Test and fix status code and content of the login form on authentication error
authorSylvain Thénault <sylvain.thenault@logilab.fr>
Wed, 01 Jun 2016 17:27:29 +0200
changeset 11628 0f12ee84f30a
parent 11627 1526ae74ab69
child 11629 0459094d9728
Test and fix status code and content of the login form on authentication error The status code was 200 and is now fixed to 403, but the content part of the test will fail until cset 02328f8cbd5c is integrated in cubicweb.
pyramid_cubicweb/login.py
pyramid_cubicweb/tests/test_login.py
--- a/pyramid_cubicweb/login.py	Tue Jun 28 09:44:08 2016 +0200
+++ b/pyramid_cubicweb/login.py	Wed Jun 01 17:27:29 2016 +0200
@@ -51,6 +51,7 @@
             "Authentication failed. Please check your credentials."))
         request.cw_request.post = dict(request.params)
         del request.cw_request.post['__password']
+        request.response.status_code = 403
         return login_form(request)
 
     headers = security.remember(
--- a/pyramid_cubicweb/tests/test_login.py	Tue Jun 28 09:44:08 2016 +0200
+++ b/pyramid_cubicweb/tests/test_login.py	Wed Jun 01 17:27:29 2016 +0200
@@ -40,6 +40,11 @@
         self.assertIn('pauth_tkt', cookies)
         self.assertIsNotNone(cookies['pauth_tkt'].expires)
 
+    def test_login_bad_password(self):
+        res = self.webapp.post('/login', {
+            '__login': self.admlogin, '__password': 'empty'}, status=403)
+        self.assertIn('Authentication failed', res.text)
+
 
 if __name__ == '__main__':
     from unittest import main