diff --git a/tests/test_auth_fc.py b/tests/test_auth_fc.py index dfaeb7f..06ea033 100644 --- a/tests/test_auth_fc.py +++ b/tests/test_auth_fc.py @@ -109,6 +109,9 @@ def test_login(app, fc_settings, caplog, exp): # we must be connected assert app.session['_auth_user_id'] assert models.FcAccount.objects.count() == 1 + # by default we set a random password on new users, so they can use the + # recover my password form + assert User.objects.get().has_usable_password() response = app.get('/accounts/') response = response.click('Delete link') response.form.set('new_password1', 'ikKL1234') @@ -161,13 +164,29 @@ def test_login_email_is_unique(app, fc_settings, caplog): 'email': 'john.doe@example.com', }) - User.objects.create(email='john.doe@example.com', first_name='John', last_name='Doe') + user = User.objects.create(email='john.doe@example.com', first_name='John', last_name='Doe') + user.set_password('toto') + user.save() fc_settings.A2_EMAIL_IS_UNIQUE = True with httmock.HTTMock(access_token_response, user_info_response): response = app.get(callback + '?code=zzz&state=%s' % state, status=302) assert User.objects.count() == 1 assert app.session['_auth_user_id'] + # logout, test unlinking when logging with password + app.session.flush() + response = app.get('/login/') + response.form.set('username', User.objects.get().email) + response.form.set('password', 'toto') + response = response.form.submit(name='login-password-submit').follow() + + response = app.get('/accounts/') + response = response.click('Delete link') + assert 'new_password1' not in response.form.fields + response = response.form.submit(name='unlink').follow() + assert 'The link with the FranceConnect account has been deleted' in response.content + assert response.request.path == '/accounts/' + def test_login_email_is_unique_and_already_linked(app, fc_settings, caplog): callback = reverse('fc-login-or-link')