52 lines
1.8 KiB
Python
52 lines
1.8 KiB
Python
|
|
"""Tests for authentication endpoints."""
|
||
|
|
|
||
|
|
import pytest
|
||
|
|
|
||
|
|
|
||
|
|
@pytest.mark.asyncio
|
||
|
|
class TestAuth:
|
||
|
|
async def test_login_page(self, client):
|
||
|
|
resp = await client.get("/login")
|
||
|
|
assert resp.status_code == 200
|
||
|
|
assert "text/html" in resp.headers["content-type"]
|
||
|
|
|
||
|
|
async def test_login_success(self, client, admin_user):
|
||
|
|
resp = await client.post("/api/login", json={
|
||
|
|
"username": "admin",
|
||
|
|
"password": "admin123",
|
||
|
|
})
|
||
|
|
assert resp.status_code == 200
|
||
|
|
data = resp.json()
|
||
|
|
assert data["ok"] is True
|
||
|
|
assert "token" in resp.cookies
|
||
|
|
|
||
|
|
async def test_login_wrong_password(self, client, admin_user):
|
||
|
|
resp = await client.post("/api/login", json={
|
||
|
|
"username": "admin",
|
||
|
|
"password": "forkert",
|
||
|
|
})
|
||
|
|
assert resp.status_code == 401
|
||
|
|
|
||
|
|
async def test_login_unknown_user(self, client):
|
||
|
|
resp = await client.post("/api/login", json={
|
||
|
|
"username": "findes_ikke",
|
||
|
|
"password": "test123",
|
||
|
|
})
|
||
|
|
assert resp.status_code == 401
|
||
|
|
|
||
|
|
async def test_logout(self, client, admin_token):
|
||
|
|
client.cookies.set("token", admin_token)
|
||
|
|
resp = await client.post("/api/logout")
|
||
|
|
assert resp.status_code == 200
|
||
|
|
# Cookie should be deleted
|
||
|
|
set_cookie = resp.headers.get("set-cookie", "")
|
||
|
|
assert "token=;" in set_cookie or "Max-Age=0" in set_cookie
|
||
|
|
|
||
|
|
async def test_index_redirect_when_not_logged_in(self, client):
|
||
|
|
resp = await client.get("/", follow_redirects=False)
|
||
|
|
assert resp.status_code == 303 # Redirect to /login
|
||
|
|
|
||
|
|
async def test_index_when_logged_in(self, client, admin_token):
|
||
|
|
client.cookies.set("token", admin_token)
|
||
|
|
resp = await client.get("/")
|
||
|
|
assert resp.status_code == 200
|