def test_login_inactive(user, extended_app): """Log in inactive user.""" assert is_user_logged(extended_app) is False authenticate(extended_app) assert is_user_logged(extended_app) is True
def test_login_redirect(afterlogin_app): # pylint:disable=redefined-outer-name """Log in and test redirect from AfterLogIn.""" assert is_user_logged(afterlogin_app) is False res = authenticate(afterlogin_app) assert res.location == EVENT_URL.format(AfterLogIn) assert is_user_logged(afterlogin_app) is True
def test_login_redirect(active_user, afterlogin_app): """Log in and test redirect from AfterLogIn.""" assert is_user_logged(afterlogin_app) is False res = authenticate(afterlogin_app) assert res.location == EVENT_URL.format(AfterLogIn) assert is_user_logged(afterlogin_app) is True
def test_login_remember(active_user, extended_app): """Login user and mark remember me field.""" res = extended_app.get('/login') assert is_user_logged(extended_app) is False res = authenticate(extended_app, remember=True) assert is_user_logged(extended_app) is True assert 'Max-Age=' in str(res)
def test_logout(active_user, extended_app): # pylint:disable=unused-argument """Check logout action.""" authenticate(extended_app) assert is_user_logged(extended_app) is True extended_app.get('/logout', status=303) assert is_user_logged(extended_app) is False res = extended_app.get('/secret', status=302) assert res.status_code == 302
def test_login_ok(active_user, extended_app, email): """Actually log in test.""" res = extended_app.get('/secret', status=302) res = res.follow() res = extended_app.get('/login?after=%2Fsecret') assert is_user_logged(extended_app) is False res = authenticate(extended_app, email=email) assert 'Max-Age=' not in str(res) assert is_user_logged(extended_app) is True
def test_logout_login(active_user, extended_config, extended_app): # pylint:disable=unused-argument """Check logout action with configured logout redirection.""" extended_config.registry['config'].fullauth.redirects.logout = 'login' authenticate(extended_app) assert is_user_logged(extended_app) is True res = extended_app.get('/logout', status=303) assert is_user_logged(extended_app) is False # redirection should be done to login page. assert '/login' in res.location res = extended_app.get('/secret', status=302) assert res.status_code == 302
def test_login_success_xhr(active_user, extended_app): """Test xhr authentication.""" res = extended_app.get('/login') post_data = { 'email': DEFAULT_USER['email'], 'password': DEFAULT_USER['password'], 'csrf_token': res.form['csrf_token'].value } extended_app.get('/secret', status=302) res = extended_app.post('/login?after=%2Fsecret', post_data, xhr=True, expect_errors=True) assert res.content_type == 'application/json' assert res.json['status'] is True assert 'after' in res.json assert is_user_logged(extended_app) is True # second call res = extended_app.post('/login?after=%2Fsecret', post_data, xhr=True, expect_errors=True) assert res.json['status'] is True assert res.json['msg'] == 'Already logged in!'
def test_login_csrf_error(active_user, extended_app, post_data): """Try to log in with erroneus csrf token.""" res = extended_app.get('/login', status=200) assert res res = extended_app.post('/login', post_data, status=401) assert is_user_logged(extended_app) is False
def test_login_redirects(active_user, extended_app): """Login with redirects.""" res = extended_app.get('/secret', status=302) assert res.status_code == 302 res = res.follow() res.form['email'] = DEFAULT_USER['email'] res.form['password'] = DEFAULT_USER['password'] res = res.form.submit() assert is_user_logged(extended_app) is True assert res.status_code == 303
def test_login_invalid_cookie(db_session, active_user, extended_app): """Test access login page by deleted user.""" res = authenticate(extended_app) assert 'Max-Age=' not in str(res) assert is_user_logged(extended_app) is True db_session.delete(active_user) transaction.commit() # will rise Attribute error res = extended_app.get('/login') assert res.status_code == 200, "Should stay since user is no longer valid!"
def test_login_invalid_cookie(db_session, active_user, extended_app): """Test access login page by deleted user.""" res = authenticate(extended_app) assert "Max-Age=" not in str(res) assert is_user_logged(extended_app) is True db_session.delete(active_user) transaction.commit() # will rise Attribute error res = extended_app.get("/login") assert res.status_code == 200, "Should stay since user is no longer valid!"
def test_error_afterlogin(afterloginerror_app): # pylint:disable=redefined-outer-name """Test errors from BeforeLogIn event.""" res = afterloginerror_app.get('/login') post_data = { 'email': DEFAULT_USER['email'], 'password': DEFAULT_USER['password'], 'csrf_token': res.form['csrf_token'].value } res = afterloginerror_app.post('/login', post_data, xhr=True) assert res.json['status'] is False assert res.json['msg'] == 'AfterLogIn' assert is_user_logged(afterloginerror_app) is False
def test_error_afterlogin(active_user, afterloginerror_app): """Test errors from BeforeLogIn event.""" res = afterloginerror_app.get('/login') post_data = { 'email': DEFAULT_USER['email'], 'password': DEFAULT_USER['password'], 'csrf_token': res.form['csrf_token'].value } res = afterloginerror_app.post('/login', post_data, xhr=True) assert res.json['status'] is False assert res.json['msg'] == 'AfterLogIn' assert is_user_logged(afterloginerror_app) is False
def test_error_afterlogin(afterloginerror_app): # pylint:disable=redefined-outer-name """Test errors from BeforeLogIn event.""" res = afterloginerror_app.get("/login") post_data = { "email": DEFAULT_USER["email"], "password": DEFAULT_USER["password"], "csrf_token": res.form["csrf_token"].value, } res = afterloginerror_app.post("/login", post_data, xhr=True) assert res.json["status"] is False assert res.json["msg"] == "AfterLogIn" assert is_user_logged(afterloginerror_app) is False
def test_account_activation(user, db_session, default_app): """Activate user.""" user = db_session.merge(user) default_app.get('/register/activate/' + user.activate_key) transaction.commit() user = db_session.query(User).filter(User.email == user.email).one() assert not user.activate_key assert user.is_active assert user.activated_at authenticate(default_app) assert is_user_logged(default_app) is True
def test_afteractivate(user, db_session, afteractivate_app): """Activate user adn check redirect through AfterActivate.""" user = db_session.merge(user) res = afteractivate_app.get('/register/activate/' + user.activate_key) assert res.location == EVENT_URL.format(AfterActivate) transaction.commit() user = db_session.query(User).filter(User.email == user.email).one() assert not user.activate_key assert user.is_active assert user.activated_at authenticate(afteractivate_app) assert is_user_logged(afteractivate_app) is True
def test_afteractivate(user, db_session, afteractivate_app): # pylint:disable=redefined-outer-name """Activate user adn check redirect through AfterActivate.""" user = db_session.merge(user) res = afteractivate_app.get('/register/activate/' + user.activate_key) assert res.location == EVENT_URL.format(AfterActivate) transaction.commit() user = db_session.query(User).filter(User.email == user.email).one() assert not user.activate_key assert user.is_active assert user.activated_at authenticate(afteractivate_app) assert is_user_logged(afteractivate_app) is True