diff --git a/tests/__init__.py b/tests/__init__.py index 09bbf93..13b34c9 100644 --- a/tests/__init__.py +++ b/tests/__init__.py @@ -32,9 +32,9 @@ class SecurityTest(TestCase): data = dict(email=email, password=password, password_confirm=password) return self.client.post('/register', data=data, follow_redirects=True) - def authenticate(self, email="matt@lp.com", password="password", endpoint=None): - data = dict(email=email, password=password) - return self._post(endpoint or '/auth', data=data) + def authenticate(self, email="matt@lp.com", password="password", endpoint=None, **kwargs): + data = dict(email=email, password=password, remember='y') + return self._post(endpoint or '/auth', data=data, **kwargs) def json_authenticate(self, email="matt@lp.com", password="password", endpoint=None): data = """ diff --git a/tests/functional_tests.py b/tests/functional_tests.py index f0c0b62..cba617a 100644 --- a/tests/functional_tests.py +++ b/tests/functional_tests.py @@ -12,11 +12,19 @@ except ImportError: from flask.ext.security.utils import capture_registrations, \ capture_reset_password_requests +from werkzeug.utils import parse_cookie from example import app from tests import SecurityTest +def get_cookies(rv): + cookies = {} + for value in rv.headers.get_all("Set-Cookie"): + cookies.update(parse_cookie(value)) + return cookies + + class DefaultSecurityTests(SecurityTest): def test_login_view(self): @@ -153,6 +161,22 @@ class DefaultSecurityTests(SecurityTest): self.assertIn('WWW-Authenticate', r.headers) self.assertEquals('Basic realm="My Realm"', r.headers['WWW-Authenticate']) + def test_user_deleted_during_session_reverts_to_anonymous_user(self): + self.authenticate() + + with self.app.test_request_context('/'): + user = self.app.security.datastore.find_user(email='matt@lp.com') + self.app.security.datastore.delete_user(user) + + r = self._get('/') + self.assertNotIn('Hello matt@lp.com', r.data) + + def test_remember_token(self): + r = self.authenticate(follow_redirects=False) + self.client.cookie_jar.clear_session_cookies() + r = self._get('/profile') + self.assertIn('profile', r.data) + class ConfiguredSecurityTests(SecurityTest):