vigiboard / vigiboard / tests / functional / test_authentication.py @ 011743be
History | View | Annotate | Download (2.76 KB)
| 1 |
# -*- coding: utf-8 -*-
|
|---|---|
| 2 |
# Copyright (C) 2006-2020 CS GROUP - France
|
| 3 |
# License: GNU GPL v2 <http://www.gnu.org/licenses/gpl-2.0.html>
|
| 4 |
|
| 5 |
"""
|
| 6 |
Integration tests for the :mod:`repoze.who`-powered authentication sub-system.
|
| 7 |
|
| 8 |
As vigiboard grows and the authentication method changes, only these tests
|
| 9 |
should be updated.
|
| 10 |
|
| 11 |
"""
|
| 12 |
|
| 13 |
from vigiboard.tests import TestController |
| 14 |
|
| 15 |
|
| 16 |
class TestAuthentication(TestController): |
| 17 |
"""
|
| 18 |
Tests for the default authentication setup.
|
| 19 |
|
| 20 |
By default in TurboGears 2, :mod:`repoze.who` is configured with the same
|
| 21 |
plugins specified by repoze.what-quickstart (which are listed in
|
| 22 |
http://code.gustavonarea.net/repoze.what-quickstart/#repoze.what.plugins.quickstart.setup_sql_auth).
|
| 23 |
|
| 24 |
As the settings for those plugins change, or the plugins are replaced,
|
| 25 |
these tests should be updated.
|
| 26 |
|
| 27 |
"""
|
| 28 |
|
| 29 |
application_under_test = 'main'
|
| 30 |
|
| 31 |
def test_voluntary_login(self): |
| 32 |
"""Voluntary logins must work correctly"""
|
| 33 |
# Going to the login form voluntarily:
|
| 34 |
resp = self.app.get('/login', status=200) |
| 35 |
form = resp.form |
| 36 |
# Submitting the login form:
|
| 37 |
form['login'] = u'manager' |
| 38 |
form['password'] = u'iddad' |
| 39 |
post_login = form.submit(status=302)
|
| 40 |
# Being redirected to the home page:
|
| 41 |
assert post_login.location.startswith('/post_login') or \ |
| 42 |
post_login.location.startswith('http://localhost/post_login'), \
|
| 43 |
"Result: %s" % post_login.location
|
| 44 |
home_page = post_login.follow(status=302)
|
| 45 |
assert 'authtkt' in home_page.request.cookies, \ |
| 46 |
'Session cookie was not defined: %s' % home_page.request.cookies
|
| 47 |
assert home_page.location == 'http://localhost/' |
| 48 |
|
| 49 |
def test_logout(self): |
| 50 |
"""Logouts must work correctly"""
|
| 51 |
# Logging in voluntarily the quick way:
|
| 52 |
resp = self.app.get('/login_handler?login=manager&password=iddad', |
| 53 |
status=302)
|
| 54 |
resp = resp.follow(status=302)
|
| 55 |
assert 'authtkt' in resp.request.cookies, \ |
| 56 |
'Session cookie was not defined: %s' % resp.request.cookies
|
| 57 |
# Logging out:
|
| 58 |
resp = self.app.get('/logout_handler', status=302, |
| 59 |
extra_environ={'REMOTE_ADDR': '127.0.0.1'})
|
| 60 |
assert resp.location.startswith('/post_logout') or \ |
| 61 |
resp.location.startswith('http://localhost/post_logout'), \
|
| 62 |
"Result: %s" % resp.location
|
| 63 |
# Finally, redirected to the home page:
|
| 64 |
home_page = resp.follow(status=302)
|
| 65 |
assert home_page.request.cookies.get('authtkt') == '' \ |
| 66 |
or home_page.request.cookies.get('authtkt') == 'INVALID', \ |
| 67 |
'Session cookie was not deleted: %s' % home_page.request.cookies
|
| 68 |
assert home_page.location == 'http://localhost/', home_page.location |