implement auth

2021-06-27 14:25:44 +02:00
parent 5113f6995e
commit 78c539c30a
7 changed files with 82 additions and 74 deletions
--- a/ki/test/test_profile_endpoint.py
+++ b/ki/test/test_profile_endpoint.py
@ -1,38 +1,31 @@
-from alembic import command
 import unittest
 import json

-from app import app, db, migrate
-from ki.actions import seed
+from app import app
 from ki.models import User
+from ki.test.ApiTest import ApiTest


-class TestProfileEndpoint(unittest.TestCase):
+class TestProfileEndpoint(ApiTest):
    maxDiff = None

-    def setUp(self):
-        app.debug = True
-        app.config["TESTING"] = True
-        app.config["SQLALCHEMY_DATABASE_URI"] = "sqlite:///:memory:"
-        self.client = app.test_client()
-
-        with app.app_context():
-            config = migrate.get_config()
-            command.upgrade(config, "head")
-
-        seed(True)
-
-    def tearDown(self):
-        db.drop_all()
-        db.engine.dispose()
-
-    def test_update_profile(self):
-        login_data = {"username": "peter", "password": "geheim"}
+    def test_update_profile_unauthorised(self):
+        login_data = {"username": "klaus", "password": "jutta"}
        login_response = self.client.post("/users/login", data=json.dumps(login_data), content_type="application/json")

        self.assertEqual(login_response.status_code, 200)
        self.assertIn("token", login_response.json)

+        response = self.client.post("/users/1/profile",
+                                    data=json.dumps({}),
+                                    content_type="application/json",
+                                    headers={"Authorization": "Bearer " + login_response.json["token"]})
+
+        self.assertEqual(response.status_code, 403)
+
+    def test_update_profile(self):
+        token = self.login("peter", "geheim")["token"]
+
        data = {
            "pronouns": "Monsieur",
            "volunteerwork": "ja",
@ -90,7 +83,7 @@ class TestProfileEndpoint(unittest.TestCase):
        response = self.client.post("/users/1/profile",
                                    data=json.dumps(data),
                                    content_type="application/json",
-                                    headers={"Authorization": "Bearer " + login_response.json["token"]})
+                                    headers={"Authorization": "Bearer " + token})

        self.assertEqual(response.status_code, 200)
        with app.app_context():