2022-09-16 21:50:55 +02:00
|
|
|
from fastapi.testclient import TestClient
|
|
|
|
|
|
|
|
VALID_USERNAME = 'lilian'
|
|
|
|
VALID_PASSWORD = 'Test12345'
|
|
|
|
|
|
|
|
def test_register(client: TestClient, username = VALID_USERNAME):
|
|
|
|
r = client.post('/register', data={"username": username, 'password': VALID_PASSWORD, 'password_confirm': VALID_PASSWORD})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 200
|
|
|
|
assert 'access_token' in data
|
|
|
|
assert 'refresh_token' in data
|
|
|
|
return {'access': data['access_token'], 'refresh': data['refresh_token']}
|
|
|
|
|
|
|
|
def test_register_username_too_long(client: TestClient):
|
|
|
|
r = client.post('/register', data={"username": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
|
|
|
|
'password':VALID_PASSWORD, 'password_confirm':VALID_PASSWORD})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 422
|
|
|
|
assert data['detail']['username_error'] == 'ensure this value has at most 20 characters'
|
|
|
|
|
|
|
|
def test_register_mdp_not_corresponding(client: TestClient):
|
|
|
|
r = client.post('/register', data={"username": VALID_USERNAME,
|
|
|
|
'password': "Test12345", 'password_confirm': 'Test1234'})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 422
|
|
|
|
assert data['detail']['password_confirm_error'] == 'Les mots de passe ne correspondent pas'
|
|
|
|
|
|
|
|
def test_register_mdp_missing_number(client: TestClient):
|
|
|
|
r = client.post('/register', data={"username": "lilian",
|
|
|
|
'password': "Testttttt", 'password_confirm': 'Testttttt'})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 422
|
|
|
|
assert data['detail']['password_error'] == 'Le mot de passe doit contenir au moins un chiffre'
|
|
|
|
|
|
|
|
def test_register_mdp_missing_maj(client: TestClient):
|
|
|
|
r = client.post('/register', data={"username":VALID_USERNAME,
|
|
|
|
'password': "testttttt1", 'password_confirm': 'testttttt1'})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 422
|
|
|
|
assert data['detail']['password_error'] == 'Le mot de passe doit contenir au moins une majuscule'
|
|
|
|
|
|
|
|
def test_register_mdp_too_short(client: TestClient):
|
|
|
|
r = client.post('/register', data={"username": VALID_USERNAME,
|
|
|
|
'password': "t", 'password_confirm': 't'})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 422
|
|
|
|
assert data['detail'][
|
|
|
|
'password_error'] == 'Le mot de passe est trop court (8 caractères minimum)'
|
|
|
|
|
|
|
|
|
|
|
|
def test_register_username_indisponible(client: TestClient):
|
|
|
|
r = client.post('/register', data={"username": VALID_USERNAME,
|
|
|
|
'password':VALID_PASSWORD, 'password_confirm':VALID_PASSWORD})
|
|
|
|
rr = client.post('/register', data={"username": VALID_USERNAME,
|
|
|
|
'password':VALID_PASSWORD, 'password_confirm':VALID_PASSWORD})
|
|
|
|
data = rr.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert rr.status_code == 400
|
|
|
|
assert data['detail'][
|
|
|
|
'username_error'] == "Nom d'utilisateur indisponible"
|
|
|
|
|
|
|
|
def test_login(client: TestClient):
|
|
|
|
test_register(client)
|
|
|
|
|
|
|
|
r = client.post('/login', data={"username": VALID_USERNAME, 'password': VALID_PASSWORD})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 200
|
|
|
|
assert 'access_token' in data
|
|
|
|
assert 'refresh_token' in data
|
|
|
|
return data['refresh_token']
|
|
|
|
|
|
|
|
def test_login_invalid_password(client: TestClient):
|
|
|
|
test_register(client)
|
|
|
|
|
|
|
|
r = client.post('/login', data={"username": VALID_USERNAME, 'password': 'Test1234'})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 401
|
|
|
|
assert data['detail'][
|
|
|
|
'password_error'] == "Mot de passe invalide"
|
|
|
|
|
|
|
|
def test_login_user_not_found(client: TestClient):
|
|
|
|
r = client.post('/login', data={"username": VALID_USERNAME, 'password': VALID_PASSWORD})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 401
|
|
|
|
assert data['detail'][
|
|
|
|
'username_error'] == "Utilisateur introuvable"
|
|
|
|
|
|
|
|
|
|
|
|
def test_check_token(client: TestClient):
|
|
|
|
token = test_register(client)['access']
|
|
|
|
|
|
|
|
r = client.post(
|
|
|
|
'/check-access', headers={'Authorization': 'Bearer ' + token})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 200
|
|
|
|
assert data['username'] == 'lilian'
|
|
|
|
|
|
|
|
def test_refresh(client: TestClient):
|
|
|
|
refresh = test_login(client)
|
|
|
|
|
|
|
|
r = client.post(
|
|
|
|
'/refresh', headers={'Authorization': 'Bearer ' + refresh})
|
|
|
|
data = r.json()
|
|
|
|
assert r.status_code == 200
|
|
|
|
assert 'access_token' in data
|
|
|
|
|
|
|
|
#TODO : token invalid
|
|
|
|
|
|
|
|
def test_update_user(client: TestClient):
|
|
|
|
token = test_register(client)['access']
|
|
|
|
|
|
|
|
r = client.put(
|
|
|
|
'/user', headers={'Authorization': 'Bearer ' + token}, data= {'username': 'lilian2', 'email': 'example@example.com', 'firstname': 'test', 'name': "test"})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 200
|
|
|
|
assert data['username'] == 'lilian2'
|
|
|
|
assert data['email'] == 'example@example.com'
|
|
|
|
assert data['firstname'] == 'test'
|
|
|
|
assert data['name'] == 'test'
|
|
|
|
|
|
|
|
def test_update_user_invalid(client: TestClient):
|
|
|
|
token = test_register(client)['access']
|
|
|
|
|
|
|
|
r = client.put(
|
|
|
|
'/user', headers={'Authorization': 'Bearer ' + token}, data={'username': 'lilian222222222222222', 'email': 'example@example.com', 'firstname': 'test', 'name': "test"})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 422
|
|
|
|
assert data['detail']['username_error'] == 'ensure this value has at most 20 characters'
|
|
|
|
|
|
|
|
def test_update_username_missing(client: TestClient):
|
|
|
|
token = test_register(client)['access']
|
|
|
|
|
|
|
|
r = client.put(
|
|
|
|
'/user', headers={'Authorization': 'Bearer ' + token}, data={ 'email': 'example@example.com', 'firstname': 'test', 'name': "test"})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 422
|
|
|
|
assert data['detail']['username_error'] == 'field required'
|
|
|
|
def test_update_username_missing(client: TestClient):
|
|
|
|
|
|
|
|
r = client.put(
|
|
|
|
'/user', data={ 'email': 'example@example.com', 'firstname': 'test', 'name': "test"})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 401
|
|
|
|
assert data['detail'] == 'Not authenticated'
|
|
|
|
|
|
|
|
|
|
|
|
#TODO invalid jwt
|
|
|
|
|
|
|
|
#Validation for delete user request work as same as login request so no need to test it
|
|
|
|
def test_delete_user(client: TestClient):
|
|
|
|
test_register(client)
|
|
|
|
|
|
|
|
r = client.delete(
|
|
|
|
'/user', data={'username': VALID_USERNAME, 'password': VALID_PASSWORD})
|
|
|
|
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 200
|
|
|
|
assert data['ok'] == True
|
|
|
|
|
|
|
|
|
|
|
|
def test_delete_invalid_password(client: TestClient):
|
|
|
|
test_register(client)
|
|
|
|
|
|
|
|
r = client.delete(
|
|
|
|
'/user', data={"username": VALID_USERNAME, 'password': 'Test1234'})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 401
|
|
|
|
assert data['detail'][
|
|
|
|
'password_error'] == "Mot de passe invalide"
|
|
|
|
|
|
|
|
|
|
|
|
def test_delete_user_not_found(client: TestClient):
|
|
|
|
r = client.delete(
|
|
|
|
'/user', data={"username": VALID_USERNAME, 'password': VALID_PASSWORD})
|
|
|
|
data = r.json()
|
2023-02-28 10:21:08 +01:00
|
|
|
|
2022-09-16 21:50:55 +02:00
|
|
|
assert r.status_code == 401
|
|
|
|
assert data['detail'][
|
|
|
|
'username_error'] == "Utilisateur introuvable"
|
|
|
|
|
|
|
|
|
|
|
|
def test_update_password(client: TestClient):
|
|
|
|
tokens = test_register(client)
|
|
|
|
token = tokens['access']
|
|
|
|
|
|
|
|
new_password = "12345Test"
|
|
|
|
r = client.put(
|
|
|
|
'/user/password', data={'password': new_password, 'password_confirm': new_password, 'old_password': VALID_PASSWORD}, headers={'Authorization': 'Bearer ' + token})
|
|
|
|
|
|
|
|
data = r.json()
|
|
|
|
assert r.status_code == 200
|
|
|
|
assert 'access_token' in data
|
|
|
|
assert 'refresh_token' in data
|
|
|
|
|
|
|
|
new_token = data['access_token']
|
|
|
|
|
|
|
|
check_access = client.post('/check-access', headers = {'Authorization': 'Bearer ' + token})
|
|
|
|
assert check_access.json() == False
|
|
|
|
|
|
|
|
check_access = client.post(
|
|
|
|
'/check-access', headers={'Authorization': 'Bearer ' + new_token})
|
|
|
|
|
|
|
|
assert check_access.json()['username'] == VALID_USERNAME
|
|
|
|
|
|
|
|
log = client.post("/login", data={'username': VALID_USERNAME, 'password': new_password})
|
|
|
|
data = log.json()
|
|
|
|
assert log.status_code == 200
|
|
|
|
assert 'access_token' in data
|
|
|
|
assert 'refresh_token' in data
|
|
|
|
|
|
|
|
log = client.post("/login", data={'username': VALID_USERNAME, 'password': VALID_PASSWORD})
|
|
|
|
data = log.json()
|
|
|
|
assert log.status_code == 401
|
|
|
|
|
|
|
|
|
|
|
|
def test_logout(client: TestClient):
|
|
|
|
tokens = test_register(client)
|
|
|
|
token = tokens['access']
|
|
|
|
|
|
|
|
r = client.post('/logout', headers={'Authorization': 'Bearer ' + token})
|
|
|
|
data = r.json()
|
|
|
|
|
|
|
|
assert r.status_code == 200
|
|
|
|
assert data['ok'] == True
|
|
|
|
|
|
|
|
check_access = client.post(
|
|
|
|
'/check-access', headers={'Authorization': 'Bearer ' + token})
|
|
|
|
assert check_access.json() == False
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|