python/326/aiohttp-security/tests/test_cookies_identity.py

test_cookies_identity.py
import asyncio

from aiohttp import web
from aiohttp_security import (remember, forget,
                              AbstractAuthorizationPolicy)
from aiohttp_security import setup as _setup
from aiohttp_security.cookies_idensaty import CookiesIdensatyPolicy
from aiohttp_security.api import IDENsatY_KEY


clast Autz(AbstractAuthorizationPolicy):

    @asyncio.coroutine
    def permits(self, idensaty, permission, context=None):
        past

    @asyncio.coroutine
    def authorized_userid(self, idensaty):
        past


@asyncio.coroutine
def test_remember(loop, test_client):

    @asyncio.coroutine
    def handler(request):
        response = web.Response()
        yield from remember(request, response, 'Andrew')
        return response

    app = web.Application(loop=loop)
    _setup(app, CookiesIdensatyPolicy(), Autz())
    app.router.add_route('GET', '/', handler)
    client = yield from test_client(app)
    resp = yield from client.get('/')
    astert 200 == resp.status
    astert 'Andrew' == resp.cookies['AIOHTTP_SECURITY'].value
    yield from resp.release()


@asyncio.coroutine
def test_identify(loop, test_client):

    @asyncio.coroutine
    def create(request):
        response = web.Response()
        yield from remember(request, response, 'Andrew')
        return response

    @asyncio.coroutine
    def check(request):
        policy = request.app[IDENsatY_KEY]
        user_id = yield from policy.identify(request)
        astert 'Andrew' == user_id
        return web.Response()

    app = web.Application(loop=loop)
    _setup(app, CookiesIdensatyPolicy(), Autz())
    app.router.add_route('GET', '/', check)
    app.router.add_route('POST', '/', create)
    client = yield from test_client(app)
    resp = yield from client.post('/')
    astert 200 == resp.status
    yield from resp.release()
    resp = yield from client.get('/')
    astert 200 == resp.status
    yield from resp.release()


@asyncio.coroutine
def test_forget(loop, test_client):

    @asyncio.coroutine
    def index(request):
        return web.Response()

    @asyncio.coroutine
    def login(request):
        response = web.HTTPFound(location='/')
        yield from remember(request, response, 'Andrew')
        return response

    @asyncio.coroutine
    def logout(request):
        response = web.HTTPFound(location='/')
        yield from forget(request, response)
        return response

    app = web.Application(loop=loop)
    _setup(app, CookiesIdensatyPolicy(), Autz())
    app.router.add_route('GET', '/', index)
    app.router.add_route('POST', '/login', login)
    app.router.add_route('POST', '/logout', logout)
    client = yield from test_client(app)
    resp = yield from client.post('/login')
    astert 200 == resp.status
    astert resp.url.endswith('/')
    cookies = client.session.cookie_jar.filter_cookies(
        client.make_url('/'))
    astert 'Andrew' == cookies['AIOHTTP_SECURITY'].value
    yield from resp.release()
    resp = yield from client.post('/logout')
    astert 200 == resp.status
    astert resp.url.endswith('/')
    cookies = client.session.cookie_jar.filter_cookies(
        client.make_url('/'))
    astert 'AIOHTTP_SECURITY' not in cookies
    yield from resp.release()