support logging in from desktop client directly

2025-09-05 08:53:14 +00:00 · 2015-04-27 14:54:12 +08:00
parent 247c6d5e31
commit c63f68dfc5
10 changed files with 139 additions and 30 deletions
--- a/tests/api/test_auth.py
+++ b/tests/api/test_auth.py
@@ -3,17 +3,24 @@
 Test auth related api, such as login/logout.
 """

-import random
-import re
-from urllib import urlencode, quote
+import os
+import time
+import requests
+import pytest

-from tests.common.common import USERNAME, PASSWORD, SEAFILE_BASE_URL
+from tests.common.common import USERNAME, PASSWORD, BASE_URL, SEAFILE_BASE_URL
 from tests.common.utils import randstring, urljoin
 from tests.api.urls import (
-    AUTH_PING_URL, TOKEN_URL, DOWNLOAD_REPO_URL, LOGOUT_DEVICE_URL
+    AUTH_PING_URL, TOKEN_URL, DOWNLOAD_REPO_URL, LOGOUT_DEVICE_URL,
+    CLIENT_LOGIN_TOKEN_URL
 )
 from tests.api.apitestbase import ApiTestBase

+if not BASE_URL.endswith('/'):
+    BASE_URL = BASE_URL + '/'
+
+TRAVIS = 'TRAVIS' in os.environ
+
 def fake_ccnet_id():
    return randstring(length=40)

@@ -47,6 +54,29 @@ class AuthTest(ApiTestBase):
            self._do_auth_ping(token, expected=401)
            # self._get_repo_info(sync_token, repo.repo_id, expected=400)

+    def test_generate_client_login_token(self):
+        url = self._get_client_login_url()
+        r = requests.get(url)
+        assert r.url == BASE_URL
+
+        r = requests.get(url)
+        assert r.url == urljoin(BASE_URL, 'accounts/login/?next=/'), \
+            'a client login token can only be used once'
+
+    @pytest.mark.skipif(not TRAVIS, reason="only run this test on travis builds") # pylint: disable=E1101
+    def test_client_login_token_should_expire_shortly(self):
+        url = self._get_client_login_url()
+        time.sleep(30)
+        r = requests.get(url)
+        assert r.url == urljoin(BASE_URL, 'accounts/login/?next=/'), \
+            'a client login should be expired after 30 seconds'
+
+    def test_client_login_token_redirect_to_next_url(self):
+        url = self._get_client_login_url()
+        url += '&next=/profile/'
+        r = requests.get(url)
+        assert r.url == urljoin(BASE_URL, '/profile/')
+
    def _desktop_login(self):
        data = {
            'username': USERNAME,
@@ -75,3 +105,8 @@ class AuthTest(ApiTestBase):

    def _logout(self, token):
        self.post(LOGOUT_DEVICE_URL, token=token)
+
+    def _get_client_login_url(self):
+        token = self.post(CLIENT_LOGIN_TOKEN_URL).json()['token']
+        assert len(token) == 32
+        return urljoin(BASE_URL, 'client-login/') + '?token=' + token