-
Notifications
You must be signed in to change notification settings - Fork 38
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
1 changed file
with
144 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,144 @@ | ||
| # | ||
|
|
||
|
|
||
| """Authentication tests.""" | ||
|
|
||
|
|
||
| import os | ||
|
|
||
| import pytest | ||
|
|
||
| import mxcube3 | ||
| import mxcubecore | ||
|
|
||
| LOGIN_INFO_URL = "/mxcube/api/v0.1/login/login_info" | ||
| LOGIN_SIGNIN_URL = "/mxcube/api/v0.1/login/" | ||
| SIGN_OUT_URL = "/mxcube/api/v0.1/login/signout" | ||
|
|
||
| CREDENTIALS_0 = {"proposal": "idtest0", "password": "sUpErSaFe"} | ||
| # Password has to be `wrong` to simulate wrong password in `ISPyBClientMockup` | ||
| CREDENTIALS_0_WRONG = {"proposal": "idtest0", "password": "wrong"} | ||
| CREDENTIALS_1 = {"proposal": "idtest1", "password": "sUpErSaFe"} | ||
|
|
||
| USER_DB_PATH = "/tmp/mxcube-test-user.db" | ||
|
|
||
|
|
||
| @pytest.fixture | ||
| def test_server(): | ||
| try: | ||
| os.remove(USER_DB_PATH) | ||
| except FileNotFoundError: | ||
| pass | ||
|
|
||
| mxcubecore.HardwareRepository.uninit_hardware_repository() | ||
| server, _ = mxcube3.build_server_and_config(test=True, argv=[]) | ||
| server.flask.config["TESTING"] = True | ||
|
|
||
| yield server | ||
|
|
||
| try: | ||
| os.remove(USER_DB_PATH) | ||
| except FileNotFoundError: | ||
| pass | ||
|
|
||
|
|
||
| @pytest.fixture | ||
| def test_client(): | ||
| def _test_client(server): | ||
| test_client = server.flask.test_client() | ||
| return test_client | ||
|
|
||
| return _test_client | ||
|
|
||
|
|
||
| def test_login_signin_good_credentials(test_server, test_client): | ||
| client = test_client(test_server) | ||
|
|
||
| resp = client.post(LOGIN_SIGNIN_URL, json=CREDENTIALS_0) | ||
| assert resp.status_code == 200 | ||
| assert resp.json["code"] == "ok" | ||
| assert resp.json["msg"] == "Successful login" | ||
|
|
||
|
|
||
| def test_login_signin_wrong_credentials(test_server, test_client): | ||
| client = test_client(test_server) | ||
|
|
||
| resp = client.post(LOGIN_SIGNIN_URL, json=CREDENTIALS_0_WRONG) | ||
| print(f"********* {resp.status_code=} {resp.json=}") | ||
| assert resp.status_code == 200 | ||
| assert "code" not in resp.json | ||
| assert resp.json["msg"] == "Could not authenticate" | ||
|
|
||
|
|
||
| def test_login_signout(test_server, test_client): | ||
| client = test_client(test_server) | ||
|
|
||
| resp = client.post(LOGIN_SIGNIN_URL, json=CREDENTIALS_0) | ||
| assert resp.json["code"] == "ok" | ||
|
|
||
| resp = client.get(SIGN_OUT_URL) | ||
| assert resp.status_code == 302 | ||
| assert resp.headers["Location"] == "/login" | ||
|
|
||
|
|
||
| def test_login_info(test_server, test_client): | ||
| """Test login info. | ||
| The login info should have `loggedIn` false before authentication | ||
| and true after successful authentication. | ||
| """ | ||
| client = test_client(test_server) | ||
|
|
||
| resp = client.get(LOGIN_INFO_URL) | ||
| assert resp.status_code == 200 | ||
| assert resp.json["loggedIn"] == False | ||
|
|
||
| client.post(LOGIN_SIGNIN_URL, json=CREDENTIALS_0) | ||
|
|
||
| resp = client.get(LOGIN_INFO_URL) | ||
| assert resp.status_code == 200 | ||
| assert resp.json["loggedIn"] == True | ||
| assert resp.json["loginType"] == "Proposal" | ||
| assert resp.json["user"]["inControl"] == True | ||
|
|
||
|
|
||
| def test_login_same_proposal(test_server, test_client): | ||
| """Test two users for the same proposal. | ||
| If a user signs in for the same proposal as another user already signed in, | ||
| this user should not be "in control". | ||
| """ | ||
|
|
||
| client_0 = test_client(test_server) | ||
| resp = client_0.post(LOGIN_SIGNIN_URL, json=CREDENTIALS_0) | ||
| assert resp.json["code"] == "ok" | ||
| resp = client_0.get(LOGIN_INFO_URL) | ||
| assert resp.json["user"]["inControl"] == True | ||
|
|
||
| client_1 = test_client(test_server) | ||
| resp = client_1.post(LOGIN_SIGNIN_URL, json=CREDENTIALS_0) | ||
| assert resp.json["code"] == "ok" | ||
| resp = client_1.get(LOGIN_INFO_URL) | ||
| assert resp.json["user"]["inControl"] == False | ||
|
|
||
|
|
||
| def test_login_different_proposal(test_server, test_client): | ||
| """Test two users for different proposals. | ||
| If a user signs in for a different proposal than an already signed in user, | ||
| this user should not be allowed to sign in. | ||
| """ | ||
|
|
||
| client_0 = test_client(test_server) | ||
| resp = client_0.post(LOGIN_SIGNIN_URL, json=CREDENTIALS_0) | ||
| assert resp.json["code"] == "ok" | ||
| resp = client_0.get(LOGIN_INFO_URL) | ||
| assert resp.json["user"]["inControl"] == True | ||
|
|
||
| client_1 = test_client(test_server) | ||
| resp = client_1.post(LOGIN_SIGNIN_URL, json=CREDENTIALS_1) | ||
| assert resp.status_code == 200 | ||
| assert resp.json["msg"] == "Could not authenticate" | ||
|
|
||
|
|
||
| # EOF |