allucanget/contact.allucanget.biz
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v1
Some checks failed
CI / test (3.11) (push) Failing after 5m36s
Details
CI / build-image (push) Has been skipped
Details

Browse Source
This commit is contained in:
zwitschi
2025-10-22 16:48:55 +02:00
commit 4cefd4e3ab
53 changed files with 5837 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
tests/test_auth.py Normal file
View File

@@ -0,0 +1,69 @@
"""Tests for authentication functionality."""
import pytest
from server.app import app
@pytest.fixture
def client():
with app.test_client() as client:
yield client
@pytest.fixture(autouse=True)
def setup_admin_creds(monkeypatch):
monkeypatch.setattr("server.settings.ADMIN_USERNAME", "admin")
monkeypatch.setattr("server.settings.ADMIN_PASSWORD", "admin")
def test_login_page_get(client):
"""Test login page renders."""
resp = client.get("/auth/login")
assert resp.status_code == 200
assert b"Admin Login" in resp.data
def test_login_success(client):
"""Test successful login."""
resp = client.post(
"/auth/login", data={"username": "admin", "password": "admin"})
assert resp.status_code == 302 # Redirect to admin dashboard
assert resp.headers["Location"] == "/admin/"
# Check session
with client.session_transaction() as sess:
assert sess["logged_in"] is True
def test_login_failure(client):
"""Test failed login."""
resp = client.post(
"/auth/login", data={"username": "wrong", "password": "wrong"})
assert resp.status_code == 200
assert b"Invalid credentials" in resp.data
# Check session not set
with client.session_transaction() as sess:
assert "logged_in" not in sess
def test_logout(client):
"""Test logout."""
# First login
client.post("/auth/login", data={"username": "admin", "password": "admin"})
# Then logout
resp = client.get("/auth/logout")
assert resp.status_code == 302
assert resp.headers["Location"] == "/auth/login"
# Check session cleared
with client.session_transaction() as sess:
assert "logged_in" not in sess
def test_protected_route_without_login(client):
"""Test accessing protected route without login redirects to login."""
resp = client.get("/admin/settings")
assert resp.status_code == 302
assert resp.headers["Location"] == "/auth/login"