Test and fix status code and content of the login form on authentication error
The status code was 200 and is now fixed to 403, but the content part of the
test will fail until cset 02328f8cbd5c is integrated in cubicweb.
--- a/pyramid_cubicweb/login.py Tue Jun 28 09:44:08 2016 +0200
+++ b/pyramid_cubicweb/login.py Wed Jun 01 17:27:29 2016 +0200
@@ -51,6 +51,7 @@
"Authentication failed. Please check your credentials."))
request.cw_request.post = dict(request.params)
del request.cw_request.post['__password']
+ request.response.status_code = 403
return login_form(request)
headers = security.remember(
--- a/pyramid_cubicweb/tests/test_login.py Tue Jun 28 09:44:08 2016 +0200
+++ b/pyramid_cubicweb/tests/test_login.py Wed Jun 01 17:27:29 2016 +0200
@@ -40,6 +40,11 @@
self.assertIn('pauth_tkt', cookies)
self.assertIsNotNone(cookies['pauth_tkt'].expires)
+ def test_login_bad_password(self):
+ res = self.webapp.post('/login', {
+ '__login': self.admlogin, '__password': 'empty'}, status=403)
+ self.assertIn('Authentication failed', res.text)
+
if __name__ == '__main__':
from unittest import main