stackoom
  简体   繁体   中英

Django Unit Testing (with DRF): How to test a Passwordresetview?

 原文  2018-05-13 11:03:50       django/ django-rest-framework/ django-views/ django-testing/ django-tests

Question

I'm currently trying to write my unittest for a successfull password reset.

TLDR: I can't figure out how to handle the injection of the form data in the post request in the set-password view.

For context, let me give you my code first, since a line of code speaks more than 1000 words.

accounts/api/views.py: 

class PasswordResetView(generics.GenericAPIView):
    """(POST) Expects email. Sends a password reset mail to email."""
    permission_classes = (permissions.AllowAny,)
    serializer_class = PasswordResetSerializer

    def post(self, request, *args, **kwargs):
        serializer = self.get_serializer(data=request.data)
        if serializer.is_valid(raise_exception=True):
            user = User.objects.get(email=serializer.data['email'])
            if user.is_active and user.has_usable_password():
                send_password_reset_email(user, request)
                return Response(
                    {"detail": "A password reset email has been send."},
                    status=status.HTTP_204_NO_CONTENT
                )
            else:
                return Response(
                    {"detail": "This users password can't be reset."},
                    status=status.HTTP_406_NOT_ACCEPTABLE
                )

accounts/api/urls.py: 

url(r'^password_reset/$', views.PasswordResetView.as_view(),
    name="password_reset"),

accounts/api/serializers.py: 

class PasswordResetSerializer(serializers.Serializer):
    email = serializers.EmailField()

    def validate_email(self, value):
        if User.objects.filter(email__iexact=value).exists():
            return value
        else:
            raise serializers.ValidationError("Email not found.")

accounts/utils.py: 

from django.contrib.auth.tokens import PasswordResetTokenGenerator
from django.contrib.sites.shortcuts import get_current_site
from django.utils import six
from django.utils.encoding import force_bytes
from django.utils.http import urlsafe_base64_encode

from templated_email import send_templated_mail

password_reset_token = PasswordResetTokenGenerator()


def build_email_context(user_obj, request):
    current_site = get_current_site(request)
    context = {
        "name": "",
        "domain": current_site.domain,
        "uid": urlsafe_base64_encode(force_bytes(user_obj.pk)),
        'token': password_reset_token.make_token(user_obj)
    }
    if user_obj.name != "":
        context["name"]: " " + user_obj.name
    return context


def send_password_reset_email(user_obj, request):
    context = build_email_context(user_obj, request)
    send_templated_mail(
        template_name="password_reset",
        from_email="noreply@ordersome.com",
        recipient_list=[user_obj.email],
        context=context
    )

The views that are linked to the route in the email are the standard CBV PasswordResetConfirmView and PasswordResetDoneView from django.contrib.auth.

And here is the test I wrote for this password reset sequence:

api/tests/test_views.py: 

from django.contrib.auth import get_user, get_user_model
from django.core import mail
from rest_framework import status
from rest_framework.authtoken.models import Token
from rest_framework.reverse import reverse as api_reverse
from rest_framework.test import APITestCase

User = get_user_model()


class UserAPIViewsTestCase(APITestCase):
    def setUp(self):
        User.objects.create_user(
            email="testuser@test.com", password="test1234")
        self.login_url = api_reverse("api:auth:login")
        self.register_url = api_reverse("api:auth:register")
        self.password_reset_url = api_reverse("api:auth:password_reset")
        self.password_change_url = api_reverse("api:auth:password_change")
        self.user_delete_url = api_reverse("api:auth:user_delete")

    def test_api_auth_password_reset_success(self):
        """Test if a password reset successfully resets password."""
        pre_user = User.objects.get(email="testuser@test.com")
        self.assertEqual(pre_user.check_password("test1234"), True)
        email_data = {
            "email": "testuser@test.com",
        }
        email_response = self.client.post(
            self.password_reset_url, email_data, format="json")
        self.assertEqual(email_response.status_code,
                         status.HTTP_204_NO_CONTENT)
        password_reset_data = {
            "new_password1": "newtest1234",
            "new_password2": "newtest1234"
        }
        password_reset_response = self.client.get(
            mail.outbox[0].body[-94:-37], format="json", follow=True)
        path = password_reset_response.request["PATH_INFO"]
        done_url = "http://testserver" + path
        password_reset_done_response = self.client.post(
            done_url, password_reset_data, format="json")
        post_user = User.objects.get(email="testuser@test.com")
        self.assertEqual(post_user.check_password("newtest1234"), True)

The last self.assertEqual fails. But when I test the view manually, it works, so the code should be correct. How should I modify the test?

When I log out done_url it gives me http://testserver/auth/reset/MQ/set-password/ , which should be the correct path.

And when I log out password_reset_done_response it says, that it is a TemplateResponse and the status_code is 200 (which should mean successful, but it's not). Also this response still seems to have the path /auth/reset/MQ/set-password/ which should not be the case anymore.

1 answers

solution1
 1  2018-05-13 12:43:41

password_reset_data is not complete - there's no info to which user the new password should be applied. 

from django.contrib.auth.tokens import default_token_generator
from django.utils.encoding import force_bytes
from django.utils.http import urlsafe_base64_encode

...

password_reset_data = {
    'uid': urlsafe_base64_encode(force_bytes(pre_user.pk)),
    'token': default_token_generator.make_token(pre_user),
    'new_password1': 'newtest1234',
    'new_password2': 'newtest1234',
}

Other suggestions

  • setUp(self) should call super().setUp()
  • Use self.assertTrue instead of self.assertEqual
  • post_user is not needed, use pre_user.refresh_from_db() before last assert

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question UNIT TEST- Django DRF - How to calling methods in ModelViewSets (Avoid 404 Error) Django unit testing: How should one test abstract models? Django unit testing: How to test concurrent database operations? Django - how to write test for DRF ImageField creating test database for Django Unit testing Django Unit Test for testing a file download Django Unit Testing: CSS selectors to test HTML? Django 2.1 PasswordResetView 404 How to Convert DateTime to String in Django/DRF While Testing Testing Django w/ DRF: issues defining a base test class for multiple test cases to inherit
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM