Commit dbaa4eb522876d18139b4329077fa6c295fbe1ec
1 parent
38c977bc0b
Exists in
master
Finished writing tests for PasswordReset and UserLogout
Showing 1 changed file with 23 additions and 7 deletions Side-by-side Diff
flashcards/tests/test_api.py
View file @
dbaa4eb
| 1 | 1 | from django.core import mail |
| 2 | 2 | from flashcards.models import User |
| 3 | -from rest_framework.status import HTTP_201_CREATED, HTTP_200_OK, HTTP_401_UNAUTHORIZED | |
| 3 | +from rest_framework.status import HTTP_204_NO_CONTENT, HTTP_201_CREATED, HTTP_200_OK, HTTP_401_UNAUTHORIZED | |
| 4 | 4 | from rest_framework.test import APITestCase |
| 5 | 5 | from re import search |
| 6 | 6 | |
| 7 | 7 | |
| 8 | 8 | |
| 9 | 9 | |
| 10 | 10 | |
| 11 | 11 | |
| 12 | 12 | |
| 13 | 13 | |
| 14 | 14 | |
| ... | ... | @@ -41,32 +41,48 @@ |
| 41 | 41 | self.assertContains(response, 'Account is disabled', status_code=403) |
| 42 | 42 | |
| 43 | 43 | def test_logout(self): |
| 44 | - self.client.login(email='none@none.com', password='1234') | |
| 45 | - self.client.post('/api/logout') | |
| 44 | + url = '/api/login' | |
| 45 | + data = {'email': 'test@flashy.cards', 'password': '1234'} | |
| 46 | + response = self.client.post(url, data, format='json') | |
| 47 | + self.assertEqual(response.status_code, HTTP_200_OK) | |
| 46 | 48 | |
| 49 | + p = self.client.post('/api/logout') | |
| 50 | + self.assertEqual(p.status_code, HTTP_204_NO_CONTENT) | |
| 47 | 51 | response = self.client.get('/api/users/me', format='json') |
| 52 | + | |
| 48 | 53 | # since we're not logged in, we shouldn't be able to see this |
| 49 | 54 | self.assertEqual(response.status_code, HTTP_401_UNAUTHORIZED) |
| 50 | 55 | |
| 51 | 56 | class PasswordResetTest(APITestCase): |
| 52 | 57 | def setUp(self): |
| 58 | + # create a user to test things with | |
| 53 | 59 | email = "test@flashy.cards" |
| 54 | 60 | User.objects.create_user(email=email, password="12345") |
| 55 | 61 | |
| 56 | 62 | def test_reset_password(self): |
| 63 | + # submit the request to reset the password | |
| 57 | 64 | url = '/api/reset_password' |
| 58 | 65 | post_data = {'email': 'test@flashy.cards'} |
| 59 | - patch_data = {'new_password': '54321', | |
| 60 | - 'uid': '', 'token': ''} | |
| 61 | 66 | self.client.post(url, post_data, format='json') |
| 62 | 67 | self.assertEqual(len(mail.outbox), 1) |
| 63 | 68 | self.assertIn('reset your password', mail.outbox[0].body) |
| 64 | 69 | |
| 70 | + # capture the reset token from the email | |
| 65 | 71 | capture = search('https://flashy.cards/app/reset_password/(\d+)/(.*)', |
| 66 | 72 | mail.outbox[0].body) |
| 73 | + patch_data = {'new_password': '54321'} | |
| 67 | 74 | patch_data['uid'] = capture.group(1) |
| 68 | - patch_data['token'] = capture.group(2) | |
| 69 | - self.client.patch(url, patch_data, format='json') | |
| 75 | + reset_token = capture.group(2) | |
| 76 | + | |
| 77 | + # try to reset the password with the wrong reset token | |
| 78 | + patch_data['token'] = 'wrong_token' | |
| 79 | + response = self.client.patch(url, patch_data, format='json') | |
| 80 | + self.assertContains(response, 'Could not verify reset token', status_code=400) | |
| 81 | + | |
| 82 | + # try to reset the password with the correct token | |
| 83 | + patch_data['token'] = reset_token | |
| 84 | + response = self.client.patch(url, patch_data, format='json') | |
| 85 | + self.assertEqual(response.status_code, HTTP_204_NO_CONTENT) | |
| 70 | 86 | user = User.objects.get(id=patch_data['uid']) |
| 71 | 87 | assert user.check_password(patch_data['new_password']) |
| 72 | 88 |