entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 32 Releases Activity
authentic/tests/test_registration.py

1544 lines
55 KiB
Python
Raw Permalink Blame History

# authentic2 - versatile identity manager
# Copyright (C) 2010-2019 Entr'ouvert
#
# This program is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published
# by the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import json
from datetime import date, timedelta
from unittest import mock
from urllib.parse import quote, urlparse
import pytest
import requests
import responses
from django.contrib.auth import REDIRECT_FIELD_NAME, get_user_model
from django.contrib.contenttypes.models import ContentType
from django.urls import reverse
from authentic2 import models
from authentic2.a2_rbac.utils import get_default_ou
from authentic2.apps.authenticators.models import LoginPasswordAuthenticator
from authentic2.apps.journal.models import Event
from authentic2.forms.profile import modelform_factory
from authentic2.forms.registration import RegistrationCompletionForm
from authentic2.models import Attribute, AttributeValue, SMSCode, Token
from authentic2.utils import misc as utils_misc
from authentic2.validators import EmailValidator
from .utils import assert_event, get_link_from_mail, login
User = get_user_model()
def test_registration_success(app, db, settings, mailoutbox, external_redirect):
next_url, good_next_url = external_redirect
settings.LANGUAGE_CODE = 'en-us'
settings.DEFAULT_FROM_EMAIL = 'show only addr <noreply@example.net>'
# disable existing attributes
models.Attribute.objects.update(disabled=True)
url = utils_misc.make_url('registration_register', params={REDIRECT_FIELD_NAME: next_url})
response = app.get(url)
assert response.form['email'].attrs['autocomplete'] == 'email'
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
assert_event('user.registration.request', email='testbot@entrouvert.com')
assert urlparse(response['Location']).path == reverse('registration_complete')
if not good_next_url:
assert not urlparse(response['Location']).query
response = response.follow()
if good_next_url:
assert response.pyquery('a[href="%s"]' % next_url)
else:
assert response.pyquery('a[href="/"]')
assert 'Follow the instructions' in response.text
assert 'testbot@entrouvert.com' in response.text
assert 'considered as spam' in response.text
assert '"noreply@example.net"' in response.text
assert 'show only addr' not in response.text
assert len(mailoutbox) == 1
link = get_link_from_mail(mailoutbox[0])
# test password validation
response = app.get(link)
response.form.set('password1', 'toto')
response.form.set('password2', 'toto')
response = response.form.submit()
assert '8 characters' in response.text
# set valid password
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
response = response.form.submit().maybe_follow()
if good_next_url:
assert 'You have just created an account.' in response.text
assert next_url in response.text
assert response.request.path == '/continue/'
else:
assert response.request.path == '/'
assert 'You have just created an account.' in response.text
assert User.objects.count() == 1
assert len(mailoutbox) == 2
assert 'was successful' in mailoutbox[1].body
new_user = User.objects.get()
assert_event('user.registration', user=new_user, how='email')
assert not Event.objects.filter(type__name='user.login').exists()
assert new_user.email == 'testbot@entrouvert.com'
assert new_user.username is None
assert new_user.check_password('T0==toto')
assert new_user.is_active
assert not new_user.is_staff
assert not new_user.is_superuser
assert str(app.session['_auth_user_id']) == str(new_user.pk)
response = app.get('/login/')
response.form.set('username', 'testbot@entrouvert.com')
response.form.set('password', 'T0==toto')
response = response.form.submit(name='login-password-submit')
assert urlparse(response['Location']).path == reverse('auth_homepage')
def test_registration_realm(app, db, settings, mailoutbox):
settings.LANGUAGE_CODE = 'en-us'
settings.A2_REGISTRATION_REALM = 'realm'
settings.A2_REDIRECT_WHITELIST = ['http://relying-party.org/']
settings.A2_REQUIRED_FIELDS = ['username']
# disable existing attributes
models.Attribute.objects.update(disabled=True)
next_url = 'http://relying-party.org/'
url = utils_misc.make_url('registration_register', params={REDIRECT_FIELD_NAME: next_url})
response = app.get(url)
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('registration_complete')
response = response.follow()
assert 'Follow the instructions' in response.text
assert 'testbot@entrouvert.com' in response.text
assert len(mailoutbox) == 1
link = get_link_from_mail(mailoutbox[0])
# register
response = app.get(link)
response.form.set('username', 'toto')
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
response = response.form.submit().follow()
assert 'You have just created an account.' in response.text
assert next_url in response.text
assert len(mailoutbox) == 2
assert 'was successful' in mailoutbox[1].body
# verify user has expected attributes
new_user = User.objects.get()
assert new_user.username == 'toto@realm'
assert new_user.email == 'testbot@entrouvert.com'
assert new_user.check_password('T0==toto')
assert new_user.is_active
assert not new_user.is_staff
assert not new_user.is_superuser
assert str(app.session['_auth_user_id']) == str(new_user.pk)
# test login
response = app.get('/login/')
response.form.set('username', 'testbot@entrouvert.com')
response.form.set('password', 'T0==toto')
response = response.form.submit(name='login-password-submit')
assert urlparse(response['Location']).path == reverse('auth_homepage')
def test_registration_email_validation(app, db, monkeypatch, settings):
settings.A2_VALIDATE_EMAIL_DOMAIN = True
monkeypatch.setattr(EmailValidator, 'query_mxs', lambda x, y: ['mx1.entrouvert.org'])
resp = app.get(reverse('registration_register'))
resp.form.set('email', 'testbot@entrouvert.com')
resp = resp.form.submit().follow()
assert 'Follow the instructions' in resp.text
monkeypatch.setattr(EmailValidator, 'query_mxs', lambda x, y: [])
resp = app.get(reverse('registration_register'))
resp.form.set('email', 'testbot@entrouvert.com')
resp = resp.form.submit()
assert 'Email domain (entrouvert.com) does not exists' in resp.text
def test_username_settings(app, db, settings, mailoutbox):
settings.LANGUAGE_CODE = 'en-us'
settings.A2_REGISTRATION_FORM_USERNAME_REGEX = r'^(ab)+$'
settings.A2_REGISTRATION_FORM_USERNAME_LABEL = 'Identifiant'
settings.A2_REGISTRATION_FORM_USERNAME_HELP_TEXT = 'Bien remplir'
settings.A2_REGISTRATION_FIELDS = ['username']
settings.A2_REQUIRED_FIELDS = ['username']
# disable existing attributes
models.Attribute.objects.update(disabled=True)
response = app.get(reverse('registration_register'))
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('registration_complete')
response = response.follow()
assert 'Follow the instructions' in response.text
assert 'testbot@entrouvert.com' in response.text
assert len(mailoutbox) == 1
link = get_link_from_mail(mailoutbox[0])
# register
response = app.get(link)
# check form render has changed
assert response.pyquery('[for=id_username]').text() == 'Identifiant:'
for key in ['username', 'password1', 'password2']:
assert response.pyquery('[for=id_%s]' % key)
assert response.pyquery('[for=id_%s]' % key).attr('class') == 'form-field-required'
assert response.pyquery('#id_username').next('.hint').text() == 'Bien remplir'
assert not response.pyquery('.errorlist')
# check username is validated using regexp
response.form.set('username', 'abx')
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
response = response.form.submit()
assert response.pyquery('title')[0].text.endswith('there are errors in the form')
assert 'Enter a valid value' in response.text
# check regexp accepts some valid values
response.form.set('username', 'abab')
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('auth_homepage')
response = response.follow()
assert 'You have just created an account.' in response.text
assert len(mailoutbox) == 2
assert 'was successful' in mailoutbox[1].body
def test_username_is_unique(app, db, settings, mailoutbox):
settings.LANGUAGE_CODE = 'en-us'
settings.A2_REGISTRATION_FIELDS = ['username']
settings.A2_REQUIRED_FIELDS = ['username']
settings.A2_USERNAME_IS_UNIQUE = True
# disable existing attributes
models.Attribute.objects.update(disabled=True)
response = app.get(reverse('registration_register'))
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('registration_complete')
response = response.follow()
assert 'Follow the instructions' in response.text
assert 'testbot@entrouvert.com' in response.text
assert len(mailoutbox) == 1
link = get_link_from_mail(mailoutbox[0])
response = app.get(link)
response.form.set('username', 'john.doe')
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('auth_homepage')
response = response.follow()
assert 'You have just created an account.' in response.text
assert len(mailoutbox) == 2
assert 'was successful' in mailoutbox[1].body
# logout
app.session.flush()
# try again
response = app.get(reverse('registration_register'))
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
link = get_link_from_mail(mailoutbox[2])
response = app.get(link)
response = response.click('create')
response.form.set('username', 'john.doe')
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
response = response.form.submit()
assert 'This username is already in use. Please supply a different username.' in response.text
def test_email_is_unique(app, db, settings, mailoutbox):
settings.LANGUAGE_CODE = 'en-us'
settings.A2_EMAIL_IS_UNIQUE = True
# disable existing attributes
models.Attribute.objects.update(disabled=True)
response = app.get('/register/')
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('registration_complete')
response = response.follow()
assert 'Follow the instructions' in response.text
assert 'testbot@entrouvert.com' in response.text
assert len(mailoutbox) == 1
link = get_link_from_mail(mailoutbox[0])
response = app.get(link)
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('auth_homepage')
response = response.follow()
assert 'You have just created an account.' in response.text
assert len(mailoutbox) == 2
assert 'was successful' in mailoutbox[1].body
# logout
app.session.flush()
response = app.get('/register/?next=/whatever/')
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('registration_complete')
response = response.follow()
assert 'Follow the instructions' in response.text
assert 'testbot@entrouvert.com' in response.text
assert 'This email address is already in use.' not in response.text
assert len(mailoutbox) == 3
assert 'You already have' in mailoutbox[2].body
link = get_link_from_mail(mailoutbox[2])
response = app.get(link)
# check next_url was preserved
assert response.location == '/whatever/'
def test_attribute_model(app, db, settings, mailoutbox):
settings.LANGUAGE_CODE = 'en-us'
# disable existing attributes
models.Attribute.objects.update(disabled=True)
models.Attribute.objects.create(label='Prénom', name='prenom', required=True, kind='string')
models.Attribute.objects.create(
label='Nom', name='nom', asked_on_registration=True, user_visible=True, kind='string'
)
models.Attribute.objects.create(label='Profession', name='profession', user_editable=True, kind='string')
response = app.get(reverse('registration_register'))
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('registration_complete')
response = response.follow()
assert 'Follow the instructions' in response.text
assert 'testbot@entrouvert.com' in response.text
assert len(mailoutbox) == 1
link = get_link_from_mail(mailoutbox[0])
response = app.get(link)
for key in ['prenom', 'nom', 'password1', 'password2']:
assert response.pyquery('#id_%s' % key)
response.form.set('prenom', 'John')
response.form.set('nom', 'Doe')
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('auth_homepage')
response = response.follow()
assert 'You have just created an account.' in response.text
assert len(mailoutbox) == 2
assert 'was successful' in mailoutbox[1].body
response = app.get(reverse('account_management'))
assert 'Nom' in response.text
assert 'Prénom' not in response.text
response = app.get(reverse('profile_edit'))
assert 'profession' in response.form.fields
assert 'prenom' not in response.form.fields
assert 'nom' not in response.form.fields
assert response.pyquery('[for=id_profession]')
assert not response.pyquery('[for=id_profession].form-field-required')
response.form.set('profession', 'pompier')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('account_management')
response = response.follow()
assert 'Nom' in response.text
assert 'Doe' in response.text
assert 'Profession' not in response.text
assert 'pompier' not in response.text
assert 'Prénom' not in response.text
assert 'John' not in response.text
def test_registration_email_blacklist(app, settings, db):
def test_register(email):
response = app.get('/register/')
assert 'email' in response.form.fields
response.form.set('email', email)
response = response.form.submit()
return response.status_code == 302
settings.A2_REGISTRATION_EMAIL_BLACKLIST = [r'a*@example\.com']
assert not test_register('aaaa@example.com')
assert test_register('aaaa@example.com.zob')
assert test_register('baaaa@example.com')
settings.A2_REGISTRATION_EMAIL_BLACKLIST = [r'a*@example\.com', r'^ba*@example\.com$']
assert not test_register('aaaa@example.com')
assert not test_register('baaaa@example.com')
assert test_register('bbaaaa@example.com')
def test_registration_bad_email(app, db, settings):
settings.LANGUAGE_CODE = 'en-us'
response = app.post(reverse('registration_register'), params={'email': 'fred@0d..be'}, status=200)
assert (
'Please enter a valid email address (example: john.doe@entrouvert.com)'
in response.context['form'].errors['email']
)
response = app.post(reverse('registration_register'), params={'email': 'ééééé'}, status=200)
assert (
'Please enter a valid email address (example: john.doe@entrouvert.com)'
in response.context['form'].errors['email']
)
response = app.post(reverse('registration_register'), params={'email': ''}, status=200)
assert response.pyquery('title')[0].text.endswith('there are errors in the form')
assert 'This field is required.' in response.context['form'].errors['email']
def test_registration_confirm_data(app, settings, db, rf):
# make first name not required
models.Attribute.objects.filter(name='first_name').update(required=False)
activation_url = utils_misc.build_activation_url(
rf.post('/register/'),
email='john.doe@example.com',
next_url='/',
first_name='John',
last_name='Doe',
no_password=True,
confirm_data=False,
)
response = app.get(activation_url, status=302)
activation_url = utils_misc.build_activation_url(
rf.post('/register/'),
email='john.doe@example.com',
next_url='/',
last_name='Doe',
no_password=True,
confirm_data=False,
)
response = app.get(activation_url, status=200)
assert 'form' in response.context
assert set(response.context['form'].fields.keys()) == {'first_name', 'last_name'}
activation_url = utils_misc.build_activation_url(
rf.post('/register/'),
email='john.doe@example.com',
next_url='/',
last_name='Doe',
no_password=True,
confirm_data='required',
)
response = app.get(activation_url, status=302)
def test_revalidate_email(app, rf, db, settings, mailoutbox):
settings.LANGUAGE_CODE = 'en-us'
# disable existing attributes
models.Attribute.objects.update(disabled=True)
url = utils_misc.build_activation_url(
rf.get('/'), 'testbot@entrouvert.com', next_url=None, valid_email=False, franceconnect=True
)
assert len(mailoutbox) == 0
# register
response = app.get(url)
response.form.set('email', 'johndoe@example.com')
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('registration_complete')
response = response.follow()
assert 'Follow the instructions' in response.text
assert 'johndoe@example.com' in response.text
assert len(mailoutbox) == 1
def test_email_is_unique_multiple_objects_returned(app, db, settings, mailoutbox, rf):
settings.LANGUAGE_CODE = 'en-us'
settings.A2_REGISTRATION_EMAIL_IS_UNIQUE = True
# Create two user objects
User.objects.create(email='testbot@entrouvert.com')
User.objects.create(email='testbot@entrouvert.com')
url = utils_misc.build_activation_url(
rf.get('/'),
'testbot@entrouvert.com',
first_name='Test',
last_name='Bot',
password='ABcd12345',
next_url=None,
valid_email=False,
franceconnect=True,
)
response = app.get(url)
assert 'This email address is already in use.' in response.text
def test_username_is_unique_multiple_objects_returned(app, db, settings, mailoutbox, rf):
settings.LANGUAGE_CODE = 'en-us'
settings.A2_REGISTRATION_USERNAME_IS_UNIQUE = True
settings.A2_REQUIRED_FIELDS = ['username', 'first_name', 'last_name']
# Create two user objects
User.objects.create(username='testbot', email='testbot1@entrouvert.com')
User.objects.create(username='testbot', email='testbot2@entrouvert.com')
url = utils_misc.build_activation_url(
rf.get('/'),
'testbot@entrouvert.com',
username='testbot',
first_name='Test',
last_name='Bot',
password='ABcd12345',
next_url=None,
valid_email=False,
franceconnect=True,
)
response = app.get(url)
assert 'This username is already in use.' in response.text
def test_registration_redirect(app, db, settings, mailoutbox, external_redirect):
next_url, good_next_url = external_redirect
settings.A2_REGISTRATION_REDIRECT = 'http://cms/welcome/'
settings.LANGUAGE_CODE = 'en-us'
new_next_url = settings.A2_REGISTRATION_REDIRECT
if good_next_url:
new_next_url += '?next=' + quote(next_url)
# disable existing attributes
models.Attribute.objects.update(disabled=True)
url = utils_misc.make_url('registration_register', params={REDIRECT_FIELD_NAME: next_url})
response = app.get(url)
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('registration_complete')
response = response.follow()
assert 'Follow the instructions' in response.text
assert 'testbot@entrouvert.com' in response.text
assert len(mailoutbox) == 1
link = get_link_from_mail(mailoutbox[0])
response = app.get(link)
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
response = response.form.submit().follow()
assert 'You have just created an account.' in response.text
assert new_next_url in response.text
assert User.objects.count() == 1
assert len(mailoutbox) == 2
assert 'was successful' in mailoutbox[1].body
new_user = User.objects.get()
assert new_user.email == 'testbot@entrouvert.com'
assert new_user.username is None
assert new_user.check_password('T0==toto')
assert new_user.is_active
assert not new_user.is_staff
assert not new_user.is_superuser
assert str(app.session['_auth_user_id']) == str(new_user.pk)
response = app.get('/login/')
response.form.set('username', 'testbot@entrouvert.com')
response.form.set('password', 'T0==toto')
response = response.form.submit(name='login-password-submit')
assert urlparse(response['Location']).path == reverse('auth_homepage')
def test_registration_redirect_tuple(app, db, settings, mailoutbox, external_redirect):
next_url, good_next_url = external_redirect
settings.A2_REGISTRATION_REDIRECT = 'http://cms/welcome/', 'target'
new_next_url = settings.A2_REGISTRATION_REDIRECT[0]
if good_next_url:
new_next_url += '?target=' + quote(next_url)
# disable existing attributes
models.Attribute.objects.update(disabled=True)
url = utils_misc.make_url('registration_register', params={REDIRECT_FIELD_NAME: next_url})
response = app.get(url)
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
response = response.follow()
link = get_link_from_mail(mailoutbox[0])
response = app.get(link)
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
response = response.form.submit().follow()
assert new_next_url in response.text
def test_registration_activate_passwords_not_equal(app, db, settings, mailoutbox):
settings.LANGUAGE_CODE = 'en-us'
settings.A2_EMAIL_IS_UNIQUE = True
response = app.get(reverse('registration_register'))
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
response = response.follow()
link = get_link_from_mail(mailoutbox[0])
response = app.get(link)
response.form.set('first_name', 'john')
response.form.set('last_name', 'doe')
response.form.set('password1', 'azerty12AZ')
response.form.set('password2', 'AAAazerty12AZ')
response = response.form.submit()
assert 'The two password fields didn' in response.text
def test_authentication_method(app, db, rf, hooks):
activation_url = utils_misc.build_activation_url(
rf.post('/register/'),
email='john.doe@example.com',
next_url='/',
first_name='John',
last_name='Doe',
no_password=True,
confirm_data=False,
)
app.get(activation_url)
assert len(hooks.calls['event']) == 2
assert hooks.calls['event'][-2]['kwargs']['name'] == 'registration'
assert hooks.calls['event'][-2]['kwargs']['authentication_method'] == 'email'
assert hooks.calls['event'][-1]['kwargs']['name'] == 'login'
assert hooks.calls['event'][-1]['kwargs']['how'] == 'email'
activation_url = utils_misc.build_activation_url(
rf.post('/register/'),
email='jane.doe@example.com',
next_url='/',
first_name='Jane',
last_name='Doe',
no_password=True,
authentication_method='another',
confirm_data=False,
)
app.get(activation_url)
assert len(hooks.calls['event']) == 4
assert hooks.calls['event'][-2]['kwargs']['name'] == 'registration'
assert hooks.calls['event'][-2]['kwargs']['authentication_method'] == 'another'
assert hooks.calls['event'][-1]['kwargs']['name'] == 'login'
assert hooks.calls['event'][-1]['kwargs']['how'] == 'another'
def test_registration_with_email_suggestions(app, db, settings):
url = utils_misc.make_url('registration_register')
response = app.get(url)
assert 'email_domains_suggestions.js' in response.text
assert 'field-live-hint' in response.text
settings.A2_SUGGESTED_EMAIL_DOMAINS = []
response = app.get(url)
assert 'email_domains_suggestions.js' not in response.text
assert 'field-live-hint' not in response.text
def test_registration_no_email_full_profile_no_password(app, db, rf, mailoutbox):
models.Attribute.objects.create(kind='birthdate', name='birthdate', label='birthdate', required=True)
data = {
'email': 'john.doe@example.com',
'first_name': 'John',
'last_name': 'Doe',
'confirm_data': 'required',
'no_password': True,
'valid_email': False,
'franceconnect': True,
'authentication_method': 'france-connect',
}
activation_url = utils_misc.build_activation_url(rf.post('/register/'), next_url='/', **data)
response = app.get(activation_url)
response.form.set('first_name', data['first_name'])
response.form.set('last_name', data['last_name'])
response.form.set('birthdate', '1981-01-01')
response.form.set('email', 'john.doe2@example.com')
response = response.form.submit().follow()
link = get_link_from_mail(mailoutbox[0])
response = app.get(link)
assert response.location == '/'
assert User.objects.count() == 1
user = User.objects.get()
assert user.first_name == 'John'
assert user.last_name == 'Doe'
assert user.attributes.birthdate == date(1981, 1, 1)
assert user.email == 'john.doe2@example.com'
assert user.email_verified is True
def test_registration_link_unique_use(app, db, mailoutbox):
models.Attribute.objects.update(disabled=True)
response = app.get(reverse('registration_register'))
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
link = get_link_from_mail(mailoutbox[0])
response = app.get(link)
response.form.set('password1', 'T0==toto')
# Clean sesssion
app.session.flush()
# accessing multiple times work
response = app.get(link)
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
response = response.form.submit().follow()
assert 'You have just created an account.' in response.text
# Clean sesssion
app.session.flush()
response = app.get(link)
assert urlparse(response['Location']).path == reverse('registration_register')
response = response.follow()
assert 'activation key is unknown or expired' in response.text
def test_double_registration_impossible(app, db, mailoutbox):
models.Attribute.objects.update(disabled=True)
for _ in range(2):
response = app.get(reverse('registration_register'))
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
assert len(mailoutbox) == 2
link1, link2 = get_link_from_mail(mailoutbox[0]), get_link_from_mail(mailoutbox[1])
response = app.get(link1)
assert urlparse(response['Location']).path == reverse('registration_register')
response = response.follow()
assert 'activation key is unknown or expired' in response.text
response = app.get(link2)
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
response = response.form.submit().follow()
assert 'You have just created an account.' in response.text
def test_registration_email_not_verified_required_and_unrequired_attributes(app, db, rf, mailoutbox):
models.Attribute.objects.create(
kind='birthdate', name='birthdate', label='birthdate', asked_on_registration=False
)
models.Attribute.objects.create(
kind='string', name='preferred_color', label='couleur préférée', required=True
)
data = {
'email': 'john.doe@example.com',
'first_name': 'John',
'last_name': 'Doe',
'confirm_data': 'required',
'no_password': True,
'valid_email': False,
'franceconnect': True,
'authentication_method': 'france-connect',
}
activation_url = utils_misc.build_activation_url(rf.post('/register/'), next_url='/', **data)
response = app.get(activation_url)
response.form.set('first_name', data['first_name'])
response.form.set('last_name', data['last_name'])
response.form.set('preferred_color', 'bleu')
response.form.set('email', 'john.doe2@example.com')
response = response.form.submit().follow()
link = get_link_from_mail(mailoutbox[0])
response = app.get(link)
assert response.location == '/'
assert User.objects.count() == 1
user = User.objects.get()
assert user.first_name == 'John'
assert user.last_name == 'Doe'
assert user.attributes.birthdate is None
assert user.attributes.preferred_color == 'bleu'
assert user.email == 'john.doe2@example.com'
assert user.email_verified is True
def test_honeypot(app, db, settings, mailoutbox):
settings.DEFAULT_FROM_EMAIL = 'show only addr <noreply@example.net>'
response = app.get(utils_misc.make_url('registration_register'))
response.form.set('email', 'testbot@entrouvert.com')
response.form.set('robotcheck', True)
response = response.form.submit()
response = response.follow()
assert len(mailoutbox) == 0
assert 'Your registration request has been refused' in response
def test_registration_name_validation(app, db, mailoutbox):
resp = app.get(reverse('registration_register'))
resp.form.set('email', 'testbot@entrouvert.com')
resp = resp.form.submit().follow()
link = get_link_from_mail(mailoutbox[0])
resp = app.get(link)
resp.form.set('password1', 'T0==toto')
resp.form.set('password2', 'T0==toto')
resp.form.set('first_name', '01/01/1871')
resp.form.set('last_name', 'Doe')
resp = resp.form.submit()
assert 'Special characters are not allowed' in resp.text
resp.form.set('password1', 'T0==toto')
resp.form.set('password2', 'T0==toto')
resp.form.set('first_name', 'John')
resp.form.set('last_name', 'a(a')
resp = resp.form.submit()
assert 'Special characters are not allowed' in resp.text
resp.form.set('password1', 'T0==toto')
resp.form.set('password2', 'T0==toto')
resp.form.set('first_name', 'Léo')
resp.form.set('last_name', 'D\'Équerre')
resp = resp.form.submit().follow()
assert 'You have just created an account' in resp.text
def test_attribute_model_autocomplete(app, db, settings, mailoutbox):
settings.LANGUAGE_CODE = 'en-us'
response = app.get(reverse('registration_register'))
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
assert urlparse(response['Location']).path == reverse('registration_complete')
link = get_link_from_mail(mailoutbox[0])
response = app.get(link)
assert response.form['first_name'].attrs['autocomplete'] == 'given-name'
assert response.form['last_name'].attrs['autocomplete'] == 'family-name'
def test_registration_race_condition(app, db, mailoutbox):
models.Attribute.objects.update(disabled=True)
response = app.get(reverse('registration_register'))
response.form.set('email', 'testbot@entrouvert.com')
response = response.form.submit()
link = get_link_from_mail(mailoutbox[0])
mailoutbox.clear()
response = app.get(link)
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
with mock.patch('authentic2.views.models.Token.delete', return_value=(0, {})):
response = response.form.submit().follow()
# hypothetical case where token disappeared while user has not been created
assert 'An error occured' in response.text
# real case where user was created by previous almost simultaneous request
User.objects.create(email='testbot@entrouvert.com')
response = app.get(link)
response.form.set('password1', 'T0==toto')
response.form.set('password2', 'T0==toto')
with mock.patch('authentic2.views.models.Token.delete', return_value=(0, {})):
response = response.form.submit().follow()
assert 'You have just created an account.' in response.text
assert len(mailoutbox) == 0
def test_registration_service_integration(app, service, settings):
service.home_url = 'https://portail.example.net/'
service.save()
response = app.get('/register/?next=https://portail.example.net/page/')
assert app.session['home_url'] == 'https://portail.example.net/page/'
assert app.session['service_pk'] == service.pk
assert response.context['home_ou'] == service.ou
assert response.context['home_service'] == service
assert response.context['home_url'] == 'https://portail.example.net/page/'
def test_registration_completion_form(db, simple_user):
form_class = modelform_factory(get_user_model(), form=RegistrationCompletionForm)
data = {
'email': 'jonh.doe@yopmail.com',
'password': 'blah',
'password1': 'Password0',
'password2': 'Password0',
'date_joined': '2022-02-07',
'ou': simple_user.ou.pk,
}
form = form_class(instance=simple_user, data=data)
assert form.fields['password1'].widget.min_strength is None
assert 'password1' not in form.errors
LoginPasswordAuthenticator.objects.update(min_password_strength=3)
form = form_class(instance=simple_user, data=data)
assert form.fields['password1'].widget.min_strength == 3
assert form.errors['password1'] == ['This password is not strong enough.']
def test_registration_completion(db, app, mailoutbox):
Attribute.objects.create(
kind='string',
label='Favourite Song',
name='favourite_song',
asked_on_registration=True,
)
Attribute.objects.create(
kind='boolean',
label='Favourite Boolean',
name='favourite_boolean',
asked_on_registration=True,
)
LoginPasswordAuthenticator.objects.update(min_password_strength=3)
resp = app.get(reverse('registration_register'))
resp.form.set('email', 'testbot@entrouvert.com')
resp = resp.form.submit().follow()
link = get_link_from_mail(mailoutbox[0])
resp = app.get(link)
resp.form.set('password1', 'Password0')
resp.form.set('password2', 'Password0')
resp.form.set('first_name', 'John')
resp.form.set('last_name', 'Doe')
resp.form.set('favourite_song', '0opS 1 D1t iT @GAiN')
resp.form.set('favourite_boolean', True)
assert resp.pyquery('input[name=first_name][data-password-strength-input]')
assert resp.pyquery('input[name=last_name][data-password-strength-input]')
assert resp.pyquery('input[name=favourite_song][data-password-strength-input]')
assert not resp.pyquery('input[name=password1][data-password-strength-input]')
assert not resp.pyquery('input[name=password2][data-password-strength-input]')
resp = resp.form.submit()
assert 'This password is not strong enough' in resp.text
resp.form.set('password1', 'testbot@entrouvert.com')
resp.form.set('password2', 'testbot@entrouvert.com')
resp = resp.form.submit()
assert 'This password is not strong enough' in resp.text
resp.form.set('password1', '0opS 1 D1t iT @GAiN')
resp.form.set('password2', '0opS 1 D1t iT @GAiN')
resp = resp.form.submit()
assert 'This password is not strong enough' in resp.text
resp.form.set('favourite_song', 'Baby one more time')
resp = resp.form.submit()
assert 'This password is not strong enough' not in resp.text
def test_registration_no_identifier(app, db, settings, phone_activated_authn):
resp = app.get(reverse('registration_register'))
resp = resp.form.submit()
assert 'Please provide an email address or a mobile' in resp.text
def test_registration_erroneous_phone_identifier(app, db, settings, phone_activated_authn):
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', 'thatsnotquiteit')
resp = resp.form.submit()
assert (
'Invalid phone number. Phone number from Metropolitan France must respect local format (e.g. 06 39 98 01 23).'
) == resp.pyquery('.error p')[0].text_content().strip()
@responses.activate
def test_phone_registration_wrong_code(app, db, settings, phone_activated_authn):
settings.SMS_URL = 'https://foo.whatever.none/'
responses.post('https://foo.whatever.none/', status=200)
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow()
resp.form.set('sms_code', 'abc')
resp = resp.form.submit()
assert not Token.objects.count()
assert resp.pyquery('li')[0].text_content() == 'Wrong SMS code.'
@responses.activate
def test_phone_registration_wrong_input_code_opaque_url(app, db, settings, phone_activated_authn):
settings.SMS_URL = 'https://foo.whatever.none/'
responses.post('https://foo.whatever.none/', status=200)
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
resp = resp.form.submit()
location = resp.location[:-5] + 'wxyz/' # oops, something went wrong with the url token
app.get(location, status=404)
assert not Token.objects.count()
location = (
resp.location[:-5] + 'abcd/'
) # oops, something went wrong again although it's a valid uuid format
app.get(location, status=404)
assert not Token.objects.count()
@responses.activate
def test_phone_registration_expired_code(app, db, settings, freezer, phone_activated_authn):
settings.SMS_URL = 'https://foo.whatever.none/'
responses.post('https://foo.whatever.none/', status=200)
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow()
code = SMSCode.objects.get()
resp.form.set('sms_code', code.value)
freezer.move_to(timedelta(hours=1))
resp = resp.form.submit()
assert not Token.objects.count()
assert resp.pyquery('li')[0].text_content() == 'The code has expired.'
@responses.activate
def test_phone_registration_cancel(app, db, settings, freezer, phone_activated_authn):
settings.SMS_URL = 'https://foo.whatever.none/'
responses.post('https://foo.whatever.none/', status=200)
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow()
code = SMSCode.objects.get()
resp.form.set('sms_code', code.value)
resp.form.submit('cancel').follow()
assert not Token.objects.count()
assert not SMSCode.objects.count()
@responses.activate
def test_phone_registration_wrong_input(app, db, settings, freezer, phone_activated_authn):
settings.SMS_URL = 'https://foo.whatever.none/'
responses.post('https://foo.whatever.none/', status=200)
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '12244666')
resp = resp.form.submit()
assert (
'Invalid phone number. Phone number from Metropolitan France must respect local format (e.g. 06 39 98 01 23).'
) == resp.pyquery('.error p')[0].text_content().strip()
resp.form.set('phone_0', '32')
resp.form.set('phone_1', '12244')
resp = resp.form.submit()
assert (
'Invalid phone number. Phone number from Belgium must respect local format (e.g. 042 11 22 33).'
) == resp.pyquery('.error p')[0].text_content().strip()
@responses.activate
def test_phone_registration_improperly_configured(app, db, settings, freezer, caplog, phone_activated_authn):
settings.SMS_URL = ''
responses.post('https://foo.whatever.none/', status=200)
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow().maybe_follow()
assert not Token.objects.count()
assert not SMSCode.objects.count()
assert (
'Something went wrong while trying to send the SMS code to you'
in resp.pyquery('li.warning')[0].text_content()
)
assert caplog.records[0].message == 'settings.SMS_URL is not set'
def test_phone_registration_connection_error(app, db, settings, freezer, caplog, phone_activated_authn):
settings.SMS_URL = 'https://foo.whatever.none/'
def mocked_requests_connection_error(*args, **kwargs):
raise requests.ConnectionError('unreachable')
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
with mock.patch('authentic2.utils.sms.Requests.send') as mock_send:
mock_send.side_effect = mocked_requests_connection_error
mock_response = mock.Mock(status_code=200)
mock_send.return_value = mock_response
resp = resp.form.submit().follow().maybe_follow()
assert (
'Something went wrong while trying to send the SMS code to you'
in resp.pyquery('li.warning')[0].text_content()
)
assert (
caplog.records[0].message
== 'sms code to +33612345678 using https://foo.whatever.none/ failed: unreachable'
)
@responses.activate
def test_phone_registration_number_already_existing_create(app, db, settings, phone_activated_authn):
settings.SMS_URL = 'https://foo.whatever.none/'
responses.post('https://foo.whatever.none/', status=200)
# create duplicates
for i in range(3):
user = User.objects.create(
first_name='John',
last_name='Doe',
email=f'john-{i}@example.com',
username=f'john-{i}',
ou=get_default_ou(),
)
user.attributes.phone = '+33612345678'
user.save()
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow()
code = SMSCode.objects.get()
resp.form.set('sms_code', code.value)
resp = resp.form.submit()
location = resp.location.split('?')[0]
resp = resp.follow()
assert Token.objects.count() == 1
assert 'Existing accounts are associated with this phone number.' in resp.text
# three existing accounts
assert len(resp.pyquery('form')) == 3
# the possibility to create a new one
assert resp.pyquery('p a').text() == 'create a new account'
resp = app.get(f'{location}?create')
resp.form.set('password1', 'Password0')
resp.form.set('password2', 'Password0')
resp.form.set('first_name', 'John')
resp.form.set('last_name', 'Doe')
resp = resp.form.submit().follow()
assert 'You have just created an account' in resp.text
assert AttributeValue.objects.filter(content='+33612345678').count() == 4
assert User.objects.filter(first_name='John', last_name='Doe').count() == 4
@responses.activate
def test_phone_registration_number_already_existing_select(app, db, settings, phone_activated_authn):
settings.SMS_URL = 'https://foo.whatever.none/'
responses.post('https://foo.whatever.none/', status=200)
user_ids = []
# create duplicates
for i in range(3):
user = User.objects.create(
first_name='John',
last_name='Doe',
email=f'john-{i}@example.com',
username=f'john-{i}',
ou=get_default_ou(),
)
user.attributes.phone = '+33612345678'
user.save()
user_ids.append(user.id)
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow()
code = SMSCode.objects.get()
resp.form.set('sms_code', code.value)
resp = resp.form.submit().follow()
assert Token.objects.count() == 1
assert 'Existing accounts are associated with this phone number.' in resp.text
# three existing accounts
assert len(resp.pyquery('form')) == 3
# the possibility to create a new one
assert resp.pyquery('p a').text() == 'create a new account'
resp.forms[1].submit().follow()
assert app.session['_auth_user_id'] == str(user_ids[1])
@responses.activate
def test_phone_registration_number_already_existing_phone_is_unique(app, db, settings, phone_activated_authn):
settings.SMS_URL = 'https://foo.whatever.none/'
responses.post('https://foo.whatever.none/', status=200)
settings.A2_PHONE_IS_UNIQUE = True
settings.A2_REGISTRATION_PHONE_IS_UNIQUE = True
# create duplicate
user = User.objects.create(
first_name='John',
last_name='Doe',
email='john@example.com',
username='john',
ou=get_default_ou(),
)
user.attributes.phone = '+33612345678'
user.save()
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow()
code = SMSCode.objects.get()
resp.form.set('sms_code', code.value)
resp = resp.form.submit().follow()
assert app.session['_auth_user_id'] == str(user.id)
# logged in user is redirected to their homepage
assert resp.location == '/'
@responses.activate
def test_phone_registration_number_already_existing_registration_phone_is_unique(
app, db, settings, phone_activated_authn
):
settings.SMS_URL = 'https://foo.whatever.none/'
responses.post('https://foo.whatever.none/', status=200)
settings.A2_PHONE_IS_UNIQUE = False
settings.A2_REGISTRATION_PHONE_IS_UNIQUE = True
user_ids = []
# create duplicate
user = User.objects.create(
first_name='John',
last_name='Doe',
email='john@example.com',
username='john',
ou=get_default_ou(),
)
user.attributes.phone = '+33612345678'
user.save()
user_ids.append(user.id)
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow()
code = SMSCode.objects.get()
resp.form.set('sms_code', code.value)
resp = resp.form.submit().follow()
assert Token.objects.count() == 1
assert app.session['_auth_user_id'] == str(user.id)
# logged in user is redirected to their homepage
assert resp.location == '/'
@responses.activate
def test_phone_registration_number_already_existing_ou_phone_is_unique(
app, db, settings, phone_activated_authn
):
settings.SMS_URL = 'https://foo.whatever.none/'
responses.post('https://foo.whatever.none/', status=200)
settings.A2_PHONE_IS_UNIQUE = False
settings.A2_REGISTRATION_PHONE_IS_UNIQUE = False
ou = get_default_ou()
ou.phone_is_unique = True
ou.save()
user_ids = []
# create duplicate
user = User.objects.create(
first_name='John',
last_name='Doe',
email='john@example.com',
username='john',
ou=ou,
)
user.attributes.phone = '+33612345678'
user.save()
user_ids.append(user.id)
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow()
code = SMSCode.objects.get()
resp.form.set('sms_code', code.value)
resp = resp.form.submit().follow()
assert Token.objects.count() == 1
assert app.session['_auth_user_id'] == str(user.id)
# logged in user is redirected to their homepage
assert resp.location == '/'
@responses.activate
def test_phone_registration(app, db, settings, phone_activated_authn):
settings.SMS_URL = 'https://foo.whatever.none/'
rsps = responses.post('https://foo.whatever.none/', status=200)
code_length = settings.SMS_CODE_LENGTH
authn = utils_misc.get_password_authenticator()
authn.sms_code_duration = 420
authn.save()
assert not SMSCode.objects.count()
assert not Token.objects.count()
resp = app.get(reverse('registration_register'))
assert not resp.pyquery('.pk-mark-optional-fields')
assert resp.pyquery('.pk-hide-requisiteness')
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow()
body = json.loads(rsps.calls[-1].request.body)
assert body['message'].startswith('Your code is')
code = SMSCode.objects.get()
assert body['message'][-code_length:] == code.value
assert 'Your code is valid for the next 7 minutes' in resp.text
assert 'The code you received by SMS.' in resp.text
resp.form.set('sms_code', code.value)
resp = resp.form.submit().follow()
assert Token.objects.count() == 1
resp.form.set('password1', 'Password0')
resp.form.set('password2', 'Password0')
resp.form.set('first_name', 'John')
resp.form.set('last_name', 'Doe')
resp = resp.form.submit().follow()
assert 'You have just created an account' in resp.text
user = User.objects.get(first_name='John', last_name='Doe')
assert user.attributes.phone == '+33612345678'
assert user.phone_verified_on
assert not user.email_verified
@responses.activate
def test_phone_registration_nondefault_attribute(app, db, settings):
phone, dummy = models.Attribute.objects.get_or_create(
name='another_phone',
kind='phone_number',
defaults={'label': 'Another phone'},
)
LoginPasswordAuthenticator.objects.update(
accept_phone_authentication=True,
phone_identifier_field=phone,
)
settings.SMS_URL = 'https://foo.whatever.none/'
rsps = responses.post('https://foo.whatever.none/', status=200)
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow()
json.loads(rsps.calls[-1].request.body)
code = SMSCode.objects.get()
resp.form.set('sms_code', code.value)
resp = resp.form.submit().follow()
resp.form.set('password1', 'Password0')
resp.form.set('password2', 'Password0')
resp.form.set('first_name', 'John')
resp.form.set('last_name', 'Doe')
resp = resp.form.submit().follow()
assert 'You have just created an account' in resp.text
user = User.objects.get(first_name='John', last_name='Doe')
assert user.attributes.another_phone == '+33612345678'
# no standard attribute set nor even created
assert not getattr(user.attributes, 'phone', None)
assert not user.phone
@responses.activate
def test_phone_registration_redirect_url(app, db, settings, phone_activated_authn):
settings.SMS_URL = 'https://foo.whatever.none/'
responses.post('https://foo.whatever.none/', status=200)
resp = app.get('/accounts/consents/').follow()
resp = resp.click('Register!')
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow()
code = SMSCode.objects.get()
resp.form.set('sms_code', code.value)
resp = resp.form.submit().follow()
resp.form.set('password1', 'Password0')
resp.form.set('password2', 'Password0')
resp.form.set('first_name', 'John')
resp.form.set('last_name', 'Doe')
resp = resp.form.submit()
assert resp.location == '/accounts/consents/'
resp.follow()
user = User.objects.get(first_name='John', last_name='Doe')
assert user.attributes.phone == '+33612345678'
def test_registration_email_address_max_length(app, db):
resp = app.get('/register/')
resp.form['email'] = 'a' * 250 + '@entrouvert.com'
resp = resp.form.submit()
assert 'Ensure this value has at most 254 characters (it has 265).' in resp.text
def test_already_logged(db, app, simple_user):
login(app, simple_user)
# already logged, if we try to register, we are redirect to the logout page...
resp = app.get('/register/?next=/whatever/')
assert resp.location == '/logout/?confirm=1&cancel=/whatever/&next=/register/%3Fnext%3D/whatever/'
resp = resp.follow()
# with a message of explaining the reason..
assert 'If you want to register, you need to logout first.' in resp
assert resp.form['next'].value == '/register/?next=/whatever/'
# and we can cancel to come back to where we come from...
assert resp.pyquery('a[href="/whatever/"]').text() == 'Cancel'
# if we logout...
resp = resp.form.submit()
assert resp.location == '/register/?next=/whatever/'
# then we can register.
resp = resp.follow()
assert resp.form['email']
@responses.activate
def test_phone_registration_existing_identifier_number(app, db, settings, phone_activated_authn):
settings.SMS_URL = 'https://foo.whatever.none/'
responses.post('https://foo.whatever.none/', status=200)
random_user = User.objects.create(
first_name='foo',
last_name='bar',
email='foobar@example.com',
username='foobar',
)
random_user.attributes.phone = '+33612345678'
random_user.save()
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow()
code = SMSCode.objects.get()
resp.form.set('sms_code', code.value)
resp = resp.form.submit().follow()
resp.form.set('password1', 'Password0')
resp.form.set('password2', 'Password0')
resp.form.set('first_name', 'John')
resp.form.set('last_name', 'Doe')
resp = resp.form.submit().follow()
user = User.objects.get(first_name='John', last_name='Doe')
assert user.attributes.phone == '+33612345678'
assert user.phone_verified_on
assert not user.email_verified
assert user.id != random_user.id
@responses.activate
@pytest.mark.parametrize('global_uniqueness', [False, True])
def test_phone_registration_existing_identifier_number_ou_phone_is_unique(
app, db, settings, phone_activated_authn, global_uniqueness
):
settings.SMS_URL = 'https://foo.whatever.none/'
settings.A2_PHONE_IS_UNIQUE = global_uniqueness # test message is same for both options
responses.post('https://foo.whatever.none/', status=200)
random_user = User.objects.create(
first_name='foo',
last_name='bar',
email='foobar@example.com',
username='foobar',
)
ou = get_default_ou()
ou.phone_is_unique = True
ou.save()
random_user.attributes.phone = '+33612345678'
random_user.ou = ou
random_user.save()
resp = app.get(reverse('registration_register'))
resp.form.set('phone_1', '612345678')
resp = resp.form.submit().follow()
code = SMSCode.objects.get()
resp.form.set('sms_code', code.value)
resp = resp.form.submit().follow()
assert resp.location == '/'
resp = resp.follow()
assert resp.pyquery('.messages .info')[0].text_content() == (
"You've been logged in with your already-existing account for this identifier."
)
assert resp.pyquery('.ui-name')[0].text_content() == 'foo bar'
assert (
AttributeValue.objects.filter(
content='+33612345678', content_type=ContentType.objects.get_for_model(User)
)
.order_by('object_id')
.distinct('object_id')
.count()
== 1
)
View Git Blame Copy Permalink