forked from mirrors/bookwyrm
Fixes authentication tests
This commit is contained in:
parent
a2d7a97dc3
commit
65fa08633f
2 changed files with 71 additions and 47 deletions
|
@ -6,6 +6,7 @@ from django.core.exceptions import PermissionDenied
|
||||||
from django.http.response import Http404
|
from django.http.response import Http404
|
||||||
from django.template.response import TemplateResponse
|
from django.template.response import TemplateResponse
|
||||||
from django.test import TestCase
|
from django.test import TestCase
|
||||||
|
from django.test.client import RequestFactory
|
||||||
|
|
||||||
from bookwyrm import models, views
|
from bookwyrm import models, views
|
||||||
from bookwyrm.settings import DOMAIN
|
from bookwyrm.settings import DOMAIN
|
||||||
|
@ -14,26 +15,40 @@ from bookwyrm.settings import DOMAIN
|
||||||
# pylint: disable=too-many-public-methods
|
# pylint: disable=too-many-public-methods
|
||||||
class AuthenticationViews(TestCase):
|
class AuthenticationViews(TestCase):
|
||||||
''' login and password management '''
|
''' login and password management '''
|
||||||
def test_login_page(self):
|
def setUp(self):
|
||||||
|
''' we need basic test data and mocks '''
|
||||||
|
self.factory = RequestFactory()
|
||||||
|
self.local_user = models.User.objects.create_user(
|
||||||
|
'mouse@local.com', 'mouse@mouse.com', 'password',
|
||||||
|
local=True, localname='mouse')
|
||||||
|
self.anonymous_user = AnonymousUser
|
||||||
|
self.anonymous_user.is_authenticated = False
|
||||||
|
self.settings = models.SiteSettings.objects.create(id=1)
|
||||||
|
|
||||||
|
def test_login_get(self):
|
||||||
''' there are so many views, this just makes sure it LOADS '''
|
''' there are so many views, this just makes sure it LOADS '''
|
||||||
|
login = views.Login.as_view()
|
||||||
request = self.factory.get('')
|
request = self.factory.get('')
|
||||||
request.user = AnonymousUser
|
request.user = self.anonymous_user
|
||||||
result = views.Login.get(request)
|
|
||||||
|
result = login(request)
|
||||||
self.assertIsInstance(result, TemplateResponse)
|
self.assertIsInstance(result, TemplateResponse)
|
||||||
self.assertEqual(result.template_name, 'login.html')
|
self.assertEqual(result.template_name, 'login.html')
|
||||||
self.assertEqual(result.status_code, 200)
|
self.assertEqual(result.status_code, 200)
|
||||||
|
|
||||||
request.user = self.local_user
|
request.user = self.local_user
|
||||||
result = views.Login.get(request)
|
result = login(request)
|
||||||
self.assertEqual(result.url, '/')
|
self.assertEqual(result.url, '/')
|
||||||
self.assertEqual(result.status_code, 302)
|
self.assertEqual(result.status_code, 302)
|
||||||
|
|
||||||
|
|
||||||
def test_password_reset_request(self):
|
def test_password_reset_request(self):
|
||||||
''' there are so many views, this just makes sure it LOADS '''
|
''' there are so many views, this just makes sure it LOADS '''
|
||||||
|
view = views.PasswordResetRequest.as_view()
|
||||||
request = self.factory.get('')
|
request = self.factory.get('')
|
||||||
request.user = self.local_user
|
request.user = self.local_user
|
||||||
result = views.PasswordResetRequest.get(request)
|
|
||||||
|
result = view(request)
|
||||||
self.assertIsInstance(result, TemplateResponse)
|
self.assertIsInstance(result, TemplateResponse)
|
||||||
self.assertEqual(result.template_name, 'password_reset_request.html')
|
self.assertEqual(result.template_name, 'password_reset_request.html')
|
||||||
self.assertEqual(result.status_code, 200)
|
self.assertEqual(result.status_code, 200)
|
||||||
|
@ -42,13 +57,13 @@ class AuthenticationViews(TestCase):
|
||||||
def test_password_reset_request_post(self):
|
def test_password_reset_request_post(self):
|
||||||
''' send 'em an email '''
|
''' send 'em an email '''
|
||||||
request = self.factory.post('', {'email': 'aa@bb.ccc'})
|
request = self.factory.post('', {'email': 'aa@bb.ccc'})
|
||||||
resp = views.PasswordReset.post_request(request)
|
view = views.PasswordResetRequest.as_view()
|
||||||
|
resp = view(request)
|
||||||
self.assertEqual(resp.status_code, 302)
|
self.assertEqual(resp.status_code, 302)
|
||||||
|
|
||||||
request = self.factory.post(
|
request = self.factory.post('', {'email': 'mouse@mouse.com'})
|
||||||
'', {'email': 'mouse@mouse.com'})
|
|
||||||
with patch('bookwyrm.emailing.send_email.delay'):
|
with patch('bookwyrm.emailing.send_email.delay'):
|
||||||
resp = views.PasswordReset.post_request(request)
|
resp = view(request)
|
||||||
self.assertEqual(resp.template_name, 'password_reset_request.html')
|
self.assertEqual(resp.template_name, 'password_reset_request.html')
|
||||||
|
|
||||||
self.assertEqual(
|
self.assertEqual(
|
||||||
|
@ -56,10 +71,11 @@ class AuthenticationViews(TestCase):
|
||||||
|
|
||||||
def test_password_reset(self):
|
def test_password_reset(self):
|
||||||
''' there are so many views, this just makes sure it LOADS '''
|
''' there are so many views, this just makes sure it LOADS '''
|
||||||
|
view = views.PasswordReset.as_view()
|
||||||
code = models.PasswordReset.objects.create(user=self.local_user)
|
code = models.PasswordReset.objects.create(user=self.local_user)
|
||||||
request = self.factory.get('')
|
request = self.factory.get('')
|
||||||
request.user = AnonymousUser
|
request.user = self.anonymous_user
|
||||||
result = views.PasswordReset.get(request, code.code)
|
result = view(request, code.code)
|
||||||
self.assertIsInstance(result, TemplateResponse)
|
self.assertIsInstance(result, TemplateResponse)
|
||||||
self.assertEqual(result.template_name, 'password_reset.html')
|
self.assertEqual(result.template_name, 'password_reset.html')
|
||||||
self.assertEqual(result.status_code, 200)
|
self.assertEqual(result.status_code, 200)
|
||||||
|
@ -67,45 +83,46 @@ class AuthenticationViews(TestCase):
|
||||||
|
|
||||||
def test_password_reset_post(self):
|
def test_password_reset_post(self):
|
||||||
''' reset from code '''
|
''' reset from code '''
|
||||||
|
view = views.PasswordReset.as_view()
|
||||||
code = models.PasswordReset.objects.create(user=self.local_user)
|
code = models.PasswordReset.objects.create(user=self.local_user)
|
||||||
request = self.factory.post('', {
|
request = self.factory.post('', {
|
||||||
'reset-code': code.code,
|
|
||||||
'password': 'hi',
|
'password': 'hi',
|
||||||
'confirm-password': 'hi'
|
'confirm-password': 'hi'
|
||||||
})
|
})
|
||||||
with patch('bookwyrm.views.Login.get'):
|
with patch('bookwyrm.views.password.login'):
|
||||||
resp = views.PasswordReset.post(request)
|
resp = view(request, code.code)
|
||||||
self.assertEqual(resp.status_code, 302)
|
self.assertEqual(resp.status_code, 302)
|
||||||
self.assertFalse(models.PasswordReset.objects.exists())
|
self.assertFalse(models.PasswordReset.objects.exists())
|
||||||
|
|
||||||
def test_password_reset_wrong_code(self):
|
def test_password_reset_wrong_code(self):
|
||||||
''' reset from code '''
|
''' reset from code '''
|
||||||
|
view = views.PasswordReset.as_view()
|
||||||
models.PasswordReset.objects.create(user=self.local_user)
|
models.PasswordReset.objects.create(user=self.local_user)
|
||||||
request = self.factory.post('', {
|
request = self.factory.post('', {
|
||||||
'reset-code': 'jhgdkfjgdf',
|
|
||||||
'password': 'hi',
|
'password': 'hi',
|
||||||
'confirm-password': 'hi'
|
'confirm-password': 'hi'
|
||||||
})
|
})
|
||||||
resp = views.PasswordReset.post(request)
|
resp = view(request, 'jhgdkfjgdf')
|
||||||
self.assertEqual(resp.template_name, 'password_reset.html')
|
self.assertEqual(resp.template_name, 'password_reset.html')
|
||||||
self.assertTrue(models.PasswordReset.objects.exists())
|
self.assertTrue(models.PasswordReset.objects.exists())
|
||||||
|
|
||||||
def test_password_reset_mismatch(self):
|
def test_password_reset_mismatch(self):
|
||||||
''' reset from code '''
|
''' reset from code '''
|
||||||
|
view = views.PasswordReset.as_view()
|
||||||
code = models.PasswordReset.objects.create(user=self.local_user)
|
code = models.PasswordReset.objects.create(user=self.local_user)
|
||||||
request = self.factory.post('', {
|
request = self.factory.post('', {
|
||||||
'reset-code': code.code,
|
|
||||||
'password': 'hi',
|
'password': 'hi',
|
||||||
'confirm-password': 'hihi'
|
'confirm-password': 'hihi'
|
||||||
})
|
})
|
||||||
resp = views.PasswordReset.post(request)
|
resp = view(request, code.code)
|
||||||
self.assertEqual(resp.template_name, 'password_reset.html')
|
self.assertEqual(resp.template_name, 'password_reset.html')
|
||||||
self.assertTrue(models.PasswordReset.objects.exists())
|
self.assertTrue(models.PasswordReset.objects.exists())
|
||||||
|
|
||||||
|
|
||||||
def test_register(self):
|
def test_register(self):
|
||||||
''' create a user '''
|
''' create a user '''
|
||||||
self.assertEqual(models.User.objects.count(), 2)
|
view = views.Register.as_view()
|
||||||
|
self.assertEqual(models.User.objects.count(), 1)
|
||||||
request = self.factory.post(
|
request = self.factory.post(
|
||||||
'register/',
|
'register/',
|
||||||
{
|
{
|
||||||
|
@ -113,9 +130,9 @@ class AuthenticationViews(TestCase):
|
||||||
'password': 'mouseword',
|
'password': 'mouseword',
|
||||||
'email': 'aa@bb.cccc'
|
'email': 'aa@bb.cccc'
|
||||||
})
|
})
|
||||||
with patch('bookwyrm.views.Login.get'):
|
with patch('bookwyrm.views.authentication.login'):
|
||||||
response = views.Register.post(request)
|
response = view(request)
|
||||||
self.assertEqual(models.User.objects.count(), 3)
|
self.assertEqual(models.User.objects.count(), 2)
|
||||||
self.assertEqual(response.status_code, 302)
|
self.assertEqual(response.status_code, 302)
|
||||||
nutria = models.User.objects.last()
|
nutria = models.User.objects.last()
|
||||||
self.assertEqual(nutria.username, 'nutria-user.user_nutria@%s' % DOMAIN)
|
self.assertEqual(nutria.username, 'nutria-user.user_nutria@%s' % DOMAIN)
|
||||||
|
@ -124,6 +141,7 @@ class AuthenticationViews(TestCase):
|
||||||
|
|
||||||
def test_register_trailing_space(self):
|
def test_register_trailing_space(self):
|
||||||
''' django handles this so weirdly '''
|
''' django handles this so weirdly '''
|
||||||
|
view = views.Register.as_view()
|
||||||
request = self.factory.post(
|
request = self.factory.post(
|
||||||
'register/',
|
'register/',
|
||||||
{
|
{
|
||||||
|
@ -131,9 +149,9 @@ class AuthenticationViews(TestCase):
|
||||||
'password': 'mouseword',
|
'password': 'mouseword',
|
||||||
'email': 'aa@bb.ccc'
|
'email': 'aa@bb.ccc'
|
||||||
})
|
})
|
||||||
with patch('bookwyrm.views.Login.get'):
|
with patch('bookwyrm.views.authentication.login'):
|
||||||
response = views.Register.post(request)
|
response = view(request)
|
||||||
self.assertEqual(models.User.objects.count(), 3)
|
self.assertEqual(models.User.objects.count(), 2)
|
||||||
self.assertEqual(response.status_code, 302)
|
self.assertEqual(response.status_code, 302)
|
||||||
nutria = models.User.objects.last()
|
nutria = models.User.objects.last()
|
||||||
self.assertEqual(nutria.username, 'nutria@%s' % DOMAIN)
|
self.assertEqual(nutria.username, 'nutria@%s' % DOMAIN)
|
||||||
|
@ -142,7 +160,8 @@ class AuthenticationViews(TestCase):
|
||||||
|
|
||||||
def test_register_invalid_email(self):
|
def test_register_invalid_email(self):
|
||||||
''' gotta have an email '''
|
''' gotta have an email '''
|
||||||
self.assertEqual(models.User.objects.count(), 2)
|
view = views.Register.as_view()
|
||||||
|
self.assertEqual(models.User.objects.count(), 1)
|
||||||
request = self.factory.post(
|
request = self.factory.post(
|
||||||
'register/',
|
'register/',
|
||||||
{
|
{
|
||||||
|
@ -150,13 +169,14 @@ class AuthenticationViews(TestCase):
|
||||||
'password': 'mouseword',
|
'password': 'mouseword',
|
||||||
'email': 'aa'
|
'email': 'aa'
|
||||||
})
|
})
|
||||||
response = views.Register.post(request)
|
response = view(request)
|
||||||
self.assertEqual(models.User.objects.count(), 2)
|
self.assertEqual(models.User.objects.count(), 1)
|
||||||
self.assertEqual(response.template_name, 'login.html')
|
self.assertEqual(response.template_name, 'login.html')
|
||||||
|
|
||||||
def test_register_invalid_username(self):
|
def test_register_invalid_username(self):
|
||||||
''' gotta have an email '''
|
''' gotta have an email '''
|
||||||
self.assertEqual(models.User.objects.count(), 2)
|
view = views.Register.as_view()
|
||||||
|
self.assertEqual(models.User.objects.count(), 1)
|
||||||
request = self.factory.post(
|
request = self.factory.post(
|
||||||
'register/',
|
'register/',
|
||||||
{
|
{
|
||||||
|
@ -164,8 +184,8 @@ class AuthenticationViews(TestCase):
|
||||||
'password': 'mouseword',
|
'password': 'mouseword',
|
||||||
'email': 'aa@bb.ccc'
|
'email': 'aa@bb.ccc'
|
||||||
})
|
})
|
||||||
response = views.Register.post(request)
|
response = view(request)
|
||||||
self.assertEqual(models.User.objects.count(), 2)
|
self.assertEqual(models.User.objects.count(), 1)
|
||||||
self.assertEqual(response.template_name, 'login.html')
|
self.assertEqual(response.template_name, 'login.html')
|
||||||
|
|
||||||
request = self.factory.post(
|
request = self.factory.post(
|
||||||
|
@ -175,8 +195,8 @@ class AuthenticationViews(TestCase):
|
||||||
'password': 'mouseword',
|
'password': 'mouseword',
|
||||||
'email': 'aa@bb.ccc'
|
'email': 'aa@bb.ccc'
|
||||||
})
|
})
|
||||||
response = views.Register.post(request)
|
response = view(request)
|
||||||
self.assertEqual(models.User.objects.count(), 2)
|
self.assertEqual(models.User.objects.count(), 1)
|
||||||
self.assertEqual(response.template_name, 'login.html')
|
self.assertEqual(response.template_name, 'login.html')
|
||||||
|
|
||||||
request = self.factory.post(
|
request = self.factory.post(
|
||||||
|
@ -186,13 +206,14 @@ class AuthenticationViews(TestCase):
|
||||||
'password': 'mouseword',
|
'password': 'mouseword',
|
||||||
'email': 'aa@bb.ccc'
|
'email': 'aa@bb.ccc'
|
||||||
})
|
})
|
||||||
response = views.Register.post(request)
|
response = view(request)
|
||||||
self.assertEqual(models.User.objects.count(), 2)
|
self.assertEqual(models.User.objects.count(), 1)
|
||||||
self.assertEqual(response.template_name, 'login.html')
|
self.assertEqual(response.template_name, 'login.html')
|
||||||
|
|
||||||
|
|
||||||
def test_register_closed_instance(self):
|
def test_register_closed_instance(self):
|
||||||
''' you can't just register '''
|
''' you can't just register '''
|
||||||
|
view = views.Register.as_view()
|
||||||
self.settings.allow_registration = False
|
self.settings.allow_registration = False
|
||||||
self.settings.save()
|
self.settings.save()
|
||||||
request = self.factory.post(
|
request = self.factory.post(
|
||||||
|
@ -203,10 +224,11 @@ class AuthenticationViews(TestCase):
|
||||||
'email': 'aa@bb.ccc'
|
'email': 'aa@bb.ccc'
|
||||||
})
|
})
|
||||||
with self.assertRaises(PermissionDenied):
|
with self.assertRaises(PermissionDenied):
|
||||||
views.Register.post(request)
|
view(request)
|
||||||
|
|
||||||
def test_register_invite(self):
|
def test_register_invite(self):
|
||||||
''' you can't just register '''
|
''' you can't just register '''
|
||||||
|
view = views.Register.as_view()
|
||||||
self.settings.allow_registration = False
|
self.settings.allow_registration = False
|
||||||
self.settings.save()
|
self.settings.save()
|
||||||
models.SiteInvite.objects.create(
|
models.SiteInvite.objects.create(
|
||||||
|
@ -221,9 +243,9 @@ class AuthenticationViews(TestCase):
|
||||||
'email': 'aa@bb.ccc',
|
'email': 'aa@bb.ccc',
|
||||||
'invite_code': 'testcode'
|
'invite_code': 'testcode'
|
||||||
})
|
})
|
||||||
with patch('bookwyrm.views.Login.get'):
|
with patch('bookwyrm.views.authentication.login'):
|
||||||
response = views.Register.post(request)
|
response = view(request)
|
||||||
self.assertEqual(models.User.objects.count(), 3)
|
self.assertEqual(models.User.objects.count(), 2)
|
||||||
self.assertEqual(response.status_code, 302)
|
self.assertEqual(response.status_code, 302)
|
||||||
self.assertEqual(models.SiteInvite.objects.get().times_used, 1)
|
self.assertEqual(models.SiteInvite.objects.get().times_used, 1)
|
||||||
|
|
||||||
|
@ -237,8 +259,8 @@ class AuthenticationViews(TestCase):
|
||||||
'invite_code': 'testcode'
|
'invite_code': 'testcode'
|
||||||
})
|
})
|
||||||
with self.assertRaises(PermissionDenied):
|
with self.assertRaises(PermissionDenied):
|
||||||
response = views.Register.post(request)
|
response = view(request)
|
||||||
self.assertEqual(models.User.objects.count(), 3)
|
self.assertEqual(models.User.objects.count(), 2)
|
||||||
|
|
||||||
# bad invite code
|
# bad invite code
|
||||||
request = self.factory.post(
|
request = self.factory.post(
|
||||||
|
@ -250,29 +272,31 @@ class AuthenticationViews(TestCase):
|
||||||
'invite_code': 'dkfkdjgdfkjgkdfj'
|
'invite_code': 'dkfkdjgdfkjgkdfj'
|
||||||
})
|
})
|
||||||
with self.assertRaises(Http404):
|
with self.assertRaises(Http404):
|
||||||
response = views.Register.post(request)
|
response = view(request)
|
||||||
self.assertEqual(models.User.objects.count(), 3)
|
self.assertEqual(models.User.objects.count(), 2)
|
||||||
|
|
||||||
|
|
||||||
def test_password_change(self):
|
def test_password_change(self):
|
||||||
''' change password '''
|
''' change password '''
|
||||||
|
view = views.ChangePassword.as_view()
|
||||||
password_hash = self.local_user.password
|
password_hash = self.local_user.password
|
||||||
request = self.factory.post('', {
|
request = self.factory.post('', {
|
||||||
'password': 'hi',
|
'password': 'hi',
|
||||||
'confirm-password': 'hi'
|
'confirm-password': 'hi'
|
||||||
})
|
})
|
||||||
request.user = self.local_user
|
request.user = self.local_user
|
||||||
with patch('bookwyrm.views.Login.get'):
|
with patch('bookwyrm.views.password.login'):
|
||||||
views.ChangePassword.post(request)
|
view(request)
|
||||||
self.assertNotEqual(self.local_user.password, password_hash)
|
self.assertNotEqual(self.local_user.password, password_hash)
|
||||||
|
|
||||||
def test_password_change_mismatch(self):
|
def test_password_change_mismatch(self):
|
||||||
''' change password '''
|
''' change password '''
|
||||||
|
view = views.ChangePassword.as_view()
|
||||||
password_hash = self.local_user.password
|
password_hash = self.local_user.password
|
||||||
request = self.factory.post('', {
|
request = self.factory.post('', {
|
||||||
'password': 'hi',
|
'password': 'hi',
|
||||||
'confirm-password': 'hihi'
|
'confirm-password': 'hihi'
|
||||||
})
|
})
|
||||||
request.user = self.local_user
|
request.user = self.local_user
|
||||||
views.ChangePassword.post(request)
|
view(request)
|
||||||
self.assertEqual(self.local_user.password, password_hash)
|
self.assertEqual(self.local_user.password, password_hash)
|
||||||
|
|
|
@ -19,7 +19,7 @@ class Login(View):
|
||||||
''' login page '''
|
''' login page '''
|
||||||
if request.user.is_authenticated:
|
if request.user.is_authenticated:
|
||||||
return redirect('/')
|
return redirect('/')
|
||||||
# send user to the login page
|
# sene user to the login page
|
||||||
data = {
|
data = {
|
||||||
'title': 'Login',
|
'title': 'Login',
|
||||||
'login_form': forms.LoginForm(),
|
'login_form': forms.LoginForm(),
|
||||||
|
|
Loading…
Reference in a new issue