lundberg/porchlight
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

test: update all tests to include CSRF tokens

Browse source
This commit is contained in:
Johan Lundberg 2026-02-19 14:19:47 +01:00
parent 9e5773f52f
commit f648422227
No known key found for this signature in database
GPG key ID: A6C152738D03C7D1
12 changed files with 105 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

13
tests/conftest.py
View file

@ -1,3 +1,4 @@
import re
from collections.abc import AsyncIterator
import pytest
@ -18,3 +19,15 @@ async def client(settings: Settings) -> AsyncIterator[AsyncClient]:
transport = ASGITransport(app=app)
async with app.router.lifespan_context(app), AsyncClient(transport=transport, base_url=settings.issuer) as ac:
yield ac
async def get_csrf_token(client: AsyncClient) -> str:
"""Get a CSRF token by visiting the login page.
Returns the token string. The session cookie is automatically stored
in the client's cookie jar (httpx.AsyncClient persists cookies).
"""
resp = await client.get("/login")
match = re.search(r'name="csrf-token" content="([^"]+)"', resp.text)
assert match, "CSRF meta tag not found in page"
return match.group(1)