110swag / flashy-backend

Download as
Browse Code ยป

Commit 8f54c7956dbd63607ddf90e218d6a89246e2ba0c

Authored by Andrew Buss
2 parents 60defe8f8c 38c977bc0b
Exists in master

Merge branch 'master' of git.ucsd.edu:110swag/flashy-backend

Showing 1 changed file Inline Diff

flashcards/tests/test_api.py View file @ 8f54c79
from django.core import mail 1 1 from django.core import mail
from flashcards.models import User 2 2 from flashcards.models import User
from rest_framework.status import HTTP_201_CREATED, HTTP_200_OK, HTTP_401_UNAUTHORIZED 3 3 from rest_framework.status import HTTP_201_CREATED, HTTP_200_OK, HTTP_401_UNAUTHORIZED
from rest_framework.test import APITestCase 4 4 from rest_framework.test import APITestCase
from re import search 5 5 from re import search
6 6
7 7
class LoginTests(APITestCase): 8 8 class LoginTests(APITestCase):
def setUp(self): 9 9 def setUp(self):
email = "test@flashy.cards" 10 10 email = "test@flashy.cards"
User.objects.create_user(email=email, password="1234") 11 11 User.objects.create_user(email=email, password="1234")
12 12
def test_login(self): 13 13 def test_login(self):
url = '/api/login' 14 14 url = '/api/login'
data = {'email': 'test@flashy.cards', 'password': '1234'} 15 15 data = {'email': 'test@flashy.cards', 'password': '1234'}
response = self.client.post(url, data, format='json') 16 16 response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, HTTP_200_OK) 17 17 self.assertEqual(response.status_code, HTTP_200_OK)
18 18
data = {'email': 'test@flashy.cards', 'password': '54321'} 19 19 data = {'email': 'test@flashy.cards', 'password': '54321'}
response = self.client.post(url, data, format='json') 20 20 response = self.client.post(url, data, format='json')
self.assertContains(response, 'Invalid email or password', status_code=403) 21 21 self.assertContains(response, 'Invalid email or password', status_code=403)
22 22
data = {'email': 'none@flashy.cards', 'password': '54321'} 23 23 data = {'email': 'none@flashy.cards', 'password': '54321'}
response = self.client.post(url, data, format='json') 24 24 response = self.client.post(url, data, format='json')
self.assertContains(response, 'Invalid email or password', status_code=403) 25 25 self.assertContains(response, 'Invalid email or password', status_code=403)
26 26
data = {'password': '54321'} 27 27 data = {'password': '54321'}
response = self.client.post(url, data, format='json') 28 28 response = self.client.post(url, data, format='json')
self.assertContains(response, 'email', status_code=400) 29 29 self.assertContains(response, 'email', status_code=400)
30 30
data = {'email': 'none@flashy.cards'} 31 31 data = {'email': 'none@flashy.cards'}
response = self.client.post(url, data, format='json') 32 32 response = self.client.post(url, data, format='json')
self.assertContains(response, 'password', status_code=400) 33 33 self.assertContains(response, 'password', status_code=400)
34 34
user = User.objects.get(email="test@flashy.cards") 35 35 user = User.objects.get(email="test@flashy.cards")
user.is_active = False 36 36 user.is_active = False
user.save() 37 37 user.save()
38 38
data = {'email': 'test@flashy.cards', 'password': '1234'} 39 39 data = {'email': 'test@flashy.cards', 'password': '1234'}
response = self.client.post(url, data, format='json') 40 40 response = self.client.post(url, data, format='json')
self.assertContains(response, 'Account is disabled', status_code=403) 41 41 self.assertContains(response, 'Account is disabled', status_code=403)
42 42
def test_logout(self): 43 43 def test_logout(self):
self.client.login(email='none@none.com', password='1234') 44 44 self.client.login(email='none@none.com', password='1234')
self.client.post('/api/logout') 45 45 self.client.post('/api/logout')
46 46
response = self.client.get('/api/users/me', format='json') 47 47 response = self.client.get('/api/users/me', format='json')
# since we're not logged in, we shouldn't be able to see this 48 48 # since we're not logged in, we shouldn't be able to see this
self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED) 49 49 self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED)
50 50
class PasswordResetTest(APITestCase): 51 51 class PasswordResetTest(APITestCase):
def setUp(self): 52 52 def setUp(self):
email = "test@flashy.cards" 53 53 email = "test@flashy.cards"
User.objects.create_user(email=email, password="12345") 54 54 User.objects.create_user(email=email, password="12345")
55 55
def test_reset_password(self): 56 56 def test_reset_password(self):
url = '/api/reset_password' 57 57 url = '/api/reset_password'
post_data = {'email': 'test@flashy.cards'} 58 58 post_data = {'email': 'test@flashy.cards'}
patch_data = {'new_password': '54321', 59 59 patch_data = {'new_password': '54321',
'uid': '', 'token': ''} 60 60 'uid': '', 'token': ''}
self.client.post(url, post_data, format='json') 61 61 self.client.post(url, post_data, format='json')
self.assertEqual(len(mail.outbox), 1) 62 62 self.assertEqual(len(mail.outbox), 1)
self.assertIn('reset your password', mail.outbox[0].body) 63 63 self.assertIn('reset your password', mail.outbox[0].body)
64 64
capture = search('https://flashy.cards/app/reset_password/(\d+)/(.*)', 65 65 capture = search('https://flashy.cards/app/reset_password/(\d+)/(.*)',
mail.outbox[0].body) 66 66 mail.outbox[0].body)
data['uid'] = capture.group(0) 67 67 patch_data['uid'] = capture.group(1)
data['token'] = capture.group(1) 68 68 patch_data['token'] = capture.group(2)
self.client.patch(url, patch_data, format='json') 69 69 self.client.patch(url, patch_data, format='json')
user = User.objects.get(id=data['uid']) 70 70 user = User.objects.get(id=patch_data['uid'])
assert user.check_password(data['new_password']) 71 71 assert user.check_password(patch_data['new_password'])
72 72
73 73
class RegistrationTest(APITestCase): 74 74 class RegistrationTest(APITestCase):
def test_create_account(self): 75 75 def test_create_account(self):
url = '/api/users/me' 76 76 url = '/api/users/me'
77 77
# missing password 78 78 # missing password
data = {'email': 'none@none.com'} 79 79 data = {'email': 'none@none.com'}
response = self.client.post(url, data, format='json') 80 80 response = self.client.post(url, data, format='json')
self.assertContains(response, 'password', status_code=400) 81 81 self.assertContains(response, 'password', status_code=400)
82 82
# missing email 83 83 # missing email
data = {'password': '1234'} 84 84 data = {'password': '1234'}
response = self.client.post(url, data, format='json') 85 85 response = self.client.post(url, data, format='json')
self.assertContains(response, 'email', status_code=400) 86 86 self.assertContains(response, 'email', status_code=400)
87 87
# create a user 88 88 # create a user
data = {'email': 'none@none.com', 'password': '1234'} 89 89 data = {'email': 'none@none.com', 'password': '1234'}
response = self.client.post(url, data, format='json') 90 90 response = self.client.post(url, data, format='json')
self.assertEqual(response.status_code, HTTP_201_CREATED) 91 91 self.assertEqual(response.status_code, HTTP_201_CREATED)
92 92
# user should not be confirmed 93 93 # user should not be confirmed
user = User.objects.get(email="none@none.com") 94 94 user = User.objects.get(email="none@none.com")
self.assertFalse(user.is_confirmed) 95 95 self.assertFalse(user.is_confirmed)
96 96
# check that the confirmation key was sent 97 97 # check that the confirmation key was sent
self.assertEqual(len(mail.outbox), 1) 98 98 self.assertEqual(len(mail.outbox), 1)
self.assertIn(user.confirmation_key, mail.outbox[0].body) 99 99 self.assertIn(user.confirmation_key, mail.outbox[0].body)
100 100
# log the user out 101 101 # log the user out
self.client.logout() 102 102 self.client.logout()
103 103
# log the user in with their registered credentials 104 104 # log the user in with their registered credentials
self.client.login(email='none@none.com', password='1234') 105 105 self.client.login(email='none@none.com', password='1234')
106 106
# try activating with an invalid key 107 107 # try activating with an invalid key
response = self.client.patch(url, {'confirmation_key': 'NOT A KEY'}) 108 108 response = self.client.patch(url, {'confirmation_key': 'NOT A KEY'})
self.assertContains(response, 'confirmation_key is invalid', status_code=400) 109 109 self.assertContains(response, 'confirmation_key is invalid', status_code=400)
110 110
# try activating with the valid key 111 111 # try activating with the valid key
response = self.client.patch(url, {'confirmation_key': user.confirmation_key}) 112 112 response = self.client.patch(url, {'confirmation_key': user.confirmation_key})
self.assertTrue(response.data['is_confirmed']) 113 113 self.assertTrue(response.data['is_confirmed'])
114 114
115 115
class ProfileViewTest(APITestCase): 116 116 class ProfileViewTest(APITestCase):
def setUp(self): 117 117 def setUp(self):
email = "profileviewtest@flashy.cards" 118 118 email = "profileviewtest@flashy.cards"
User.objects.create_user(email=email, password="1234") 119 119 User.objects.create_user(email=email, password="1234")
120 120
def test_get_me(self): 121 121 def test_get_me(self):
url = '/api/users/me' 122 122 url = '/api/users/me'
response = self.client.get(url, format='json') 123 123 response = self.client.get(url, format='json')
# since we're not logged in, we shouldn't be able to see this 124 124 # since we're not logged in, we shouldn't be able to see this
self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED) 125 125 self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED)
126 126
self.client.login(email='profileviewtest@flashy.cards', password='1234') 127 127 self.client.login(email='profileviewtest@flashy.cards', password='1234')
response = self.client.get(url, format='json') 128 128 response = self.client.get(url, format='json')
self.assertEqual(response.status_code, HTTP_200_OK) 129 129 self.assertEqual(response.status_code, HTTP_200_OK)
130 130
131 131
class PasswordChangeTest(APITestCase): 132 132 class PasswordChangeTest(APITestCase):
def setUp(self): 133 133 def setUp(self):
email = "none@none.com" 134 134 email = "none@none.com"