1 files changed, 123 insertions, 5 deletions

diff --git a/mediagoblin/tests/test_auth.py b/mediagoblin/tests/test_auth.py
index 3d569093..3a13cbb1 100644
--- a/mediagoblin/tests/test_auth.py
+++ b/mediagoblin/tests/test_auth.py
@@ -77,7 +77,7 @@ def test_register_views(test_app):
     # Make sure it rendered with the appropriate template
     assert util.TEMPLATE_TEST_CONTEXT.has_key(
         'mediagoblin/auth/register.html')
-    
+
     # Try to register without providing anything, should error
     # --------------------------------------------------------
 
@@ -182,7 +182,7 @@ def test_register_views(test_app):
         unicode(new_user['_id'])]
     assert parsed_get_params['token'] == [
         new_user['verification_key']]
-    
+
     ## Try verifying with bs verification key, shouldn't work
     util.clear_test_template_context()
     test_app.get(
@@ -209,8 +209,6 @@ def test_register_views(test_app):
     assert new_user['status'] == u'active'
     assert new_user['email_verified'] == True
 
-    ## TODO: Try logging in
-    
     # Uniqueness checks
     # -----------------
     ## We shouldn't be able to register with that user twice
@@ -221,7 +219,7 @@ def test_register_views(test_app):
             'password': 'iamsohappy2',
             'confirm_password': 'iamsohappy2',
             'email': 'happygrrl2@example.org'})
-    
+
     context = util.TEMPLATE_TEST_CONTEXT[
         'mediagoblin/auth/register.html']
     form = context['register_form']
@@ -229,3 +227,123 @@ def test_register_views(test_app):
         u'Sorry, a user with that name already exists.']
 
     ## TODO: Also check for double instances of an email address?
+
+
+@setup_fresh_app
+def test_authentication_views(test_app):
+    """
+    Test logging in and logging out
+    """
+    # Make a new user
+    test_user = mg_globals.database.User()
+    test_user['username'] = u'chris'
+    test_user['email'] = u'chris@example.com'
+    test_user['pw_hash'] = auth_lib.bcrypt_gen_password_hash('toast')
+    test_user.save()
+
+    # Get login
+    # ---------
+    test_app.get('/auth/login/')
+    assert util.TEMPLATE_TEST_CONTEXT.has_key(
+        'mediagoblin/auth/login.html')
+
+    # Failed login - blank form
+    # -------------------------
+    util.clear_test_template_context()
+    response = test_app.post('/auth/login/')
+    context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/auth/login.html']
+    form = context['login_form']
+    assert form.username.errors == [u'This field is required.']
+    assert form.password.errors == [u'This field is required.']
+
+    # Failed login - blank user
+    # -------------------------
+    util.clear_test_template_context()
+    response = test_app.post(
+        '/auth/login/', {
+            'password': u'toast'})
+    context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/auth/login.html']
+    form = context['login_form']
+    assert form.username.errors == [u'This field is required.']
+
+    # Failed login - blank password
+    # -----------------------------
+    util.clear_test_template_context()
+    response = test_app.post(
+        '/auth/login/', {
+            'username': u'chris'})
+    context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/auth/login.html']
+    form = context['login_form']
+    assert form.password.errors == [u'This field is required.']
+
+    # Failed login - bad user
+    # -----------------------
+    util.clear_test_template_context()
+    response = test_app.post(
+        '/auth/login/', {
+            'username': u'steve',
+            'password': 'toast'})
+    context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/auth/login.html']
+    assert context['login_failed']
+
+    # Failed login - bad password
+    # ---------------------------
+    util.clear_test_template_context()
+    response = test_app.post(
+        '/auth/login/', {
+            'username': u'chris',
+            'password': 'jam'})
+    context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/auth/login.html']
+    assert context['login_failed']
+
+    # Successful login
+    # ----------------
+    util.clear_test_template_context()
+    response = test_app.post(
+        '/auth/login/', {
+            'username': u'chris',
+            'password': 'toast'})
+
+    # User should be redirected
+    response.follow()
+    assert_equal(
+        urlparse.urlsplit(response.location)[2],
+        '/')
+    assert util.TEMPLATE_TEST_CONTEXT.has_key(
+        'mediagoblin/root.html')
+
+    # Make sure user is in the session
+    context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/root.html']
+    session = context['request'].session
+    assert session['user_id'] == unicode(test_user['_id'])
+
+    # Successful logout
+    # -----------------
+    util.clear_test_template_context()
+    response = test_app.get('/auth/logout/')
+
+    # Should be redirected to index page
+    response.follow()
+    assert_equal(
+        urlparse.urlsplit(response.location)[2],
+        '/')
+    assert util.TEMPLATE_TEST_CONTEXT.has_key(
+        'mediagoblin/root.html')
+
+    # Make sure the user is not in the session
+    context = util.TEMPLATE_TEST_CONTEXT['mediagoblin/root.html']
+    session = context['request'].session
+    assert session.has_key('user_id') == False
+
+    # User is redirected to custom URL if POST['next'] is set
+    # -------------------------------------------------------
+    util.clear_test_template_context()
+    response = test_app.post(
+        '/auth/login/', {
+            'username': u'chris',
+            'password': 'toast',
+            'next' : '/u/chris/'})
+    assert_equal(
+        urlparse.urlsplit(response.location)[2],
+        '/u/chris/')
+