Mercurial Mercurial > pub > hg > cubicweb / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
cubicweb/pyramid/test/test_login.py
author Sylvain Thénault <sylvain.thenault@logilab.fr>
Fri, 10 Mar 2017 18:04:25 +0100
changeset 12044 70bb46dfa87b
parent 11929 fcbd6b251d81
child 12088 477a59a45786
permissions -rw-r--r--
[repo] Drop repo.new_session method we should not go through Session to create Connection anymore. This is unofficial API, no backward compat for now.

from os.path import join
from shutil import rmtree

from cubicweb.pyramid.test import PyramidCWTest


class LoginTestLangUrlPrefix(PyramidCWTest):

    @classmethod
    def setUpClass(cls):
        super(LoginTestLangUrlPrefix, cls).setUpClass()
        cls.config.global_set_option('language-mode', 'url-prefix')

    def test_login_password_login_lang_prefix(self):
        res = self.webapp.post('/fr/login', {
            '__login': self.admlogin, '__password': self.admpassword})
        self.assertEqual(res.status_int, 303)

        res = self.webapp.get('/fr/login')
        self.assertEqual(res.status_int, 303)


class LoginTest(PyramidCWTest):

    def test_login_form(self):
        res = self.webapp.get('/login')
        self.assertIn('__login', res.text)

    def test_login_password_login(self):
        res = self.webapp.post('/login', {
            '__login': self.admlogin, '__password': self.admpassword})
        self.assertEqual(res.status_int, 303)

        res = self.webapp.get('/login')
        self.assertEqual(res.status_int, 303)

    def test_login_password_login_cookie_expires(self):
        res = self.webapp.post('/login', {
            '__login': self.admlogin, '__password': self.admpassword})
        self.assertEqual(res.status_int, 303)

        cookies = self.webapp.cookiejar._cookies['localhost.local']['/']
        self.assertNotIn('pauth_tkt', cookies)
        self.assertIn('auth_tkt', cookies)
        self.assertIsNone(cookies['auth_tkt'].expires)

        res = self.webapp.get('/logout')
        self.assertEqual(res.status_int, 303)

        self.assertNotIn('auth_tkt', cookies)
        self.assertNotIn('pauth_tkt', cookies)

        res = self.webapp.post('/login', {
            '__login': self.admlogin, '__password': self.admpassword,
            '__setauthcookie': 1})
        self.assertEqual(res.status_int, 303)

        cookies = self.webapp.cookiejar._cookies['localhost.local']['/']
        self.assertNotIn('auth_tkt', cookies)
        self.assertIn('pauth_tkt', cookies)
        self.assertIsNotNone(cookies['pauth_tkt'].expires)

    def test_login_bad_password(self):
        self.config.i18ncompile(['en', 'fr'])
        try:
            self.config._gettext_init()
            res = self.webapp.post(
                '/login',
                {'__login': self.admlogin, '__password': 'empty'},
                headers={'Accept-Language': 'fr'},
                status=403)
        finally:
            rmtree(join(self.config.apphome, 'i18n'))
        self.assertIn(u"\xc9chec de l'authentification", res.text)


if __name__ == '__main__':
    from unittest import main
    main()
cubicweb