lundberg/porchlight
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
porchlight/tests/test_auth_routes/test_manage_credentials_page.py

56 lines
2 KiB
Python
Raw Blame History

from datetime import UTC, datetime
from argon2 import PasswordHasher
from httpx import AsyncClient
from porchlight.authn.password import PasswordService
from porchlight.models import PasswordCredential, User
from tests.conftest import get_csrf_token
async def _login(client: AsyncClient, username: str = "alice", password: str = "testpass") -> None:
"""Helper: create user + password credential and log in via POST /login/password."""
app = client._transport.app # type: ignore[union-attr]
user_repo = app.state.user_repo
cred_repo = app.state.credential_repo
user = await user_repo.get_by_username(username)
if user is None:
user = User(
userid="lusab-bansen", username=username, created_at=datetime.now(UTC), updated_at=datetime.now(UTC)
)
await user_repo.create(user)
svc = PasswordService(hasher=PasswordHasher(time_cost=1, memory_cost=8192))
existing = await cred_repo.get_password_by_user(user.userid)
if existing is None:
await cred_repo.create_password(PasswordCredential(user_id=user.userid, password_hash=svc.hash(password)))
token = await get_csrf_token(client)
await client.post(
"/login/password",
data={"username": username, "password": password},
headers={"HX-Request": "true", "X-CSRF-Token": token},
)
async def test_manage_credentials_requires_login(client: AsyncClient) -> None:
res = await client.get("/manage/credentials", follow_redirects=False)
assert res.status_code in (302, 303)
assert res.headers["location"] == "/login"
async def test_manage_credentials_renders_for_logged_in_user(client: AsyncClient) -> None:
await _login(client)
res = await client.get("/manage/credentials")
assert res.status_code == 200
assert "Credentials" in res.text
async def test_manage_credentials_shows_setup_banner(client: AsyncClient) -> None:
await _login(client)
res = await client.get("/manage/credentials?setup=1")
assert res.status_code == 200
assert "Welcome" in res.text or "setup" in res.text.lower()
Reference in a new issue View git blame Copy permalink