7a0da7932b
Backwards Compatibility / Verify Encryption Constants (push) Waiting to run
Backwards Compatibility / PyPI Version Compatibility (push) Waiting to run
Backwards Compatibility / Database Migration Tests (push) Waiting to run
CodeQL Advanced / Analyze (javascript-typescript) (push) Waiting to run
CodeQL Advanced / Analyze (python) (push) Waiting to run
Docker Tests (Consolidated) / UI Tests (Puppeteer) [research-form] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [research-metrics] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [research-workflow] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [settings-core] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [settings-pages] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [history-news] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [library] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [link-analytics] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [mobile] (push) Blocked by required conditions
Docker Tests (Consolidated) / detect-changes (push) Waiting to run
Docker Tests (Consolidated) / Build Test Image (push) Waiting to run
Docker Tests (Consolidated) / All Pytest Tests + Coverage (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [accessibility] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [api-crud] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [auth-login] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [auth-pages] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [auth-register] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [chat-core] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [chat-lifecycle] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) [error-benchmark] (push) Blocked by required conditions
Docker Tests (Consolidated) / UI Tests (Puppeteer) (push) Blocked by required conditions
Docker Tests (Consolidated) / Accessibility Tests (push) Blocked by required conditions
Docker Tests (Consolidated) / LLM Unit Tests (push) Blocked by required conditions
Docker Tests (Consolidated) / LLM Example Tests (push) Blocked by required conditions
Docker Tests (Consolidated) / Production Image Smoke Test (push) Blocked by required conditions
Docker Tests (Consolidated) / Infrastructure Tests (push) Blocked by required conditions
OSSF Scorecard / OSSF Security Scorecard Analysis (push) Waiting to run
OSV-Scanner (Scheduled) / scan-scheduled (push) Failing after 0s
Create Release / test-gate (push) Has been cancelled
Create Release / release-gate (push) Has been cancelled
Create Release / ci-gate (push) Has been cancelled
Create Release / version-check (push) Has been cancelled
Create Release / e2e-test-gate (push) Has been cancelled
Create Release / responsive-test-gate (push) Has been cancelled
Create Release / compat-test-gate (push) Has been cancelled
Create Release / compose-integration-gate (push) Has been cancelled
Create Release / vulture-gate (push) Has been cancelled
Create Release / build (push) Has been cancelled
Create Release / provenance (push) Has been cancelled
Create Release / prerelease-docker (push) Has been cancelled
Create Release / publish-docker (push) Has been cancelled
Create Release / create-release (push) Has been cancelled
Create Release / cleanup-changelog (push) Has been cancelled
Create Release / trigger-pypi (push) Has been cancelled
Create Release / monitor-pypi (push) Has been cancelled
Create Release / Clean up orphan prerelease tags and signatures (push) Has been cancelled
126 lines
4.5 KiB
Python
126 lines
4.5 KiB
Python
"""Simple authentication test."""
|
|
|
|
import json
|
|
import time
|
|
from loguru import logger
|
|
|
|
|
|
class TestSimpleAuth:
|
|
"""Simple authentication tests."""
|
|
|
|
def test_login_flow(self, client):
|
|
"""Test the login flow."""
|
|
# Create unique test username to avoid conflicts
|
|
test_username = f"testuser_simple_{int(time.time() * 1000)}"
|
|
test_password = "TestPass123"
|
|
|
|
# 1. Get login page
|
|
response = client.get("/auth/login")
|
|
assert response.status_code == 200
|
|
logger.info(f"GET /auth/login -> {response.status_code}")
|
|
|
|
# 2. Register first (in case user doesn't exist)
|
|
response = client.post(
|
|
"/auth/register",
|
|
data={
|
|
"username": test_username,
|
|
"password": test_password,
|
|
"confirm_password": test_password,
|
|
"acknowledge": "true",
|
|
},
|
|
follow_redirects=False,
|
|
)
|
|
# Either 302 (success) or error if already exists
|
|
logger.info(f"POST /auth/register -> {response.status_code}")
|
|
|
|
# 3. Login
|
|
response = client.post(
|
|
"/auth/login",
|
|
data={
|
|
"username": test_username,
|
|
"password": test_password,
|
|
},
|
|
follow_redirects=True,
|
|
)
|
|
logger.info(
|
|
f"POST /auth/login (with redirects) -> {response.status_code}"
|
|
)
|
|
logger.info(f"Final URL: {response.request.url}")
|
|
|
|
# Should redirect to home page after successful login
|
|
assert response.status_code == 200
|
|
|
|
def test_auth_check(self, authenticated_client):
|
|
"""Test auth check endpoint."""
|
|
response = authenticated_client.get("/auth/check")
|
|
assert response.status_code == 200
|
|
logger.info(f"GET /auth/check -> {response.status_code}")
|
|
|
|
data = json.loads(response.data)
|
|
logger.info(f"Auth check data: {data}")
|
|
assert data["authenticated"] is True
|
|
|
|
def test_access_home_page(self, authenticated_client):
|
|
"""Test accessing home page when authenticated."""
|
|
response = authenticated_client.get("/")
|
|
assert response.status_code == 200
|
|
logger.info(f"GET / -> {response.status_code}")
|
|
|
|
def test_api_access(self, authenticated_client):
|
|
"""Test API access when authenticated."""
|
|
response = authenticated_client.get(
|
|
"/settings/api/available-search-engines"
|
|
)
|
|
assert response.status_code == 200
|
|
logger.info(
|
|
f"GET /settings/api/available-search-engines -> {response.status_code}"
|
|
)
|
|
|
|
data = json.loads(response.data)
|
|
logger.info(f"Search engines response has keys: {list(data.keys())}")
|
|
|
|
if "engine_options" in data:
|
|
logger.info(
|
|
f"Found {len(data['engine_options'])} search engine options"
|
|
)
|
|
assert len(data["engine_options"]) > 0
|
|
elif "engines" in data:
|
|
logger.info(f"Found {len(data['engines'])} search engines")
|
|
assert len(data["engines"]) > 0
|
|
|
|
def test_unauthenticated_api_access(self, client):
|
|
"""Test API access without authentication."""
|
|
# Should get 401 or redirect to login
|
|
response = client.get("/settings/api/available-search-engines")
|
|
assert response.status_code in [401, 302]
|
|
logger.info(
|
|
f"GET /settings/api/available-search-engines (unauth) -> {response.status_code}"
|
|
)
|
|
|
|
def test_logout(self, authenticated_client):
|
|
"""Test logout functionality."""
|
|
# First verify we're authenticated
|
|
response = authenticated_client.get("/auth/check")
|
|
data = json.loads(response.data)
|
|
assert data["authenticated"] is True
|
|
|
|
# Logout
|
|
print("\n[DEBUG] Testing logout endpoint with POST method")
|
|
response = authenticated_client.post(
|
|
"/auth/logout", follow_redirects=True
|
|
)
|
|
print(f"[DEBUG] Logout response status: {response.status_code}")
|
|
print(f"[DEBUG] Logout response headers: {dict(response.headers)}")
|
|
if response.status_code != 200:
|
|
print(
|
|
f"[DEBUG] Logout response data: {response.data.decode()[:500]}"
|
|
)
|
|
assert response.status_code == 200
|
|
|
|
# Check we're no longer authenticated
|
|
response = authenticated_client.get("/auth/check")
|
|
assert response.status_code in [401, 200]
|
|
if response.status_code == 200:
|
|
data = json.loads(response.data)
|
|
assert data["authenticated"] is False
|