nielsperetzke
/
healthchecks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 32 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
999 Commits
2 Branches
15 MiB
Tree: 8390ff12c9
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '8390ff12c9'
${ noResults }
healthchecks/hc/accounts/tests/test_login.py

107 lines
3.8 KiB
Raw Normal View History

Use BaseTestCase in test_login, less repetition
6 years ago
Tests for hc.accounts
9 years ago
Rate limiting for the "Log In" emails
6 years ago
Use BaseTestCase in test_login, less repetition
6 years ago
Tests for hc.accounts
9 years ago
_associate_demo_check was crashing for returning users after cleaning up old checks.
8 years ago
Use BaseTestCase in test_login, less repetition
6 years ago
"My Projects" page.
6 years ago
Tests for hc.accounts
9 years ago
Login form: rename the email box to "identity" to avoid some auto-signup bots
6 years ago
Tests for hc.accounts
9 years ago
Fix after-login redirects for users landing in the "Add Slack" page
6 years ago
Tests for hc.accounts
9 years ago
Separate sign up and login forms.
6 years ago
Tests for hc.accounts
9 years ago
_associate_demo_check was crashing for returning users after cleaning up old checks.
8 years ago
Tests for hc.accounts
9 years ago
Fix after-login redirects for users landing in the "Add Slack" page
6 years ago
Rate limiting for the "Log In" emails
6 years ago
Rate limit login-with-password attempts.
6 years ago
Rate limiting for the "Log In" emails
6 years ago
check token redirect to login on bad token
9 years ago
_associate_demo_check was crashing for returning users after cleaning up old checks.
8 years ago
Login form: rename the email box to "identity" to avoid some auto-signup bots
6 years ago
Add test for case insensitive email addresses.
7 years ago
Fix after-login redirects for users landing in the "Add Slack" page
6 years ago
Add test for case insensitive email addresses.
7 years ago
Use BaseTestCase in test_login, less repetition
6 years ago
Separate sign up and login forms.
6 years ago
Source formatted with Black
6 years ago
Separate sign up and login forms.
6 years ago
If user has a single project, _redirect_after_login redirects to it.
6 years ago
"My Projects" page.
6 years ago
Fix after-login redirects for users landing in the "Add Slack" page
6 years ago
Rate limit login-with-password attempts.
6 years ago
Source formatted with Black
6 years ago
Rate limit login-with-password attempts.
6 years ago
Fix after-login redirects for users landing in the "Add Slack" page
6 years ago
Drop Check.user_id and Channel.user_id (obsolete, using project_id now)
6 years ago
Fix after-login redirects to "Check Details" and other pages.
6 years ago
Source formatted with Black
6 years ago
Fix after-login redirects for users landing in the "Add Slack" page
6 years ago
Source formatted with Black
6 years ago
Fix after-login redirects to "Check Details" and other pages.
6 years ago
Fix after-login redirects for users landing in the "Add Slack" page
6 years ago
Source formatted with Black
6 years ago
Fix after-login redirects for users landing in the "Add Slack" page
6 years ago
If user has a single project, _redirect_after_login redirects to it.
6 years ago
"My Projects" page.
6 years ago
Separate sign up and login forms.
6 years ago
Source formatted with Black
6 years ago
Separate sign up and login forms.
6 years ago
 
  1. from django.conf import settings
  2. from django.core import mail
  3. from django.test.utils import override_settings
  4. from hc.api.models import Check, TokenBucket
  5. from hc.test import BaseTestCase
  6. 

  7. 

  8. class LoginTestCase(BaseTestCase):
  9.     def setUp(self):
  10.         super(LoginTestCase, self).setUp()
  11.         self.checks_url = "/projects/%s/checks/" % self.project.code
  12. 

  13.     def test_it_sends_link(self):
  14.         form = {"identity": "[email protected]"}
  15. 

  16.         r = self.client.post("/accounts/login/", form)
  17.         self.assertRedirects(r, "/accounts/login_link_sent/")
  18. 

  19.         # And email should have been sent
  20.         self.assertEqual(len(mail.outbox), 1)
  21.         subject = "Log in to %s" % settings.SITE_NAME
  22.         self.assertEqual(mail.outbox[0].subject, subject)
  23. 

  24.     def test_it_sends_link_with_next(self):
  25.         form = {"identity": "[email protected]"}
  26. 

  27.         r = self.client.post("/accounts/login/?next=/integrations/add_slack/", form)
  28.         self.assertRedirects(r, "/accounts/login_link_sent/")
  29. 

  30.         # The check_token link should have a ?next= query parameter:
  31.         self.assertEqual(len(mail.outbox), 1)
  32.         body = mail.outbox[0].body
  33.         self.assertTrue("/?next=/integrations/add_slack/" in body)
  34. 

  35.     @override_settings(SECRET_KEY="test-secret")
  36.     def test_it_rate_limits_emails(self):
  37.         # "d60d..." is sha1("[email protected]")
  38.         obj = TokenBucket(value="em-d60db3b2343e713a4de3e92d4eb417e4f05f06ab")
  39.         obj.tokens = 0
  40.         obj.save()
  41. 

  42.         form = {"identity": "[email protected]"}
  43. 

  44.         r = self.client.post("/accounts/login/", form)
  45.         self.assertContains(r, "Too many attempts")
  46. 

  47.         # No email should have been sent
  48.         self.assertEqual(len(mail.outbox), 0)
  49. 

  50.     def test_it_pops_bad_link_from_session(self):
  51.         self.client.session["bad_link"] = True
  52.         self.client.get("/accounts/login/")
  53.         assert "bad_link" not in self.client.session
  54. 

  55.     def test_it_ignores_case(self):
  56.         form = {"identity": "[email protected]"}
  57. 

  58.         r = self.client.post("/accounts/login/", form)
  59.         self.assertRedirects(r, "/accounts/login_link_sent/")
  60. 

  61.         self.profile.refresh_from_db()
  62.         self.assertIn("login", self.profile.token)
  63. 

  64.     def test_it_handles_password(self):
  65.         form = {"action": "login", "email": "[email protected]", "password": "password"}
  66. 

  67.         r = self.client.post("/accounts/login/", form)
  68.         self.assertRedirects(r, self.checks_url)
  69. 

  70.     @override_settings(SECRET_KEY="test-secret")
  71.     def test_it_rate_limits_password_attempts(self):
  72.         # "d60d..." is sha1("[email protected]")
  73.         obj = TokenBucket(value="pw-d60db3b2343e713a4de3e92d4eb417e4f05f06ab")
  74.         obj.tokens = 0
  75.         obj.save()
  76. 

  77.         form = {"action": "login", "email": "[email protected]", "password": "password"}
  78. 

  79.         r = self.client.post("/accounts/login/", form)
  80.         self.assertContains(r, "Too many attempts")
  81. 

  82.     def test_it_handles_password_login_with_redirect(self):
  83.         check = Check.objects.create(project=self.project)
  84. 

  85.         form = {"action": "login", "email": "[email protected]", "password": "password"}
  86. 

  87.         samples = ["/integrations/add_slack/", "/checks/%s/details/" % check.code]
  88. 

  89.         for s in samples:
  90.             r = self.client.post("/accounts/login/?next=%s" % s, form)
  91.             self.assertRedirects(r, s)
  92. 

  93.     def test_it_handles_bad_next_parameter(self):
  94.         form = {"action": "login", "email": "[email protected]", "password": "password"}
  95. 

  96.         r = self.client.post("/accounts/login/?next=/evil/", form)
  97.         self.assertRedirects(r, self.checks_url)
  98. 

  99.     def test_it_handles_wrong_password(self):
  100.         form = {
  101.             "action": "login",
  102.             "email": "[email protected]",
  103.             "password": "wrong password",
  104.         }
  105. 

  106.         r = self.client.post("/accounts/login/", form)
  107.         self.assertContains(r, "Incorrect email or password")