', username=self.registrant['username'], password=self.registrant['password'], _csrf_token=session.get('_csrf_token'), follow_redirects=True)) registered = Registration.query.filter_by( username=self.registrant['username']).first() self.assertIsNone(registered)
def test_add_view_post_not_confirmed(self): registered = Registration.query.filter_by(username="******").first() self.assertTrue(registered) self.setup_posts() with self.app as client: client.post("/add", data=dict( title="Perl", body="Perl Body Text"), follow_redirects=True) self.assertFalse(session.get('current_user')) posts = Post.query.filter_by(title="Perl").all() #Post does not contain posting self.assertFalse(posts)
def test_add_view_post_logged_in(self): self.setup_posts() title = "Perl" body = "Perl Body Text" with self.app as client: client.get('/login') # pdb.set_trace() client.post('/login', data=dict( username=self.username, password=self.password, _csrf_token=session.get('_csrf_token')), follow_redirects=True) client.post("/add", data=dict( title=title, body=body, _csrf_token=session.get('_csrf_token')), follow_redirects=True) current_user = session.get('current_user') #Check user logged in self.assertTrue(current_user) #Check Latest Post latest = Post.query.order_by(Post.pub_date.desc()).first() self.assertEqual(latest.title, title) self.assertEqual(latest.body, body)
def test_login_empty(self): with self.app as client: client.get('/login') client.post('/login', data=dict( _csrf_token=session.get('_csrf_token'))) self.assertFalse(session.get('current_user'))