Docker/mealie
Docker/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-08-01 19:45:22 +02:00
Code Issues Releases Activity
mealie/tests/integration_tests/user_tests/test_user_login.py
Hayden 9e77a9f367
prs-fleshgolem-2070: feat: sqlalchemy 2.0 (#2096) 
* upgrade sqlalchemy to 2.0

* rewrite all db models to sqla 2.0 mapping api

* fix some importing and typing weirdness

* fix types of a lot of nullable columns

* remove get_ref methods

* fix issues found by tests

* rewrite all queries in repository_recipe to 2.0 style

* rewrite all repository queries to 2.0 api

* rewrite all remaining queries to 2.0 api

* remove now-unneeded __allow_unmapped__ flag

* remove and fix some unneeded cases of "# type: ignore"

* fix formatting

* bump black version

* run black

* can this please be the last one. okay. just. okay.

* fix repository errors

* remove return

* drop open API validator

---------

Co-authored-by: Sören Busch <fleshgolem@gmx.net>
2023-02-06 18:43:12 -09:00

59 lines
2.2 KiB
Python
Raw Blame History

import json
from fastapi.testclient import TestClient
from mealie.core.config import get_app_settings
from mealie.repos.repository_factory import AllRepositories
from mealie.services.user_services.user_service import UserService
from tests.utils import api_routes
from tests.utils.fixture_schemas import TestUser
def test_failed_login(api_client: TestClient):
settings = get_app_settings()
form_data = {"username": settings.DEFAULT_EMAIL, "password": "WRONG_PASSWORD"}
response = api_client.post(api_routes.auth_token, data=form_data)
assert response.status_code == 401
def test_superuser_login(api_client: TestClient, admin_token):
settings = get_app_settings()
form_data = {"username": settings.DEFAULT_EMAIL, "password": settings.DEFAULT_PASSWORD}
response = api_client.post(api_routes.auth_token, data=form_data)
assert response.status_code == 200
response = api_client.get(api_routes.users_self, headers=admin_token)
assert response.status_code == 200
def test_user_token_refresh(api_client: TestClient, admin_user: TestUser):
response = api_client.post(api_routes.auth_refresh, headers=admin_user.token)
response = api_client.get(api_routes.users_self, headers=admin_user.token)
assert response.status_code == 200
def test_user_lockout_after_bad_attemps(api_client: TestClient, unique_user: TestUser, database: AllRepositories):
"""
if the user has more than 5 bad login attempts the user will be locked out for 4 hours
This only applies if there is a user in the database with the same username
"""
settings = get_app_settings()
for _ in range(settings.SECURITY_MAX_LOGIN_ATTEMPTS):
form_data = {"username": unique_user.email, "password": "bad_password"}
response = api_client.post(api_routes.auth_token, data=form_data)
assert response.status_code == 401
valid_data = {"username": unique_user.email, "password": unique_user.password}
response = api_client.post(api_routes.auth_token, data=valid_data)
assert response.status_code == 423
# Cleanup
user_service = UserService(database)
user = database.users.get_one(unique_user.user_id)
user_service.unlock_user(user)
View git blame Copy permalink