login_test.py 3.12 KB
Newer Older
Romain Bignon's avatar
Romain Bignon committed
1 2 3
from assnet.storage import Storage
from assnet.server import Server
from assnet.users import User
Laurent Bachelier's avatar
Laurent Bachelier committed
4 5 6 7 8 9 10

from unittest import TestCase
from webtest import TestApp

from tempfile import mkdtemp
import shutil

Laurent Bachelier's avatar
Laurent Bachelier committed
11

Laurent Bachelier's avatar
Laurent Bachelier committed
12 13
class LoginTest(TestCase):
    def setUp(self):
Romain Bignon's avatar
Romain Bignon committed
14
        self.root = mkdtemp(prefix='assnet_test_root')
15 16
        storage = Storage.create(self.root)
        user = User(storage, 'penguin')
Laurent Bachelier's avatar
Laurent Bachelier committed
17 18
        user.realname = 'Penguin'
        user.password = 'monkey1'
Laurent Bachelier's avatar
Laurent Bachelier committed
19 20 21 22
        user.key = 'fabf37d746da8a45df63489f642b3813'
        user.save()
        user = User(storage, 'platypus')
        user.realname = 'Platypus'
Laurent Bachelier's avatar
Laurent Bachelier committed
23 24
        user.save()
        server = Server(self.root)
25
        self.app = TestApp(server)
Laurent Bachelier's avatar
Laurent Bachelier committed
26 27 28 29 30

    def tearDown(self):
        if self.root:
            shutil.rmtree(self.root)

31
    def test_formLogin(self):
Laurent Bachelier's avatar
Laurent Bachelier committed
32
        res = self.app.get('/?action=login', status=200)
33
        assert 'Not logged in.' in res.body
34 35
        assert 'Invalid username or password.' not in res.body
        assert 'Logged as.' not in res.body
Laurent Bachelier's avatar
Laurent Bachelier committed
36 37

        form = res.form
38 39
        form['login[username]'] = 'invalid'
        form['login[password]'] = 'invalid'
Laurent Bachelier's avatar
Laurent Bachelier committed
40
        res = form.submit()
41 42 43
        assert 'Not logged in.' not in res.body
        assert 'Invalid username or password.' in res.body
        assert 'Logged as.' not in res.body
Laurent Bachelier's avatar
Laurent Bachelier committed
44 45

        form = res.form
46 47
        form['login[username]'] = 'penguin'
        form['login[password]'] = 'invalid'
Laurent Bachelier's avatar
Laurent Bachelier committed
48
        res = form.submit()
49 50 51
        assert 'Not logged in.' not in res.body
        assert 'Invalid username or password.' in res.body
        assert 'Logged as.' not in res.body
Laurent Bachelier's avatar
Laurent Bachelier committed
52 53

        form = res.form
54 55
        form['login[username]'] = 'penguin'
        form['login[password]'] = 'monkey1'
Laurent Bachelier's avatar
Laurent Bachelier committed
56 57
        res = form.submit(status=302)
        res = res.follow(status=200)
58 59 60 61 62
        assert 'Logged as <abbr title="Penguin">penguin</abbr>' in res.body
        res = self.app.get('/?action=login', status=200)
        assert 'Not logged in.' not in res.body
        assert 'Invalid username or password.' not in res.body
        assert 'Already logged in as <abbr title="Penguin">penguin</abbr>' in res.body
Laurent Bachelier's avatar
Laurent Bachelier committed
63 64 65

        res = self.app.get('/')
        assert 'Login' not in res.body
66
        assert 'Logged as <abbr title="Penguin">penguin</abbr>' in res.body
Laurent Bachelier's avatar
Laurent Bachelier committed
67 68 69 70
        res = self.app.get('/?action=logout', status=302)
        res = res.follow(status=200)
        assert 'Login' in res.body
        assert 'Logged as' not in res.body
Laurent Bachelier's avatar
Laurent Bachelier committed
71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88

    def test_authKeyLogin(self):
        res = self.app.get('/?action=login', status=200)
        assert 'Not logged in.' in res.body

        # we are authentified by the key
        res = self.app.get('/?authkey=fabf37d746da8a45df63489f642b3813', status=200)
        assert 'Login' not in res.body
        assert 'Logged as <abbr title="Penguin">penguin</abbr>' in res.body

        # the authentification is kept
        res = self.app.get('/', status=200)
        assert 'Login' not in res.body
        assert 'Logged as <abbr title="Penguin">penguin</abbr>' in res.body
        res = self.app.get('/?action=logout', status=302)
        res = res.follow(status=200)
        assert 'Login' in res.body
        assert 'Logged as' not in res.body