amanuensis/tests/test_auth.py

57 lines
1.8 KiB
Python
Raw Normal View History

2021-06-24 05:02:55 +00:00
import os
from urllib.parse import urlsplit
from bs4 import BeautifulSoup
from flask import Flask
from amanuensis.db import User
def test_auth_circuit(app: Flask, make):
"""Test the user login/logout path."""
username: str = f"user_{os.urandom(8).hex()}"
ub: bytes = username.encode("utf8")
2021-06-26 17:13:46 +00:00
assert make.user(username=username, password=username)
2021-06-24 05:02:55 +00:00
with app.test_client() as client:
# User should not be logged in
response = client.get("/home/")
assert response.status_code == 200
assert ub not in response.data
# The login page exists
response = client.get("/auth/login/")
assert response.status_code == 200
assert ub not in response.data
assert b"Username" in response.data
assert b"Username" in response.data
assert b"csrf_token" in response.data
# Get the csrf token for logging in
soup = BeautifulSoup(response.data, features="html.parser")
csrf_token = soup.find(id="csrf_token")["value"]
assert csrf_token
# Log the user in
response = client.post(
"/auth/login/",
data={"username": username, "password": username, "csrf_token": csrf_token},
)
assert 300 <= response.status_code <= 399
assert urlsplit(response.location).path == "/home/"
# Confirm that the user is logged in
response = client.get("/home/")
assert response.status_code == 200
assert ub in response.data
# Log the user out
response = client.get("/auth/logout/")
assert 300 <= response.status_code <= 399
assert urlsplit(response.location).path == "/home/"
# Confirm the user is logged out
response = client.get("/home/")
assert response.status_code == 200
assert ub not in response.data