aiohttp-security/tests/test_cookies_identity.py

93 lines
2.8 KiB
Python
Raw Normal View History

2015-07-08 17:30:24 +00:00
from aiohttp import web
from aiohttp_security import (remember, forget,
2015-07-08 17:30:24 +00:00
AbstractAuthorizationPolicy)
from aiohttp_security import setup as _setup
2015-07-08 17:30:24 +00:00
from aiohttp_security.cookies_identity import CookiesIdentityPolicy
from aiohttp_security.api import IDENTITY_KEY
class Autz(AbstractAuthorizationPolicy):
2017-12-13 14:51:46 +00:00
async def permits(self, identity, permission, context=None):
2015-07-08 17:30:24 +00:00
pass
2017-12-13 14:51:46 +00:00
async def authorized_userid(self, identity):
2015-07-08 17:30:24 +00:00
pass
2017-12-13 14:51:46 +00:00
async def test_remember(loop, test_client):
2015-07-08 17:30:24 +00:00
2017-12-13 14:51:46 +00:00
async def handler(request):
response = web.Response()
2017-12-13 14:51:46 +00:00
await remember(request, response, 'Andrew')
return response
2016-09-27 14:57:11 +00:00
app = web.Application(loop=loop)
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/', handler)
2017-12-13 14:51:46 +00:00
client = await test_client(app)
resp = await client.get('/')
assert 200 == resp.status
assert 'Andrew' == resp.cookies['AIOHTTP_SECURITY'].value
2017-12-13 14:51:46 +00:00
async def test_identify(loop, test_client):
2017-12-13 14:51:46 +00:00
async def create(request):
response = web.Response()
2017-12-13 14:51:46 +00:00
await remember(request, response, 'Andrew')
return response
2015-07-08 17:30:24 +00:00
2017-12-13 14:51:46 +00:00
async def check(request):
policy = request.app[IDENTITY_KEY]
2017-12-13 14:51:46 +00:00
user_id = await policy.identify(request)
assert 'Andrew' == user_id
return web.Response()
2016-09-27 14:57:11 +00:00
app = web.Application(loop=loop)
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/', check)
app.router.add_route('POST', '/', create)
2017-12-13 14:51:46 +00:00
client = await test_client(app)
resp = await client.post('/')
assert 200 == resp.status
2017-12-13 14:51:46 +00:00
await resp.release()
resp = await client.get('/')
assert 200 == resp.status
2017-12-13 14:51:46 +00:00
async def test_forget(loop, test_client):
2015-07-08 17:30:24 +00:00
2017-12-13 14:51:46 +00:00
async def index(request):
return web.Response()
2017-12-13 14:51:46 +00:00
async def login(request):
response = web.HTTPFound(location='/')
2017-12-13 14:51:46 +00:00
await remember(request, response, 'Andrew')
return response
2015-07-08 17:30:24 +00:00
2017-12-13 14:51:46 +00:00
async def logout(request):
response = web.HTTPFound(location='/')
2017-12-13 14:51:46 +00:00
await forget(request, response)
return response
2016-09-27 14:57:11 +00:00
app = web.Application(loop=loop)
_setup(app, CookiesIdentityPolicy(), Autz())
app.router.add_route('GET', '/', index)
app.router.add_route('POST', '/login', login)
app.router.add_route('POST', '/logout', logout)
2017-12-13 14:51:46 +00:00
client = await test_client(app)
resp = await client.post('/login')
assert 200 == resp.status
2017-03-21 22:10:14 +00:00
assert str(resp.url).endswith('/')
2016-09-27 14:57:11 +00:00
cookies = client.session.cookie_jar.filter_cookies(
client.make_url('/'))
assert 'Andrew' == cookies['AIOHTTP_SECURITY'].value
2017-12-13 14:51:46 +00:00
resp = await client.post('/logout')
assert 200 == resp.status
2017-03-21 22:10:14 +00:00
assert str(resp.url).endswith('/')
2016-09-27 14:57:11 +00:00
cookies = client.session.cookie_jar.filter_cookies(
client.make_url('/'))
assert 'AIOHTTP_SECURITY' not in cookies