1 # GNU MediaGoblin -- federated, autonomous media hosting
2 # Copyright (C) 2011, 2012 MediaGoblin contributors. See AUTHORS.
4 # This program is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU Affero General Public License as published by
6 # the Free Software Foundation, either version 3 of the License, or
7 # (at your option) any later version.
9 # This program is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU Affero General Public License for more details.
14 # You should have received a copy of the GNU Affero General Public License
15 # along with this program. If not, see <http://www.gnu.org/licenses/>.
20 from mediagoblin
import mg_globals
21 from mediagoblin
.auth
import lib
as auth_lib
22 from mediagoblin
.db
.models
import User
23 from mediagoblin
.tests
.tools
import fixture_add_user
24 from mediagoblin
.tools
import template
, mail
27 ########################
28 # Test bcrypt auth funcs
29 ########################
31 def test_bcrypt_check_password():
32 # Check known 'lollerskates' password against check function
33 assert auth_lib
.bcrypt_check_password(
35 '$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO')
37 assert not auth_lib
.bcrypt_check_password(
39 '$2a$12$PXU03zfrVCujBhVeICTwtOaHTUs5FFwsscvSSTJkqx/2RQ0Lhy/nO')
41 # Same thing, but with extra fake salt.
42 assert not auth_lib
.bcrypt_check_password(
44 '$2a$12$ELVlnw3z1FMu6CEGs/L8XO8vl0BuWSlUHgh0rUrry9DUXGMUNWwl6',
48 def test_bcrypt_gen_password_hash():
49 pw
= 'youwillneverguessthis'
51 # Normal password hash generation, and check on that hash
52 hashed_pw
= auth_lib
.bcrypt_gen_password_hash(pw
)
53 assert auth_lib
.bcrypt_check_password(
55 assert not auth_lib
.bcrypt_check_password(
56 'notthepassword', hashed_pw
)
58 # Same thing, extra salt.
59 hashed_pw
= auth_lib
.bcrypt_gen_password_hash(pw
, '3><7R45417')
60 assert auth_lib
.bcrypt_check_password(
61 pw
, hashed_pw
, '3><7R45417')
62 assert not auth_lib
.bcrypt_check_password(
63 'notthepassword', hashed_pw
, '3><7R45417')
66 def test_register_views(test_app
):
68 Massive test function that all our registration-related views all work.
70 # Test doing a simple GET on the page
71 # -----------------------------------
73 test_app
.get('/auth/register/')
74 # Make sure it rendered with the appropriate template
75 assert 'mediagoblin/auth/register.html' in template
.TEMPLATE_TEST_CONTEXT
77 # Try to register without providing anything, should error
78 # --------------------------------------------------------
80 template
.clear_test_template_context()
82 '/auth/register/', {})
83 context
= template
.TEMPLATE_TEST_CONTEXT
['mediagoblin/auth/register.html']
84 form
= context
['register_form']
85 assert form
.username
.errors
== [u
'This field is required.']
86 assert form
.password
.errors
== [u
'This field is required.']
87 assert form
.email
.errors
== [u
'This field is required.']
89 # Try to register with fields that are known to be invalid
90 # --------------------------------------------------------
93 template
.clear_test_template_context()
99 context
= template
.TEMPLATE_TEST_CONTEXT
['mediagoblin/auth/register.html']
100 form
= context
['register_form']
102 assert form
.username
.errors
== [u
'Field must be between 3 and 30 characters long.']
103 assert form
.password
.errors
== [u
'Field must be between 5 and 1024 characters long.']
106 template
.clear_test_template_context()
110 'email': 'lollerskates'})
111 context
= template
.TEMPLATE_TEST_CONTEXT
['mediagoblin/auth/register.html']
112 form
= context
['register_form']
114 assert form
.username
.errors
== [u
'This field does not take email addresses.']
115 assert form
.email
.errors
== [u
'This field requires an email address.']
117 ## At this point there should be no users in the database ;)
118 assert User
.query
.count() == 0
120 # Successful register
121 # -------------------
122 template
.clear_test_template_context()
123 response
= test_app
.post(
125 'username': u
'happygirl',
126 'password': 'iamsohappy',
127 'email': 'happygrrl@example.org'})
130 ## Did we redirect to the proper page? Use the right template?
131 assert urlparse
.urlsplit(response
.location
)[2] == '/u/happygirl/'
132 assert 'mediagoblin/user_pages/user.html' in template
.TEMPLATE_TEST_CONTEXT
134 ## Make sure user is in place
135 new_user
= mg_globals
.database
.User
.find_one(
136 {'username': u
'happygirl'})
138 assert new_user
.status
== u
'needs_email_verification'
139 assert new_user
.email_verified
== False
141 ## Make sure user is logged in
142 request
= template
.TEMPLATE_TEST_CONTEXT
[
143 'mediagoblin/user_pages/user.html']['request']
144 assert request
.session
['user_id'] == unicode(new_user
.id)
146 ## Make sure we get email confirmation, and try verifying
147 assert len(mail
.EMAIL_TEST_INBOX
) == 1
148 message
= mail
.EMAIL_TEST_INBOX
.pop()
149 assert message
['To'] == 'happygrrl@example.org'
150 email_context
= template
.TEMPLATE_TEST_CONTEXT
[
151 'mediagoblin/auth/verification_email.txt']
152 assert email_context
['verification_url'] in message
.get_payload(decode
=True)
154 path
= urlparse
.urlsplit(email_context
['verification_url'])[2]
155 get_params
= urlparse
.urlsplit(email_context
['verification_url'])[3]
156 assert path
== u
'/auth/verify_email/'
157 parsed_get_params
= urlparse
.parse_qs(get_params
)
159 ## Try verifying with bs verification key, shouldn't work
160 template
.clear_test_template_context()
161 response
= test_app
.get(
162 "/auth/verify_email/?token=total_bs")
166 assert urlparse
.urlsplit(response
.location
)[2] == '/'
168 # assert context['verification_successful'] == True
169 # TODO: Would be good to test messages here when we can do so...
170 new_user
= mg_globals
.database
.User
.find_one(
171 {'username': u
'happygirl'})
173 assert new_user
.status
== u
'needs_email_verification'
174 assert new_user
.email_verified
== False
176 ## Verify the email activation works
177 template
.clear_test_template_context()
178 response
= test_app
.get("%s?%s" % (path
, get_params
))
180 context
= template
.TEMPLATE_TEST_CONTEXT
[
181 'mediagoblin/user_pages/user.html']
182 # assert context['verification_successful'] == True
183 # TODO: Would be good to test messages here when we can do so...
184 new_user
= mg_globals
.database
.User
.find_one(
185 {'username': u
'happygirl'})
187 assert new_user
.status
== u
'active'
188 assert new_user
.email_verified
== True
192 ## We shouldn't be able to register with that user twice
193 template
.clear_test_template_context()
194 response
= test_app
.post(
196 'username': u
'happygirl',
197 'password': 'iamsohappy2',
198 'email': 'happygrrl2@example.org'})
200 context
= template
.TEMPLATE_TEST_CONTEXT
[
201 'mediagoblin/auth/register.html']
202 form
= context
['register_form']
203 assert form
.username
.errors
== [
204 u
'Sorry, a user with that name already exists.']
206 ## TODO: Also check for double instances of an email address?
208 ### Oops, forgot the password
209 # -------------------
210 template
.clear_test_template_context()
211 response
= test_app
.post(
212 '/auth/forgot_password/',
213 {'username': u
'happygirl'})
216 ## Did we redirect to the proper page? Use the right template?
217 assert urlparse
.urlsplit(response
.location
)[2] == '/auth/login/'
218 assert 'mediagoblin/auth/login.html' in template
.TEMPLATE_TEST_CONTEXT
220 ## Make sure link to change password is sent by email
221 assert len(mail
.EMAIL_TEST_INBOX
) == 1
222 message
= mail
.EMAIL_TEST_INBOX
.pop()
223 assert message
['To'] == 'happygrrl@example.org'
224 email_context
= template
.TEMPLATE_TEST_CONTEXT
[
225 'mediagoblin/auth/fp_verification_email.txt']
226 #TODO - change the name of verification_url to something forgot-password-ish
227 assert email_context
['verification_url'] in message
.get_payload(decode
=True)
229 path
= urlparse
.urlsplit(email_context
['verification_url'])[2]
230 get_params
= urlparse
.urlsplit(email_context
['verification_url'])[3]
231 parsed_get_params
= urlparse
.parse_qs(get_params
)
232 assert path
== u
'/auth/forgot_password/verify/'
234 ## Try using a bs password-changing verification key, shouldn't work
235 template
.clear_test_template_context()
236 response
= test_app
.get(
237 "/auth/forgot_password/verify/?token=total_bs")
241 assert urlparse
.urlsplit(response
.location
)[2] == '/'
243 ## Verify step 1 of password-change works -- can see form to change password
244 template
.clear_test_template_context()
245 response
= test_app
.get("%s?%s" % (path
, get_params
))
246 assert 'mediagoblin/auth/change_fp.html' in template
.TEMPLATE_TEST_CONTEXT
248 ## Verify step 2.1 of password-change works -- report success to user
249 template
.clear_test_template_context()
250 response
= test_app
.post(
251 '/auth/forgot_password/verify/', {
252 'password': 'iamveryveryhappy',
253 'token': parsed_get_params
['token']})
255 assert 'mediagoblin/auth/login.html' in template
.TEMPLATE_TEST_CONTEXT
257 ## Verify step 2.2 of password-change works -- login w/ new password success
258 template
.clear_test_template_context()
259 response
= test_app
.post(
261 'username': u
'happygirl',
262 'password': 'iamveryveryhappy'})
264 # User should be redirected
266 assert urlparse
.urlsplit(response
.location
)[2] == '/'
267 assert 'mediagoblin/root.html' in template
.TEMPLATE_TEST_CONTEXT
270 def test_authentication_views(test_app
):
272 Test logging in and logging out
275 test_user
= fixture_add_user(active_user
=False)
279 test_app
.get('/auth/login/')
280 assert 'mediagoblin/auth/login.html' in template
.TEMPLATE_TEST_CONTEXT
282 # Failed login - blank form
283 # -------------------------
284 template
.clear_test_template_context()
285 response
= test_app
.post('/auth/login/')
286 context
= template
.TEMPLATE_TEST_CONTEXT
['mediagoblin/auth/login.html']
287 form
= context
['login_form']
288 assert form
.username
.errors
== [u
'This field is required.']
289 assert form
.password
.errors
== [u
'This field is required.']
291 # Failed login - blank user
292 # -------------------------
293 template
.clear_test_template_context()
294 response
= test_app
.post(
296 'password': u
'toast'})
297 context
= template
.TEMPLATE_TEST_CONTEXT
['mediagoblin/auth/login.html']
298 form
= context
['login_form']
299 assert form
.username
.errors
== [u
'This field is required.']
301 # Failed login - blank password
302 # -----------------------------
303 template
.clear_test_template_context()
304 response
= test_app
.post(
306 'username': u
'chris'})
307 context
= template
.TEMPLATE_TEST_CONTEXT
['mediagoblin/auth/login.html']
308 form
= context
['login_form']
309 assert form
.password
.errors
== [u
'This field is required.']
311 # Failed login - bad user
312 # -----------------------
313 template
.clear_test_template_context()
314 response
= test_app
.post(
316 'username': u
'steve',
317 'password': 'toast'})
318 context
= template
.TEMPLATE_TEST_CONTEXT
['mediagoblin/auth/login.html']
319 assert context
['login_failed']
321 # Failed login - bad password
322 # ---------------------------
323 template
.clear_test_template_context()
324 response
= test_app
.post(
326 'username': u
'chris',
327 'password': 'jam_and_ham'})
328 context
= template
.TEMPLATE_TEST_CONTEXT
['mediagoblin/auth/login.html']
329 assert context
['login_failed']
333 template
.clear_test_template_context()
334 response
= test_app
.post(
336 'username': u
'chris',
337 'password': 'toast'})
339 # User should be redirected
341 assert urlparse
.urlsplit(response
.location
)[2] == '/'
342 assert 'mediagoblin/root.html' in template
.TEMPLATE_TEST_CONTEXT
344 # Make sure user is in the session
345 context
= template
.TEMPLATE_TEST_CONTEXT
['mediagoblin/root.html']
346 session
= context
['request'].session
347 assert session
['user_id'] == unicode(test_user
.id)
351 template
.clear_test_template_context()
352 response
= test_app
.get('/auth/logout/')
354 # Should be redirected to index page
356 assert urlparse
.urlsplit(response
.location
)[2] == '/'
357 assert 'mediagoblin/root.html' in template
.TEMPLATE_TEST_CONTEXT
359 # Make sure the user is not in the session
360 context
= template
.TEMPLATE_TEST_CONTEXT
['mediagoblin/root.html']
361 session
= context
['request'].session
362 assert 'user_id' not in session
364 # User is redirected to custom URL if POST['next'] is set
365 # -------------------------------------------------------
366 template
.clear_test_template_context()
367 response
= test_app
.post(
369 'username': u
'chris',
371 'next' : '/u/chris/'})
372 assert urlparse
.urlsplit(response
.location
)[2] == '/u/chris/'