added unit tests for lost password code

2011-09-05 17:33:01 -05:00 · 2011-09-05 17:33:01 -05:00 · 65a8304794
commit 65a8304794
parent 8d1c9863b6
1 changed files with 76 additions and 0 deletions
--- a/mediagoblin/tests/test_auth.py
+++ b/mediagoblin/tests/test_auth.py
@ -15,6 +15,7 @@
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.

 import urlparse
+import datetime

 from nose.tools import assert_equal

@ -237,6 +238,81 @@ def test_register_views(test_app):

    ## TODO: Also check for double instances of an email address?

+    ### Oops, forgot the password
+    # -------------------
+    util.clear_test_template_context()
+    response = test_app.post('/auth/forgotpass/', {'username': 'happygirl'})
+    response.follow()
+
+    ## Did we redirect to the proper page?  Use the right template?
+    assert_equal(
+        urlparse.urlsplit(response.location)[2],
+        '/auth/fp_email_sent/')
+    assert util.TEMPLATE_TEST_CONTEXT.has_key(
+        'mediagoblin/auth/fp_email_sent.html')
+
+    ## Make sure link to change password is sent by email
+    assert len(util.EMAIL_TEST_INBOX) == 1
+    message = util.EMAIL_TEST_INBOX.pop()
+    assert message['To'] == 'happygrrl@example.org'
+    email_context = util.TEMPLATE_TEST_CONTEXT[
+        'mediagoblin/auth/fp_verification_email.txt']
+    #TODO - change the name of verification_url to something forgot-password-ish
+    assert email_context['verification_url'] in message.get_payload(decode=True)
+
+    path = urlparse.urlsplit(email_context['verification_url'])[2]
+    get_params = urlparse.urlsplit(email_context['verification_url'])[3]
+    assert path == u'/auth/verifyforgotpass/'
+    parsed_get_params = urlparse.parse_qs(get_params)
+
+    # user should have matching parameters
+    new_user = mg_globals.database.User.find_one({'username': 'happygirl'})
+    assert parsed_get_params['userid'] == [unicode(new_user['_id'])]
+    assert parsed_get_params['token'] == [new_user['fp_verification_key']]
+
+    ### The forgotten password token should be set to expire in ~ 10 days
+    # A few ticks have expired so there are only 9 full days left...
+    assert (new_user['fp_token_expire'] - datetime.datetime.now()).days == 9
+
+    ## Try using a bs password-changing verification key, shouldn't work
+    util.clear_test_template_context()
+    response = test_app.get(
+        "/auth/verifyforgotpass/?userid=%s&token=total_bs" % unicode(
+            new_user['_id']), status=400)
+    assert response.status == '400 Bad Request'
+
+    ## Verify step 1 of password-change works -- can see form to change password
+    util.clear_test_template_context()
+    response = test_app.get("%s?%s" % (path, get_params))
+    assert util.TEMPLATE_TEST_CONTEXT.has_key('mediagoblin/auth/change_fp.html')
+
+    ## Verify step 2.1 of password-change works -- report success to user
+    util.clear_test_template_context()
+    response = test_app.post(
+        '/auth/verifyforgotpass/', {
+            'userid': parsed_get_params['userid'],
+            'password': 'iamveryveryhappy',
+            'confirm_password': 'iamveryveryhappy',
+            'token': parsed_get_params['token']})
+    response.follow()
+    assert util.TEMPLATE_TEST_CONTEXT.has_key(
+                                     'mediagoblin/auth/fp_changed_success.html')
+
+    ## Verify step 2.2 of password-change works -- login w/ new password success
+    util.clear_test_template_context()
+    response = test_app.post(
+        '/auth/login/', {
+            'username': u'happygirl',
+            'password': 'iamveryveryhappy'})
+
+    # User should be redirected
+    response.follow()
+    assert_equal(
+        urlparse.urlsplit(response.location)[2],
+        '/')
+    assert util.TEMPLATE_TEST_CONTEXT.has_key(
+        'mediagoblin/root.html')
+

@setup_fresh_app
 def test_authentication_views(test_app):