我对注册/登录/注销端点进行了测试,当我注册用户、注销并尝试以注册用户身份登录时它失败了。由于某种原因,端点current_user.is_authenticated在注销后仍然为真。
端点代码:
from flask import Blueprint, Response, request, current_app
from flask_security.core import current_user
from flask_security.utils import logout_user, login_user, verify_password
from flask_api import status
from core.database.user_models import User, USER_DATASTORE
from utils.responses import SUCCESS, BAD_REQUEST, NOT_FOUND
ACCOUNT_BP = Blueprint("account", __name__)
EMAIL_IS_REGISTERED = Response("Email Is Registered", status=status.HTTP_401_UNAUTHORIZED)
USER_INACTIVE = Response("User Is Inactive", status=status.HTTP_403_FORBIDDEN)
WRONG_CREDENTIALS = Response("Wrong Credentials", status=status.HTTP_401_UNAUTHORIZED)
@ACCOUNT_BP.route("/register", methods=['POST'])
def register_endpoint() -> Response:
"""
# TODO: Fill this docstring.
"""
if current_user.is_authenticated:
return NOT_FOUND
if "email" in request.form and "password" in request.form:
if USER_DATASTORE.create_new_user(request.form["email"], request.form["password"]):
user = User.find_by_email(request.form["email"])
login_user(user, remember=True)
return SUCCESS
return EMAIL_IS_REGISTERED
return BAD_REQUEST
@ACCOUNT_BP.route("/signin", methods=['POST'])
def signin_endpoint() -> Response:
"""
# TODO: Fill this docstring.
"""
if current_user.is_authenticated: # IT SHOULD BE False
return NOT_FOUND
if "email" in request.form and "password" in request.form:
user = User.find_by_email(request.form["email"])
if user and verify_password(request.form["password"], user.password):
if user.active:
login_user(user, remember=True)
return SUCCESS
return USER_INACTIVE
return WRONG_CREDENTIALS
return BAD_REQUEST
@ACCOUNT_BP.route("/logout")
def logout_endpoint() -> Response:
if current_user.is_authenticated:
logout_user()
return SUCCESS
return NOT_FOUND
测试代码:
import unittest
from flask import Response
from flask.testing import FlaskClient
from flask_security.core import current_user
from main import SERVER
def register(client: FlaskClient, email: str, password: str) -> Response:
"""Fast method for using ``/account/register`` endpoint"""
form_data = 'email=' + email +'&password=' + password
return client.post('/account/register', data=form_data, content_type='application/x-www-form-urlencoded')
def signin(client: FlaskClient, email: str, password: str) -> Response:
"""Fast method for using ``/account/signin`` endpoint"""
form_data = 'email=' + email +'&password=' + password
return client.post('/account/signin', data=form_data, content_type='application/x-www-form-urlencoded')
def logout(client: FlaskClient) -> Response:
"""Fast method for using ``/account/logout`` endpoint"""
return client.get('/account/logout')
class UsersAccountTestCase(unittest.TestCase):
"""
# TODO: Fill this docstring.
"""
__REGISTER_SUCCESS_EMAIL = 'success@example.com'
__RANDOM_PASSWORD = 'RandomPassword'
def test_register_success(self):
"""
# TODO: Fill this docstring.
"""
with SERVER.test_client() as client:
register_result = register(client, self.__REGISTER_SUCCESS_EMAIL, self.__RANDOM_PASSWORD)
self.assertEqual(register_result.status_code, 200)
self.assertEqual(register_result.get_data(as_text=True), "Success")
self.assertTrue(current_user.is_authenticated)
self.assertEqual(current_user.email, self.__REGISTER_SUCCESS_EMAIL)
logout_result = logout(client)
self.assertEqual(logout_result.status_code, 200)
self.assertEqual(logout_result.get_data(as_text=True), "Success")
self.assertFalse(current_user.is_authenticated) # THIS PASSES!
check_result = signin(client, self.__REGISTER_SUCCESS_EMAIL, self.__RANDOM_PASSWORD)
self.assertEqual(check_result.status_code, 200) # THIS RETURNS 404
self.assertEqual(check_result.get_data(as_text=True), "Success")
self.assertTrue(current_user.is_authenticated)
self.assertEqual(current_user.email, self.__REGISTER_SUCCESS_EMAIL)
logout(client)
什么可能导致这种行为?
更新:
刚刚用 Postman 测试了端点——一切都按预期工作。