# -*- coding: utf-8 -*- from django.apps import apps from django.contrib.auth import get_user_model from django.core import mail as django_mail from django.shortcuts import resolve_url from django.test import TestCase from django.utils.translation import gettext from django.urls import reverse from ..forms import LoginForm, SetPasswordForm, CreateAndSendPasswordForm TEST_USERNAME = 'root@localhost' TEST_PASSWORD = 'me||ön 21ABll' TEST_EMAIL = TEST_USERNAME class ViewsTestCase(TestCase): @classmethod def setUpClass(cls): super(ViewsTestCase, cls).setUpClass() cls.app_settings = apps.get_containing_app_config(__package__).settings # Some locations cls.login_url = reverse('dav_auth:login') cls.login_redirect_url = resolve_url(cls.app_settings.login_redirect_url) cls.logout_url = reverse('dav_auth:logout') cls.logout_redirect_url = resolve_url(cls.app_settings.logout_redirect_url) cls.set_password_url = reverse('dav_auth:set_password') cls.recreate_password_url = reverse('dav_auth:recreate_password') # Some messages cls.wrong_credentials_message = gettext('Benutzername oder Passwort falsch.') cls.logout_message = gettext('Benutzer abgemeldet.') cls.set_password_message = gettext('Passwort gespeichert.') def setUp(self): super().setUp() # Need a test user self.test_username = TEST_USERNAME self.test_password = TEST_PASSWORD model = get_user_model() self.user = model.objects.create_user(username=TEST_USERNAME, password=TEST_PASSWORD, email=TEST_EMAIL) def test_integrated_login_get(self): response = self.client.get(self.login_url) self.assertEqual(response.status_code, 200) self.assertTemplateUsed(response, 'dav_auth/forms/login.html') self.assertIn('form', response.context) self.assertIsInstance(response.context['form'], LoginForm) field = response.context['form'].fields['username'] self.assertTrue(field.required) field = response.context['form'].fields['password'] self.assertTrue(field.required) def test_integrated_login_inactive_user(self): user = self.user user.is_active = False user.save() response = self.client.post(self.login_url, {'username': self.test_username, 'password': self.test_password}) self.assertEqual(response.status_code, 200) self.assertFormError(response.context['form'], None, self.wrong_credentials_message) self.assertFalse(response.context['user'].is_authenticated, 'User is logged in') def test_integrated_login_fail_with_wrong_credentials(self): wrong_password = self.test_password[::-1] response = self.client.post(self.login_url, {'username': self.test_username, 'password': wrong_password}) self.assertEqual(response.status_code, 200) self.assertFormError(response.context['form'],None, self.wrong_credentials_message) self.assertFalse(response.context['user'].is_authenticated, 'User is logged in') def test_integrated_login_succeed(self): username = self.user.username message = gettext('Benutzer angemeldet: %(username)s') % {'username': username} response = self.client.post(self.login_url, {'username': username, 'password': self.test_password}) self.assertEqual(response.status_code, 302) self.assertEqual(response.url, self.login_redirect_url) response = self.client.get(response.url) self.assertContains(response, message) self.assertTrue(response.context['user'].is_authenticated, 'Login failed') def test_integrated_logout(self): self.client.login(username=self.test_username, password=self.test_password) response = self.client.post(self.logout_url) self.assertEqual(response.status_code, 302) self.assertEqual(response.url, self.logout_redirect_url) response = self.client.get(response.url) self.assertContains(response, self.logout_message) self.assertFalse(response.context['user'].is_authenticated, 'Logout failed') def test_integrated_set_password_unauth_get_redirect_to_login(self): location = self.set_password_url redirect_to = '%s?next=%s' % (self.login_url, location) response = self.client.get(location) self.assertRedirects(response, redirect_to) def test_integrated_set_password_unauth_post_redirect_to_login(self): location = self.set_password_url redirect_to = '%s?next=%s' % (self.login_url, location) changed_password = self.test_password[::-1] response = self.client.post(location, {'new_password': changed_password, 'new_password_repeat': changed_password}) self.assertRedirects(response, redirect_to) def test_integrated_set_password_get(self): location = self.set_password_url username = self.test_username password = self.test_password self.client.login(username=username, password=password) response = self.client.get(location) self.assertEqual(response.status_code, 200) self.assertTemplateUsed(response, 'dav_auth/forms/set_password.html') self.assertIn('form', response.context) self.assertIsInstance(response.context['form'], SetPasswordForm) def test_integrated_set_password_post(self): location = self.set_password_url username = self.test_username password = self.test_password new_password = password * 8 self.client.login(username=username, password=password) response = self.client.post(location, {'new_password': new_password, 'new_password_repeat': new_password}) self.assertEqual(response.status_code, 302) self.assertEqual(response.url, self.login_redirect_url) self.assertEqual(len(django_mail.outbox), 0) response = self.client.get(response.url) self.assertContains(response, self.set_password_message) self.client.logout() self.assertFalse(self.client.login(username=username, password=password), 'Old password still valid') self.assertTrue(self.client.login(username=username, password=new_password), 'New password not valid') # TODO # maybe we should test also: # - new password does no match new password repeat # - new password is not suitable def test_integrated_set_password_with_mail(self): location = self.set_password_url username = self.test_username password = self.test_password new_password = password * 8 self.client.login(username=username, password=password) response = self.client.post(location, {'new_password': new_password, 'new_password_repeat': new_password, 'send_password_mail': True}) self.assertEqual(len(django_mail.outbox), 1) mail = django_mail.outbox[0] recipient = '"%s" <%s>' % (self.user.get_full_name(), self.user.email) recipients = mail.recipients() self.assertIn(recipient, recipients) self.assertEqual(len(recipients), 1) self.assertIn(new_password, mail.body) response = self.client.get(response.url) self.assertContains(response, self.set_password_message) self.client.logout() self.assertFalse(self.client.login(username=username, password=password), 'Old password still valid') self.assertTrue(self.client.login(username=username, password=new_password), 'New password not valid') def test_recreate_password_integrated_unauth_get(self): response = self.client.get(self.recreate_password_url) self.assertEqual(response.status_code, 200) self.assertTemplateUsed(response, 'dav_auth/forms/recreate_password.html') self.assertIn('form', response.context) self.assertIsInstance(response.context['form'], CreateAndSendPasswordForm) field = response.context['form'].fields['username'] self.assertTrue(field.required) def test_recreate_password_integrated_auth_get(self): self.client.login(username=self.test_username, password=self.test_password) response = self.client.get(self.recreate_password_url) self.assertRedirects(response, self.set_password_url) def test_recreate_password_integrated_post(self): location = self.recreate_password_url response = self.client.post(location, {'username': self.user.username}) self.assertRedirects(response, self.login_url) self.assertEqual(len(django_mail.outbox), 1) mail = django_mail.outbox[0] recipient = '"%s" <%s>' % (self.user.get_full_name(), self.user.email) recipients = mail.recipients() self.assertIn(recipient, recipients) self.assertEqual(len(recipients), 1) response = self.client.get(location) self.assertFalse(response.context['user'].is_authenticated, 'User is logged in') self.assertFalse(self.client.login(username=self.test_username, password=self.test_password), 'Old password still valid')