10185501403
/
phshare


								# -*- coding: utf-8 -*-

								from flask import url_for


								from phshare.models import User

								from phshare.settings import Operations

								from phshare.utils import generate_token

								from tests.base import BaseTestCase


								class AuthTestCase(BaseTestCase):


								    def test_login_normal_user(self):

								        response = self.login()

								        data = response.get_data(as_text=True)

								        self.assertIn('Login success.', data)


								    def test_login_locked_user(self):

								        self.login(email='locked@helloflask.com', password='123')

								        response = self.client.get(url_for('user.index', username='locked'))

								        data = response.get_data(as_text=True)

								        self.assertIn('Your account is locked.', data)


								    def test_login_blocked_user(self):

								        response = self.login(email='blocked@helloflask.com', password='123')

								        data = response.get_data(as_text=True)

								        self.assertIn('Your account is blocked.', data)


								    def test_fail_login(self):

								        response = self.login(email='wrong-username@helloflask.com', password='wrong-password')

								        data = response.get_data(as_text=True)

								        self.assertIn('Invalid email or password.', data)


								    def test_logout_user(self):

								        self.login()

								        response = self.logout()

								        data = response.get_data(as_text=True)

								        self.assertIn('Logout success.', data)


								    def test_login_protect(self):

								        response = self.client.get(url_for('main.upload'), follow_redirects=True)

								        data = response.get_data(as_text=True)

								        self.assertIn('Please log in to access this page.', data)


								    def test_unconfirmed_user_permission(self):

								        self.login(email='unconfirmed@helloflask.com', password='123')

								        response = self.client.get(url_for('main.upload'), follow_redirects=True)

								        data = response.get_data(as_text=True)

								        self.assertIn('Please confirm your account first.', data)


								    def test_locked_user_permission(self):

								        self.login(email='locked@helloflask.com', password='123')

								        response = self.client.get(url_for('main.upload'), follow_redirects=True)

								        self.assertEqual(response.status_code, 403)


								    def test_register_account(self):

								        response = self.client.post(url_for('auth.register'), data=dict(

								            name='swz',

								            email='test@helloflask.com',

								            username='test',

								            password='12345678',

								            password2='12345678'

								        ), follow_redirects=True)

								        data = response.get_data(as_text=True)

								        self.assertIn('Confirm email sent, check your inbox.', data)


								    def test_confirm_account(self):

								        user = User.query.filter_by(email='unconfirmed@helloflask.com').first()

								        self.assertFalse(user.confirmed)

								        token = generate_token(user=user, operation='confirm')

								        self.login(email='unconfirmed@helloflask.com', password='123')

								        response = self.client.get(url_for('auth.confirm', token=token), follow_redirects=True)

								        data = response.get_data(as_text=True)

								        self.assertIn('Account confirmed.', data)

								        self.assertTrue(user.confirmed)


								    def test_bad_confirm_token(self):

								        self.login(email='unconfirmed@helloflask.com', password='123')

								        response = self.client.get(url_for('auth.confirm', token='bad token'), follow_redirects=True)

								        data = response.get_data(as_text=True)

								        self.assertIn('Invalid or expired token.', data)

								        self.assertNotIn('Account confirmed.', data)


								    def test_reset_password(self):

								        response = self.client.post(url_for('auth.forget_password'), data=dict(

								            email='normal@helloflask.com',

								        ), follow_redirects=True)

								        data = response.get_data(as_text=True)

								        self.assertIn('Password reset email sent, check your inbox.', data)

								        user = User.query.filter_by(email='normal@helloflask.com').first()

								        self.assertTrue(user.validate_password('123'))


								        token = generate_token(user=user, operation=Operations.RESET_PASSWORD)

								        response = self.client.post(url_for('auth.reset_password', token=token), data=dict(

								            email='normal@helloflask.com',

								            password='new-password',

								            password2='new-password'

								        ), follow_redirects=True)

								        data = response.get_data(as_text=True)

								        self.assertIn('Password updated.', data)

								        self.assertTrue(user.validate_password('new-password'))

								        self.assertFalse(user.validate_password('123'))


								        # bad token

								        response = self.client.post(url_for('auth.reset_password', token='bad token'), data=dict(

								            email='normal@helloflask.com',

								            password='new-password',

								            password2='new-password'

								        ), follow_redirects=True)

								        data = response.get_data(as_text=True)

								        self.assertIn('Invalid or expired link.', data)

								        self.assertNotIn('Password updated.', data)