def test_get_signout(self):
""" Verify users can sign out. """
user = add_user(USERNAME, EMAIL, PASSWORD)
with self.client:
token = get_jwt(self.client, user.email)
response = self.client.get(
'/auth/signout', headers={'Authorization': 'Bearer ' + token})
data = json.loads(response.data.decode())
self.assertEqual(data['status'], 'success')
self.assertEqual(data['message'],
'{email} signed out.'.format(email=user.email))
self.assert200(response)
def test_get_signout_user_with_expired_token(self):
""" Verify signing out a user with an expired token throws an error. """
user = add_user(USERNAME, EMAIL, PASSWORD)
with self.client:
token = get_jwt(self.client, user.email)
time.sleep(4)
response = self.client.get(
'/auth/signout', headers={'Authorization': 'Bearer ' + token})
data = json.loads(response.data.decode())
self.assertEqual(data['status'], 'error')
self.assertEqual(data['message'],
'Signature expired. Signin again.')
self.assert401(response)
def test_get_profile_inactive_user(self):
""" Verify getting the profile of an inactive user throws an error. """
user = add_user(USERNAME, EMAIL, PASSWORD)
user.active = False
db.session.commit()
with self.client:
token = get_jwt(self.client, user.email)
response = self.client.get(
'/auth/profile', headers={'Authorization': 'Bearer ' + token})
data = json.loads(response.data.decode())
self.assertEqual(data['status'], 'error')
self.assertEqual(data['message'],
'Something went wrong. Please contact us.')
self.assert401(response)
def test_post_users_empty(self):
""" Verify adding an empty user throws an error. """
admin = add_admin()
with self.client:
token = get_jwt(self.client, admin.email)
response = self.client.post(
'/users',
data=json.dumps({}),
content_type='application/json',
headers={'Authorization': 'Bearer ' + token})
data = json.loads(response.data.decode())
self.assertEqual(data['status'], 'error')
self.assertEqual(data['message'], 'Invalid payload.')
self.assertEqual(response.content_type, 'application/json')
self.assert400(response)
def test_get_profile(self):
""" Verify user can get profile with valid token. """
user = add_user(USERNAME, EMAIL, PASSWORD)
with self.client:
token = get_jwt(self.client, user.email)
response = self.client.get(
'/auth/profile', headers={'Authorization': 'Bearer ' + token})
data = json.loads(response.data.decode())
self.assertEqual(data['status'], 'success')
self.assertEqual(
data['message'],
"Fetched {email}'s profile data.".format(email=user.email))
self.assertEqual(data['data']['username'], user.username)
self.assertEqual(data['data']['email'], user.email)
self.assertTrue(data['data']['active'])
self.assertTrue(data['data']['created_at'])
self.assert200(response)
def test_post_users_with_not_admin_user_token(self):
""" Verify non admins cannot add a new user. """
user = add_user(USERNAME, EMAIL, 'password')
with self.client:
token = get_jwt(self.client, user.email)
response = self.client.post(
'/users',
data=json.dumps({
'username': '******',
'email': EMAIL2,
'password': PASSWORD
}),
content_type='application/json',
headers={'Authorization': 'Bearer ' + token})
data = json.loads(response.data.decode())
self.assertEqual(data['status'], 'error')
self.assertEqual(data['message'],
'You do not have permission to do that.')
self.assert401(response)
def test_post_users(self):
""" Verify POST request to /users adds a new user to the database. """
admin = add_admin()
with self.client:
token = get_jwt(self.client, admin.email)
response = self.client.post(
'/users',
data=json.dumps({
'username': USERNAME,
'email': EMAIL,
'password': PASSWORD
}),
content_type='application/json',
headers={'Authorization': 'Bearer ' + token})
data = json.loads(response.data.decode())
self.assertEqual(data['status'], 'success')
self.assertEqual(data['message'],
'{email} was added!'.format(email=EMAIL))
self.assertEqual(response.content_type, 'application/json')
self.assertEqual(response.status_code, 201)
def test_post_users_duplicate_email(self):
""" Verify adding a user with a duplicate email throws an error. """
admin = add_admin()
user = add_user(USERNAME, EMAIL, PASSWORD)
with self.client:
token = get_jwt(self.client, admin.email)
response = self.client.post(
'/users',
data=json.dumps({
'username': USERNAME2,
'email': user.email,
'password': PASSWORD
}),
content_type='application/json',
headers={'Authorization': 'Bearer ' + token})
data = json.loads(response.data.decode())
self.assertEqual(data['status'], 'error')
self.assertEqual(data['message'], 'User already exists.')
self.assertEqual(response.content_type, 'application/json')
self.assert400(response)
def test_post_users_inactive_user(self):
""" Verify adding an inactive user throws an error. """
user = add_user(USERNAME, EMAIL, PASSWORD)
user.active = False
db.session.commit()
with self.client:
token = get_jwt(self.client, user.email)
response = self.client.post(
'/users',
data=json.dumps({
'username': USERNAME2,
'email': EMAIL2,
'password': PASSWORD
}),
content_type='application/json',
headers={'Authorization': 'Bearer ' + token})
data = json.loads(response.data.decode())
self.assertEqual(data['status'], 'error')
self.assertEqual(data['message'],
'Something went wrong. Please contact us.')
self.assert401(response)