Commit a0e0db361f432611829259dffcbbec18586c44eb
1 parent
07a9ebffba
Exists in
master
bad merge
Showing 1 changed file with 6 additions and 14 deletions Inline Diff
flashcards/tests/test_api.py
View file @
a0e0db3
| from django.core import mail | 1 | 1 | from django.core import mail | |
| <<<<<<< HEAD | 2 | |||
| from flashcards.models import User | 3 | |||
| from rest_framework.generics import RetrieveAPIView | 4 | |||
| ======= | 5 | |||
| from flashcards.models import User, Section, Flashcard | 6 | 2 | from flashcards.models import User, Section, Flashcard | |
| >>>>>>> 2a9edd990f102b292ef4fb59c0688f6ed5ab56f5 | 7 | |||
| from rest_framework.status import HTTP_204_NO_CONTENT, HTTP_201_CREATED, HTTP_200_OK, HTTP_401_UNAUTHORIZED | 8 | 3 | from rest_framework.status import HTTP_204_NO_CONTENT, HTTP_201_CREATED, HTTP_200_OK, HTTP_401_UNAUTHORIZED | |
| from rest_framework.test import APITestCase | 9 | 4 | from rest_framework.test import APITestCase | |
| from re import search | 10 | 5 | from re import search | |
| from django.utils.timezone import now | 11 | 6 | from django.utils.timezone import now | |
| 12 | 7 | |||
| 13 | 8 | |||
| class LoginTests(APITestCase): | 14 | 9 | class LoginTests(APITestCase): | |
| def setUp(self): | 15 | 10 | def setUp(self): | |
| email = "test@flashy.cards" | 16 | 11 | email = "test@flashy.cards" | |
| User.objects.create_user(email=email, password="1234") | 17 | 12 | User.objects.create_user(email=email, password="1234") | |
| 18 | 13 | |||
| def test_login(self): | 19 | 14 | def test_login(self): | |
| url = '/api/login' | 20 | 15 | url = '/api/login' | |
| data = {'email': 'test@flashy.cards', 'password': '1234'} | 21 | 16 | data = {'email': 'test@flashy.cards', 'password': '1234'} | |
| response = self.client.post(url, data, format='json') | 22 | 17 | response = self.client.post(url, data, format='json') | |
| self.assertEqual(response.status_code, HTTP_200_OK) | 23 | 18 | self.assertEqual(response.status_code, HTTP_200_OK) | |
| 24 | 19 | |||
| data = {'email': 'test@flashy.cards', 'password': '54321'} | 25 | 20 | data = {'email': 'test@flashy.cards', 'password': '54321'} | |
| response = self.client.post(url, data, format='json') | 26 | 21 | response = self.client.post(url, data, format='json') | |
| self.assertContains(response, 'Invalid email or password', status_code=403) | 27 | 22 | self.assertContains(response, 'Invalid email or password', status_code=403) | |
| 28 | 23 | |||
| data = {'email': 'none@flashy.cards', 'password': '54321'} | 29 | 24 | data = {'email': 'none@flashy.cards', 'password': '54321'} | |
| response = self.client.post(url, data, format='json') | 30 | 25 | response = self.client.post(url, data, format='json') | |
| self.assertContains(response, 'Invalid email or password', status_code=403) | 31 | 26 | self.assertContains(response, 'Invalid email or password', status_code=403) | |
| 32 | 27 | |||
| data = {'password': '54321'} | 33 | 28 | data = {'password': '54321'} | |
| response = self.client.post(url, data, format='json') | 34 | 29 | response = self.client.post(url, data, format='json') | |
| self.assertContains(response, 'email', status_code=400) | 35 | 30 | self.assertContains(response, 'email', status_code=400) | |
| 36 | 31 | |||
| data = {'email': 'none@flashy.cards'} | 37 | 32 | data = {'email': 'none@flashy.cards'} | |
| response = self.client.post(url, data, format='json') | 38 | 33 | response = self.client.post(url, data, format='json') | |
| self.assertContains(response, 'password', status_code=400) | 39 | 34 | self.assertContains(response, 'password', status_code=400) | |
| 40 | 35 | |||
| user = User.objects.get(email="test@flashy.cards") | 41 | 36 | user = User.objects.get(email="test@flashy.cards") | |
| user.is_active = False | 42 | 37 | user.is_active = False | |
| user.save() | 43 | 38 | user.save() | |
| 44 | 39 | |||
| data = {'email': 'test@flashy.cards', 'password': '1234'} | 45 | 40 | data = {'email': 'test@flashy.cards', 'password': '1234'} | |
| response = self.client.post(url, data, format='json') | 46 | 41 | response = self.client.post(url, data, format='json') | |
| self.assertContains(response, 'Account is disabled', status_code=403) | 47 | 42 | self.assertContains(response, 'Account is disabled', status_code=403) | |
| 48 | 43 | |||
| def test_logout(self): | 49 | 44 | def test_logout(self): | |
| url = '/api/login' | 50 | 45 | url = '/api/login' | |
| data = {'email': 'test@flashy.cards', 'password': '1234'} | 51 | 46 | data = {'email': 'test@flashy.cards', 'password': '1234'} | |
| response = self.client.post(url, data, format='json') | 52 | 47 | response = self.client.post(url, data, format='json') | |
| self.assertEqual(response.status_code, HTTP_200_OK) | 53 | 48 | self.assertEqual(response.status_code, HTTP_200_OK) | |
| 54 | 49 | |||
| p = self.client.post('/api/logout') | 55 | 50 | p = self.client.post('/api/logout') | |
| self.assertEqual(p.status_code, HTTP_204_NO_CONTENT) | 56 | 51 | self.assertEqual(p.status_code, HTTP_204_NO_CONTENT) | |
| response = self.client.get('/api/users/me', format='json') | 57 | 52 | response = self.client.get('/api/users/me', format='json') | |
| 58 | 53 | |||
| # since we're not logged in, we shouldn't be able to see this | 59 | 54 | # since we're not logged in, we shouldn't be able to see this | |
| self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED) | 60 | 55 | self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED) | |
| 61 | 56 | |||
| 62 | 57 | |||
| class PasswordResetTest(APITestCase): | 63 | 58 | class PasswordResetTest(APITestCase): | |
| def setUp(self): | 64 | 59 | def setUp(self): | |
| # create a user to test things with | 65 | 60 | # create a user to test things with | |
| email = "test@flashy.cards" | 66 | 61 | email = "test@flashy.cards" | |
| User.objects.create_user(email=email, password="12345") | 67 | 62 | User.objects.create_user(email=email, password="12345") | |
| 68 | 63 | |||
| def test_reset_password(self): | 69 | 64 | def test_reset_password(self): | |
| # submit the request to reset the password | 70 | 65 | # submit the request to reset the password | |
| url = '/api/reset_password' | 71 | 66 | url = '/api/reset_password' | |
| post_data = {'email': 'test@flashy.cards'} | 72 | 67 | post_data = {'email': 'test@flashy.cards'} | |
| self.client.post(url, post_data, format='json') | 73 | 68 | self.client.post(url, post_data, format='json') | |
| self.assertEqual(len(mail.outbox), 1) | 74 | 69 | self.assertEqual(len(mail.outbox), 1) | |
| self.assertIn('reset your password', mail.outbox[0].body) | 75 | 70 | self.assertIn('reset your password', mail.outbox[0].body) | |
| 76 | 71 | |||
| # capture the reset token from the email | 77 | 72 | # capture the reset token from the email | |
| capture = search('https://flashy.cards/app/reset_password/(\d+)/(.*)', | 78 | 73 | capture = search('https://flashy.cards/app/reset_password/(\d+)/(.*)', | |
| mail.outbox[0].body) | 79 | 74 | mail.outbox[0].body) | |
| patch_data = {'new_password': '54321'} | 80 | 75 | patch_data = {'new_password': '54321'} | |
| patch_data['uid'] = capture.group(1) | 81 | 76 | patch_data['uid'] = capture.group(1) | |
| reset_token = capture.group(2) | 82 | 77 | reset_token = capture.group(2) | |
| 83 | 78 | |||
| # try to reset the password with the wrong reset token | 84 | 79 | # try to reset the password with the wrong reset token | |
| patch_data['token'] = 'wrong_token' | 85 | 80 | patch_data['token'] = 'wrong_token' | |
| response = self.client.patch(url, patch_data, format='json') | 86 | 81 | response = self.client.patch(url, patch_data, format='json') | |
| self.assertContains(response, 'Could not verify reset token', status_code=400) | 87 | 82 | self.assertContains(response, 'Could not verify reset token', status_code=400) | |
| 88 | 83 | |||
| # try to reset the password with the correct token | 89 | 84 | # try to reset the password with the correct token | |
| patch_data['token'] = reset_token | 90 | 85 | patch_data['token'] = reset_token | |
| response = self.client.patch(url, patch_data, format='json') | 91 | 86 | response = self.client.patch(url, patch_data, format='json') | |
| self.assertEqual(response.status_code, HTTP_204_NO_CONTENT) | 92 | 87 | self.assertEqual(response.status_code, HTTP_204_NO_CONTENT) | |
| user = User.objects.get(id=patch_data['uid']) | 93 | 88 | user = User.objects.get(id=patch_data['uid']) | |
| assert user.check_password(patch_data['new_password']) | 94 | 89 | assert user.check_password(patch_data['new_password']) | |
| 95 | 90 | |||
| 96 | 91 | |||
| class RegistrationTest(APITestCase): | 97 | 92 | class RegistrationTest(APITestCase): | |
| def test_create_account(self): | 98 | 93 | def test_create_account(self): | |
| url = '/api/users/me' | 99 | 94 | url = '/api/users/me' | |
| 100 | 95 | |||
| # missing password | 101 | 96 | # missing password | |
| data = {'email': 'none@none.com'} | 102 | 97 | data = {'email': 'none@none.com'} | |
| response = self.client.post(url, data, format='json') | 103 | 98 | response = self.client.post(url, data, format='json') | |
| self.assertContains(response, 'password', status_code=400) | 104 | 99 | self.assertContains(response, 'password', status_code=400) | |
| 105 | 100 | |||
| # missing email | 106 | 101 | # missing email | |
| data = {'password': '1234'} | 107 | 102 | data = {'password': '1234'} | |
| response = self.client.post(url, data, format='json') | 108 | 103 | response = self.client.post(url, data, format='json') | |
| self.assertContains(response, 'email', status_code=400) | 109 | 104 | self.assertContains(response, 'email', status_code=400) | |
| 110 | 105 | |||
| # create a user | 111 | 106 | # create a user | |
| data = {'email': 'none@none.com', 'password': '1234'} | 112 | 107 | data = {'email': 'none@none.com', 'password': '1234'} | |
| response = self.client.post(url, data, format='json') | 113 | 108 | response = self.client.post(url, data, format='json') | |
| self.assertEqual(response.status_code, HTTP_201_CREATED) | 114 | 109 | self.assertEqual(response.status_code, HTTP_201_CREATED) | |
| 115 | 110 | |||
| # user should not be confirmed | 116 | 111 | # user should not be confirmed | |
| user = User.objects.get(email="none@none.com") | 117 | 112 | user = User.objects.get(email="none@none.com") | |
| self.assertFalse(user.is_confirmed) | 118 | 113 | self.assertFalse(user.is_confirmed) | |
| 119 | 114 | |||
| # check that the confirmation key was sent | 120 | 115 | # check that the confirmation key was sent | |
| self.assertEqual(len(mail.outbox), 1) | 121 | 116 | self.assertEqual(len(mail.outbox), 1) | |
| self.assertIn(user.confirmation_key, mail.outbox[0].body) | 122 | 117 | self.assertIn(user.confirmation_key, mail.outbox[0].body) | |
| 123 | 118 | |||
| # log the user out | 124 | 119 | # log the user out | |
| self.client.logout() | 125 | 120 | self.client.logout() | |
| 126 | 121 | |||
| # log the user in with their registered credentials | 127 | 122 | # log the user in with their registered credentials | |
| self.client.login(email='none@none.com', password='1234') | 128 | 123 | self.client.login(email='none@none.com', password='1234') | |
| 129 | 124 | |||
| # try activating with an invalid key | 130 | 125 | # try activating with an invalid key | |
| response = self.client.patch(url, {'confirmation_key': 'NOT A KEY'}) | 131 | 126 | response = self.client.patch(url, {'confirmation_key': 'NOT A KEY'}) | |
| self.assertContains(response, 'confirmation_key is invalid', status_code=400) | 132 | 127 | self.assertContains(response, 'confirmation_key is invalid', status_code=400) | |
| 133 | 128 | |||
| # try activating with the valid key | 134 | 129 | # try activating with the valid key | |
| response = self.client.patch(url, {'confirmation_key': user.confirmation_key}) | 135 | 130 | response = self.client.patch(url, {'confirmation_key': user.confirmation_key}) | |
| self.assertTrue(response.data['is_confirmed']) | 136 | 131 | self.assertTrue(response.data['is_confirmed']) | |
| 137 | 132 | |||
| 138 | 133 | |||
| class ProfileViewTest(APITestCase): | 139 | 134 | class ProfileViewTest(APITestCase): | |
| def setUp(self): | 140 | 135 | def setUp(self): | |
| email = "profileviewtest@flashy.cards" | 141 | 136 | email = "profileviewtest@flashy.cards" | |
| User.objects.create_user(email=email, password="1234") | 142 | 137 | User.objects.create_user(email=email, password="1234") | |
| 143 | 138 | |||
| def test_get_me(self): | 144 | 139 | def test_get_me(self): | |
| url = '/api/users/me' | 145 | 140 | url = '/api/users/me' | |
| response = self.client.get(url, format='json') | 146 | 141 | response = self.client.get(url, format='json') | |
| # since we're not logged in, we shouldn't be able to see this | 147 | 142 | # since we're not logged in, we shouldn't be able to see this | |
| self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED) | 148 | 143 | self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED) | |
| 149 | 144 | |||
| self.client.login(email='profileviewtest@flashy.cards', password='1234') | 150 | 145 | self.client.login(email='profileviewtest@flashy.cards', password='1234') | |
| response = self.client.get(url, format='json') | 151 | 146 | response = self.client.get(url, format='json') | |
| self.assertEqual(response.status_code, HTTP_200_OK) | 152 | 147 | self.assertEqual(response.status_code, HTTP_200_OK) | |
| 153 | 148 | |||
| 154 | 149 | |||
| class PasswordChangeTest(APITestCase): | 155 | 150 | class PasswordChangeTest(APITestCase): | |
| def setUp(self): | 156 | 151 | def setUp(self): | |
| email = "none@none.com" | 157 | 152 | email = "none@none.com" | |
| User.objects.create_user(email=email, password="1234") | 158 | 153 | User.objects.create_user(email=email, password="1234") | |
| 159 | 154 | |||
| def test_change_password(self): | 160 | 155 | def test_change_password(self): | |
| url = '/api/users/me' | 161 | 156 | url = '/api/users/me' | |
| user = User.objects.get(email='none@none.com') | 162 | 157 | user = User.objects.get(email='none@none.com') | |
| self.assertTrue(user.check_password('1234')) | 163 | 158 | self.assertTrue(user.check_password('1234')) | |
| 164 | 159 | |||
| response = self.client.patch(url, {'new_password': '4321', 'old_password': '1234'}, format='json') | 165 | 160 | response = self.client.patch(url, {'new_password': '4321', 'old_password': '1234'}, format='json') | |
| self.assertContains(response, 'You must be logged in to change your password', status_code=403) | 166 | 161 | self.assertContains(response, 'You must be logged in to change your password', status_code=403) | |
| 167 | 162 | |||
| self.client.login(email='none@none.com', password='1234') | 168 | 163 | self.client.login(email='none@none.com', password='1234') | |
| response = self.client.patch(url, {'new_password': '4321'}, format='json') | 169 | 164 | response = self.client.patch(url, {'new_password': '4321'}, format='json') | |
| self.assertContains(response, 'old_password is required', status_code=400) | 170 | 165 | self.assertContains(response, 'old_password is required', status_code=400) | |
| 171 | 166 |