110swag / flashy-backend

Download as
Browse Code ยป

Commit 783e96fe8dad12ea6adee2cf0bd9e4ed3f2908c1

Authored by Rohan Rangray
1 parent b9d4dd7cc6
Exists in master

Fixed a comment.

Showing 1 changed file with 1 additions and 1 deletions Inline Diff

flashcards/tests/test_api.py View file @ 783e96f
from django.core import mail 1 1 from django.core import mail
from flashcards.models import User, Section, Flashcard 2 2 from flashcards.models import User, Section, Flashcard
from rest_framework.status import HTTP_204_NO_CONTENT, HTTP_201_CREATED, HTTP_200_OK, HTTP_401_UNAUTHORIZED 3 3 from rest_framework.status import HTTP_204_NO_CONTENT, HTTP_201_CREATED, HTTP_200_OK, HTTP_401_UNAUTHORIZED
from rest_framework.test import APITestCase 4 4 from rest_framework.test import APITestCase
from re import search 5 5 from re import search
from django.utils.timezone import now 6 6 from django.utils.timezone import now
7 7
8 8
class LoginTests(APITestCase): 9 9 class LoginTests(APITestCase):
def setUp(self): 10 10 def setUp(self):
email = "test@flashy.cards" 11 11 email = "test@flashy.cards"
User.objects.create_user(email=email, password="1234") 12 12 User.objects.create_user(email=email, password="1234")
13 13
def test_login(self): 14 14 def test_login(self):
url = '/api/login' 15 15 url = '/api/login'
data = {'email': 'test@flashy.cards', 'password': '1234'} 16 16 data = {'email': 'test@flashy.cards', 'password': '1234'}
response = self.client.post(url, data, format='json') 17 17 response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, HTTP_200_OK) 18 18 self.assertEqual(response.status_code, HTTP_200_OK)
19 19
data = {'email': 'test@flashy.cards', 'password': '54321'} 20 20 data = {'email': 'test@flashy.cards', 'password': '54321'}
response = self.client.post(url, data, format='json') 21 21 response = self.client.post(url, data, format='json')
self.assertContains(response, 'Invalid email or password', status_code=403) 22 22 self.assertContains(response, 'Invalid email or password', status_code=403)
23 23
data = {'email': 'none@flashy.cards', 'password': '54321'} 24 24 data = {'email': 'none@flashy.cards', 'password': '54321'}
response = self.client.post(url, data, format='json') 25 25 response = self.client.post(url, data, format='json')
self.assertContains(response, 'Invalid email or password', status_code=403) 26 26 self.assertContains(response, 'Invalid email or password', status_code=403)
27 27
data = {'password': '54321'} 28 28 data = {'password': '54321'}
response = self.client.post(url, data, format='json') 29 29 response = self.client.post(url, data, format='json')
self.assertContains(response, 'email', status_code=400) 30 30 self.assertContains(response, 'email', status_code=400)
31 31
data = {'email': 'none@flashy.cards'} 32 32 data = {'email': 'none@flashy.cards'}
response = self.client.post(url, data, format='json') 33 33 response = self.client.post(url, data, format='json')
self.assertContains(response, 'password', status_code=400) 34 34 self.assertContains(response, 'password', status_code=400)
35 35
user = User.objects.get(email="test@flashy.cards") 36 36 user = User.objects.get(email="test@flashy.cards")
user.is_active = False 37 37 user.is_active = False
user.save() 38 38 user.save()
39 39
data = {'email': 'test@flashy.cards', 'password': '1234'} 40 40 data = {'email': 'test@flashy.cards', 'password': '1234'}
response = self.client.post(url, data, format='json') 41 41 response = self.client.post(url, data, format='json')
self.assertContains(response, 'Account is disabled', status_code=403) 42 42 self.assertContains(response, 'Account is disabled', status_code=403)
43 43
def test_logout(self): 44 44 def test_logout(self):
url = '/api/logout' 45 45 url = '/api/logout'
self.client.login(email='test@flashy.cards', password='1234') 46 46 self.client.login(email='test@flashy.cards', password='1234')
response = self.client.post(url) 47 47 response = self.client.post(url)
self.assertEqual(response.status_code, HTTP_204_NO_CONTENT) 48 48 self.assertEqual(response.status_code, HTTP_204_NO_CONTENT)
49 49
# since we're not logged in, we shouldn't be able to see this 50 50 # since we're not logged in, we should get a 401 response
response = self.client.get('/api/users/me', format='json') 51 51 response = self.client.get('/api/users/me', format='json')
self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED) 52 52 self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED)
53 53
54 54
class PasswordResetTest(APITestCase): 55 55 class PasswordResetTest(APITestCase):
def setUp(self): 56 56 def setUp(self):
# create a user to test things with 57 57 # create a user to test things with
email = "test@flashy.cards" 58 58 email = "test@flashy.cards"
User.objects.create_user(email=email, password="12345") 59 59 User.objects.create_user(email=email, password="12345")
60 60
def test_reset_password(self): 61 61 def test_reset_password(self):
# submit the request to reset the password 62 62 # submit the request to reset the password
url = '/api/reset_password' 63 63 url = '/api/reset_password'
post_data = {'email': 'test@flashy.cards'} 64 64 post_data = {'email': 'test@flashy.cards'}
self.client.post(url, post_data, format='json') 65 65 self.client.post(url, post_data, format='json')
self.assertEqual(len(mail.outbox), 1) 66 66 self.assertEqual(len(mail.outbox), 1)
self.assertIn('reset your password', mail.outbox[0].body) 67 67 self.assertIn('reset your password', mail.outbox[0].body)
68 68
# capture the reset token from the email 69 69 # capture the reset token from the email
capture = search('https://flashy.cards/app/reset_password/(\d+)/(.*)', 70 70 capture = search('https://flashy.cards/app/reset_password/(\d+)/(.*)',
mail.outbox[0].body) 71 71 mail.outbox[0].body)
patch_data = {'new_password': '54321'} 72 72 patch_data = {'new_password': '54321'}
patch_data['uid'] = capture.group(1) 73 73 patch_data['uid'] = capture.group(1)
reset_token = capture.group(2) 74 74 reset_token = capture.group(2)
75 75
# try to reset the password with the wrong reset token 76 76 # try to reset the password with the wrong reset token
patch_data['token'] = 'wrong_token' 77 77 patch_data['token'] = 'wrong_token'
response = self.client.patch(url, patch_data, format='json') 78 78 response = self.client.patch(url, patch_data, format='json')
self.assertContains(response, 'Could not verify reset token', status_code=400) 79 79 self.assertContains(response, 'Could not verify reset token', status_code=400)
80 80
# try to reset the password with the correct token 81 81 # try to reset the password with the correct token
patch_data['token'] = reset_token 82 82 patch_data['token'] = reset_token
response = self.client.patch(url, patch_data, format='json') 83 83 response = self.client.patch(url, patch_data, format='json')
self.assertEqual(response.status_code, HTTP_204_NO_CONTENT) 84 84 self.assertEqual(response.status_code, HTTP_204_NO_CONTENT)
user = User.objects.get(id=patch_data['uid']) 85 85 user = User.objects.get(id=patch_data['uid'])
assert user.check_password(patch_data['new_password']) 86 86 assert user.check_password(patch_data['new_password'])
87 87
88 88
class RegistrationTest(APITestCase): 89 89 class RegistrationTest(APITestCase):
def test_create_account(self): 90 90 def test_create_account(self):
url = '/api/users/me' 91 91 url = '/api/users/me'
92 92
# missing password 93 93 # missing password
data = {'email': 'none@none.com'} 94 94 data = {'email': 'none@none.com'}
response = self.client.post(url, data, format='json') 95 95 response = self.client.post(url, data, format='json')
self.assertContains(response, 'password', status_code=400) 96 96 self.assertContains(response, 'password', status_code=400)
97 97
# missing email 98 98 # missing email
data = {'password': '1234'} 99 99 data = {'password': '1234'}
response = self.client.post(url, data, format='json') 100 100 response = self.client.post(url, data, format='json')
self.assertContains(response, 'email', status_code=400) 101 101 self.assertContains(response, 'email', status_code=400)
102 102
# create a user 103 103 # create a user
data = {'email': 'none@none.com', 'password': '1234'} 104 104 data = {'email': 'none@none.com', 'password': '1234'}
response = self.client.post(url, data, format='json') 105 105 response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, HTTP_201_CREATED) 106 106 self.assertEqual(response.status_code, HTTP_201_CREATED)
107 107
# user should not be confirmed 108 108 # user should not be confirmed
user = User.objects.get(email="none@none.com") 109 109 user = User.objects.get(email="none@none.com")
self.assertFalse(user.is_confirmed) 110 110 self.assertFalse(user.is_confirmed)
111 111
# check that the confirmation key was sent 112 112 # check that the confirmation key was sent
self.assertEqual(len(mail.outbox), 1) 113 113 self.assertEqual(len(mail.outbox), 1)
self.assertIn(user.confirmation_key, mail.outbox[0].body) 114 114 self.assertIn(user.confirmation_key, mail.outbox[0].body)
115 115
# log the user out 116 116 # log the user out
self.client.logout() 117 117 self.client.logout()
118 118
# log the user in with their registered credentials 119 119 # log the user in with their registered credentials
self.client.login(email='none@none.com', password='1234') 120 120 self.client.login(email='none@none.com', password='1234')
121 121
# try activating with an invalid key 122 122 # try activating with an invalid key
response = self.client.patch(url, {'confirmation_key': 'NOT A KEY'}) 123 123 response = self.client.patch(url, {'confirmation_key': 'NOT A KEY'})
self.assertContains(response, 'confirmation_key is invalid', status_code=400) 124 124 self.assertContains(response, 'confirmation_key is invalid', status_code=400)
125 125
# try activating with the valid key 126 126 # try activating with the valid key
response = self.client.patch(url, {'confirmation_key': user.confirmation_key}) 127 127 response = self.client.patch(url, {'confirmation_key': user.confirmation_key})
self.assertTrue(response.data['is_confirmed']) 128 128 self.assertTrue(response.data['is_confirmed'])
129 129
130 130
class ProfileViewTest(APITestCase): 131 131 class ProfileViewTest(APITestCase):
def setUp(self): 132 132 def setUp(self):
email = "profileviewtest@flashy.cards" 133 133 email = "profileviewtest@flashy.cards"
User.objects.create_user(email=email, password="1234") 134 134 User.objects.create_user(email=email, password="1234")
135 135
def test_get_me(self): 136 136 def test_get_me(self):
url = '/api/users/me' 137 137 url = '/api/users/me'
response = self.client.get(url, format='json') 138 138 response = self.client.get(url, format='json')
# since we're not logged in, we shouldn't be able to see this 139 139 # since we're not logged in, we shouldn't be able to see this
self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED) 140 140 self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED)
141 141
self.client.login(email='profileviewtest@flashy.cards', password='1234') 142 142 self.client.login(email='profileviewtest@flashy.cards', password='1234')
response = self.client.get(url, format='json') 143 143 response = self.client.get(url, format='json')
self.assertEqual(response.status_code, HTTP_200_OK) 144 144 self.assertEqual(response.status_code, HTTP_200_OK)
145 145
146 146
class PasswordChangeTest(APITestCase): 147 147 class PasswordChangeTest(APITestCase):
def setUp(self): 148 148 def setUp(self):
email = "none@none.com" 149 149 email = "none@none.com"
User.objects.create_user(email=email, password="1234") 150 150 User.objects.create_user(email=email, password="1234")
151 151
def test_change_password(self): 152 152 def test_change_password(self):
url = '/api/users/me' 153 153 url = '/api/users/me'
user = User.objects.get(email='none@none.com') 154 154 user = User.objects.get(email='none@none.com')
self.assertTrue(user.check_password('1234')) 155 155 self.assertTrue(user.check_password('1234'))
156 156