implement registration API tests

add some comments
This commit is contained in:
Kent Brockman 2022-07-04 20:43:06 -06:00
parent f76e0953ed
commit 0985e56940
3 changed files with 53 additions and 1 deletions

View File

@ -0,0 +1,46 @@
from django.urls import reverse
from rest_framework import status
from rest_framework.test import APITestCase
from apiserver.api.models import Member, User
import json
class RegistrationTests(APITestCase):
def setUp(self):
self.url = reverse('rest_name_register')
# TODO: expose data to be used for E2E testing from a webclient
self.data = {
"username": "registrationtc",
"email": "unittest@email.com",
"password1": "unittest",
"password2": "unittest",
"first_name": "John",
"last_name": "Doe",
# need to fake this for updating progress
"request_id": "lol"
}
# TODO: match with config
self.allowed_ip = '24.66.110.96'
def test_success(self):
"""Ensure we can create a new account object."""
response = self.client.post(
self.url,
self.data,
format='json',
HTTP_X_REAL_IP=self.allowed_ip
)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
user = User.objects.get(username=self.data['username'])
assert user is not None
assert Member.objects.get(user=user) is not None
def test_allowed_ip_wrong(self):
"""Ensure creation only allowed when HTTP_X_REAL_IP header matched IP in whitelist"""
response = self.client.post(
self.url,
self.data,
format='json',
HTTP_X_REAL_IP="0.0.0.0"
)
self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)

View File

@ -26,7 +26,10 @@ class LoggingThrottle(throttling.BaseThrottle):
return True
if request.data:
if type(request.data) is not dict:
data = request.data.dict()
else:
data = request.data
for key in ['password', 'password1', 'password2', 'old_password', 'new_password1', 'new_password2']:
if key in data:
data[key] = '[CENSORED]'

View File

@ -294,6 +294,7 @@ clean = Cleaner(tags=ALLOWED_TAGS).clean
def is_request_from_protospace(request):
# TODO: pull to config
whitelist = ['24.66.110.96', '205.233.15.76', '205.233.15.69']
if settings.DEBUG:
@ -346,6 +347,8 @@ def register_user(data, user):
data['first_name'] = data['first_name'].title().strip()
data['last_name'] = data['last_name'].title().strip()
# Sometimes during demos, a user makes a fake account then then has to be cleaned out
# Notify me that this has happened so I can go clean out the database
if 'test' in data['username']:
msg = 'Someone created a test account: {} {} {} {}'.format(
data['username'],