In [10]:
import requests

In [11]:
token = None

In [12]:
def test_register():
    url = "http://localhost:5000/register"
    data = {
        "username": "testuser2",
        "email": "testuser@example.com",
        "password": "password",
        "confirm_password": "password"
    }
    response = requests.post(url, json=data)
    assert response.status_code == 200
    print("Registration test passed.", response.json())
    token = response.json()["token"]

In [13]:
test_register()

Registration test passed. {'message': 'Registration successful', 'token': 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJmcmVzaCI6ZmFsc2UsImlhdCI6MTcwODkzNjE0MSwianRpIjoiZTJjOTYwMTgtZGQ5My00YWZjLWFjMDktYjliMTNlODJhOWFhIiwidHlwZSI6ImFjY2VzcyIsInN1YiI6InRlc3R1c2VyMiIsIm5iZiI6MTcwODkzNjE0MSwiY3NyZiI6IjMzOTYyODFkLTI0MzctNDBmMi04NGNjLWJmZTZlNmEwZTNjYiIsImV4cCI6MTcwODkzNzA0MX0.xUiNvXl4_l4MxSYSQUrtVfM00QvwZpZkVxS_dvdh0Q8'}


In [30]:
def test_login():
    url = "http://localhost:5000/login"
    data = {
        "username": "testuser2",
        "password": "password"
    }
    response = requests.post(url, json=data)
    assert response.status_code == 200
    token = response.json().get("token")
    print("Login test passed. Token:", token)
    return token

token = test_login()

Login test passed. Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJmcmVzaCI6ZmFsc2UsImlhdCI6MTcwODkzNjgzMCwianRpIjoiYjczNGZmZjgtNDU5Ni00NGEzLTk1NDQtODJmY2RhMzQxZmMzIiwidHlwZSI6ImFjY2VzcyIsInN1YiI6InRlc3R1c2VyMiIsIm5iZiI6MTcwODkzNjgzMCwiY3NyZiI6Ijg5ZDVhZTU5LTI2MTctNGU3My1iOGExLWI3MjFkMWFkZDIwMCIsImV4cCI6MTcwODkzNzczMH0.ODDDRz8mZQcLJ10uP-eSAxWYKR7CbU61XBawfwvsXQ0


# No auth required

In [27]:
def test_products(token):
    url = "http://localhost:5000/products"
    headers = {"Authorization": f"Bearer {token}"}
    response = requests.get(url, headers=headers)
    assert response.status_code == 200
    print("View products test passed.", response.json())

test_products(token)

View products test passed. {'products': [{'description': '????', 'item_id': 1, 'name': 'TEST', 'price': 1.1}, {'description': 'a', 'item_id': 2, 'name': 'a', 'price': 123.0}, {'description': 'tat', 'item_id': 3, 'name': 'Real Product', 'price': 999.0}, {'description': 'Wowwwww so rare', 'item_id': 4, 'name': 'Really Unique Craft Item', 'price': 1000000.0}, {'description': 'U get 1x artist. No refunds', 'item_id': 5, 'name': 'Artist', 'price': 420.69}, {'description': 'No ideas anymore', 'item_id': 6, 'name': 'Out Of Ideas', 'price': 999999999999.0}, {'description': 'Bob', 'item_id': 7, 'name': 'Alice', 'price': 123.0}, {'description': '12', 'item_id': 8, 'name': 'Product 12', 'price': 12.0}, {'description': 'Tax', 'item_id': 9, 'name': 'Tax', 'price': 0.1}, {'description': 'You (who)', 'item_id': 10, 'name': 'Me', 'price': 9.99}]}


In [24]:
def test_product_details(token, item_id=1):
    url = f"http://localhost:5000/product/{item_id}"
    headers = {"Authorization": f"Bearer {token}"}
    response = requests.get(url, headers=headers)
    assert response.status_code == 200
    print("View product details test passed.", response.json())

if token:
    test_product_details(token)

View product details test passed. {'product': {'description': '????', 'item_id': 1, 'name': 'TEST', 'price': 1.1}, 'reviews': [{'item_id': 1, 'rating': 1, 'review': ' i <3 thus', 'user_id': 1}, {'item_id': 1, 'rating': 1, 'review': ' bad', 'user_id': 1}, {'item_id': 1, 'rating': -1, 'review': ' 1', 'user_id': 1}, {'item_id': 1, 'rating': 2, 'review': ' Good', 'user_id': 1}]}


In [31]:
def test_add_to_cart(token, item_id=1):
    url = f"http://localhost:5000/add_to_cart/{item_id}"
    headers = {"Authorization": f"Bearer {token}"}
    response = requests.put(url, headers=headers)
    if response.status_code == 200:
        print("Add to cart test passed.", response.json())
    else:
        print("Add to cart test failed. Response:", response.json())

if token:
    test_add_to_cart(token)

Add to cart test passed. {'message': 'Item added to cart'}


In [32]:
def view_cart(token):
    url = "http://localhost:5000/view_cart"
    headers = {"Authorization": f"Bearer {token}"}
    response = requests.get(url, headers=headers)

    if response.status_code == 200:
        print("View cart test passed.", response.json())
    else:
        print("View cart test failed. Response:", response.json())

if token:    
    view_cart(token)

View cart test passed. {'cart': [{'item_id': 1, 'name': 'TEST', 'price': 1.1, 'qty': 1}]}


In [19]:
def remove_from_cart(token, item_id=1):
    url = f"http://localhost:5000/remove_from_cart/{item_id}"
    headers = {"Authorization": f"Bearer {token}"}
    response = requests.delete(url, headers=headers)

    if response.status_code == 200:
        print("Remove from cart test passed.", response.json())
    else:
        print("Remove from cart test failed. Response:", response.json())

if token:
    remove_from_cart(token)
    

Remove from cart test passed. {'message': 'Item removed from cart'}


In [20]:
if token:    
    view_cart(token)

View cart test passed. {'cart': []}


In [21]:
if token:
    test_add_to_cart(token)

Add to cart test passed. {'message': 'Item added to cart'}


In [33]:
def test_checkout(token):
    url = "http://localhost:5000/checkout"
    headers = {"Authorization": f"Bearer {token}"}
    data = {
        "name": "Test User",
        "email": "test@example.com",
        "address": "123 Test Street",
        "phone": "1234567890"
    }
    response = requests.post(url, json=data, headers=headers)

    if response.status_code == 200:
        print("Checkout test passed.", response.json())
    else:
        print("Checkout test failed. Response:", response.json())

if token:
    test_checkout(token)
    view_cart(token)


Checkout test passed. {'checkout_url': 'https://checkout.stripe.com/c/pay/cs_test_a1xVHeU8lrJfWaFaAMV24rsa5JXTyaxY9XbLDhGlNK4tPJDz0cgWQ21eP9#fidkdWxOYHwnPyd1blpxYHZxWjA0Sml3TjBHNE02amFxbmB2a0h8YEpfaGNvRkZoTzd2ZFNGbk5NcFRhPTJgTHJhUjNGPUAxfUl3NnM0TFN9fV1ENXNEazM2fVNANGNUY092ZEZETzwzXUdLNTVNS1AwRldVTCcpJ2N3amhWYHdzYHcnP3F3cGApJ2lkfGpwcVF8dWAnPyd2bGtiaWBabHFgaCcpJ2BrZGdpYFVpZGZgbWppYWB3dic%2FcXdwYHgl'}
View cart test passed. {'cart': []}


In [34]:
def test_view_orders(token):
    url = "http://localhost:5000/view_orders"
    headers = {"Authorization": f"Bearer {token}"}
    response = requests.get(url, headers=headers)

    if response.status_code == 200:
        print("View orders test passed.", response.json())
    else:
        print("View orders test failed. Response:", response.json())

if token:
    test_view_orders(token)

View orders test passed. {'orders': [{'order_date': '2024-02-26 16:37:32.726318', 'order_id': '18fe08a4eceb4d059682ea7da29232f4', 'payment_status': 0, 'phone': '1234567890', 'shipping_address': '123 Test Street', 'user_id': 'testuser2'}, {'order_date': '2024-02-26 16:39:55.088981', 'order_id': 'c721f7eb4d5e4540a7fcb6aa9786844c', 'payment_status': 0, 'phone': '1234567890', 'shipping_address': '123 Test Street', 'user_id': 'testuser2'}, {'order_date': '2024-02-26 16:40:41.835577', 'order_id': '6d7754aa7edd4309ac058f5083512afc', 'payment_status': 0, 'phone': '1234567890', 'shipping_address': '123 Test Street', 'user_id': 'testuser2'}]}


In [35]:
def get_order_details(token, order_id):
    url = f"http://localhost:5000/order/{order_id}"
    headers = {"Authorization": f"Bearer {token}"}
    response = requests.get(url, headers=headers)

    if response.status_code == 200:
        print("View order details test passed.", response.json())
    else:
        print("View order details test failed. Response:", response.json())

if token:
    get_order_details(token, "18fe08a4eceb4d059682ea7da29232f4")

View order details test passed. {'order_items': [{'name': 'TEST', 'price': 1.1, 'qty': 1}]}


In [36]:
def test_reviewable(token, item_id=1):
    url = f"http://localhost:5000/review"
    headers = {"Authorization": f"Bearer {token}"}
    response = requests.get(url, headers=headers)

    if response.status_code == 200:
        print("Reviewable test passed.", response.json())
    else:
        print("Reviewable test failed. Response:", response.json())

if token:
    test_reviewable(token)

Reviewable test passed. {'items': [{'item_id': 1, 'name': 'TEST'}]}


In [40]:
def test_submit_revoew(token, item_id=1):
    url = f"http://localhost:5000/review/{item_id}"
    headers = {"Authorization": f"Bearer {token}"}
    data = {
        "rating": 2,
        "review": "Bad product!"
    }
    response = requests.post(url, json=data, headers=headers)

    if response.status_code == 200:
        print("Submit review test passed.", response.json())
    else:
        print("Submit review test failed. Response:", response.json())

if token:
    test_submit_revoew(token)


Submit review test failed. Response: {'message': 'Review submitted successfully'}


In [41]:
if token:
    test_product_details(token)

View product details test passed. {'product': {'description': '????', 'item_id': 1, 'name': 'TEST', 'price': 1.1}, 'reviews': [{'item_id': 1, 'rating': 1, 'review': ' i <3 thus', 'user_id': 1}, {'item_id': 1, 'rating': 1, 'review': ' bad', 'user_id': 1}, {'item_id': 1, 'rating': -1, 'review': ' 1', 'user_id': 1}, {'item_id': 1, 'rating': 2, 'review': ' Good', 'user_id': 1}, {'item_id': 1, 'rating': 5, 'review': 'Great product!', 'user_id': 'testuser2'}, {'item_id': 1, 'rating': 2, 'review': 'Bad product!', 'user_id': 'testuser2'}]}


# Admin things, only `admin` user can access

In [42]:
# auth as admin

def test_admin_login():
    url = "http://localhost:5000/login"
    data = {
        "username": "admin",
        "password": "admin"
    }
    response = requests.post(url, json=data)
    assert response.status_code == 200
    token = response.json().get("token")
    print("Admin login test passed. Token:", token)
    return token

admin_token = test_admin_login()

Admin login test passed. Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJmcmVzaCI6ZmFsc2UsImlhdCI6MTcwODkzODM4MiwianRpIjoiOGQ5ZTJlNWItZTNmMy00Nzg0LThmYTctZTNhYTM1YWViOTIzIiwidHlwZSI6ImFjY2VzcyIsInN1YiI6ImFkbWluIiwibmJmIjoxNzA4OTM4MzgyLCJjc3JmIjoiMzFmOWY4ZDEtOWUxMS00ZjJkLTgxN2QtOGYxOGJiMmUwOTYyIiwiZXhwIjoxNzA4OTM5MjgyfQ.G1ybc5Di9n38nXvibPxjAdZxNTWKLkaI_jcCCjKHBQo


In [52]:
# test admin list products
def test_admin_products(token):
    url = "http://localhost:5000/admin"
    headers = {"Authorization": f"Bearer {token}"}
    response = requests.get(url, headers=headers)
    if response.status_code == 200:
        print("Admin view products test passed.", response.json())
    else:
        print("Admin view products test failed. Response:", response.json())

if admin_token:
    test_admin_products(admin_token)

Admin view products test passed. {'products': [{'description': '????', 'item_id': 1, 'name': 'TEST', 'price': 1.1}, {'description': 'a', 'item_id': 2, 'name': 'a', 'price': 123.0}, {'description': 'tat', 'item_id': 3, 'name': 'Real Product', 'price': 999.0}, {'description': 'Wowwwww so rare', 'item_id': 4, 'name': 'Really Unique Craft Item', 'price': 1000000.0}, {'description': 'U get 1x artist. No refunds', 'item_id': 5, 'name': 'Artist', 'price': 420.69}, {'description': 'No ideas anymore', 'item_id': 6, 'name': 'Out Of Ideas', 'price': 999999999999.0}, {'description': 'Bob', 'item_id': 7, 'name': 'Alice', 'price': 123.0}, {'description': '12', 'item_id': 8, 'name': 'Product 12', 'price': 12.0}, {'description': 'Tax', 'item_id': 9, 'name': 'Tax', 'price': 0.1}, {'description': 'You (who)', 'item_id': 10, 'name': 'Me', 'price': 9.99}, {'description': 'string', 'item_id': 12, 'name': 'test2', 'price': 10.0}]}


In [48]:
def test_admin_add_products(token):
    url = "http://localhost:5000/admin/add"
    headers = {"Authorization": f"Bearer {token}"}
    data = {
        "name": "Test Product",
        "price": 100,
        "description": "Test description"
    }
    response = requests.post(url, json=data, headers=headers)
    assert response.status_code == 201
    print("Admin add product test passed.", response.json())

if admin_token:
    test_admin_add_products(admin_token)
    test_admin_products(admin_token)

Admin add product test passed. {'message': 'Product added successfully'}
Admin view products test passed. {'products': [{'description': '????', 'item_id': 1, 'name': 'TEST', 'price': 1.1}, {'description': 'a', 'item_id': 2, 'name': 'a', 'price': 123.0}, {'description': 'tat', 'item_id': 3, 'name': 'Real Product', 'price': 999.0}, {'description': 'Wowwwww so rare', 'item_id': 4, 'name': 'Really Unique Craft Item', 'price': 1000000.0}, {'description': 'U get 1x artist. No refunds', 'item_id': 5, 'name': 'Artist', 'price': 420.69}, {'description': 'No ideas anymore', 'item_id': 6, 'name': 'Out Of Ideas', 'price': 999999999999.0}, {'description': 'Bob', 'item_id': 7, 'name': 'Alice', 'price': 123.0}, {'description': '12', 'item_id': 8, 'name': 'Product 12', 'price': 12.0}, {'description': 'Tax', 'item_id': 9, 'name': 'Tax', 'price': 0.1}, {'description': 'You (who)', 'item_id': 10, 'name': 'Me', 'price': 9.99}, {'description': 'string', 'item_id': 12, 'name': 'test2', 'price': 10.0}, {'des

In [49]:
def test_admin_modify_product(token, item_id=1):
    url = f"http://localhost:5000/admin/modify/{item_id}"
    headers = {"Authorization": f"Bearer {token}"}
    data = {
        "name": "Test Product Modified",
        "price": 200,
        "description": "Test description modified"
    }
    response = requests.post(url, json=data, headers=headers)
    assert response.status_code == 200
    print("Admin modify product test passed.", response.json())

if admin_token:
    test_admin_modify_product(admin_token, 13)
    test_admin_products(admin_token)

Admin modify product test passed. {'message': 'Product updated successfully'}
Admin view products test passed. {'products': [{'description': '????', 'item_id': 1, 'name': 'TEST', 'price': 1.1}, {'description': 'a', 'item_id': 2, 'name': 'a', 'price': 123.0}, {'description': 'tat', 'item_id': 3, 'name': 'Real Product', 'price': 999.0}, {'description': 'Wowwwww so rare', 'item_id': 4, 'name': 'Really Unique Craft Item', 'price': 1000000.0}, {'description': 'U get 1x artist. No refunds', 'item_id': 5, 'name': 'Artist', 'price': 420.69}, {'description': 'No ideas anymore', 'item_id': 6, 'name': 'Out Of Ideas', 'price': 999999999999.0}, {'description': 'Bob', 'item_id': 7, 'name': 'Alice', 'price': 123.0}, {'description': '12', 'item_id': 8, 'name': 'Product 12', 'price': 12.0}, {'description': 'Tax', 'item_id': 9, 'name': 'Tax', 'price': 0.1}, {'description': 'You (who)', 'item_id': 10, 'name': 'Me', 'price': 9.99}, {'description': 'string', 'item_id': 12, 'name': 'test2', 'price': 10.0}, 

In [50]:
def test_admin_delete_product(token, item_id=1):
    url = f"http://localhost:5000/admin/remove/{item_id}"
    headers = {"Authorization": f"Bearer {token}"}
    response = requests.delete(url, headers=headers)

    if response.status_code == 200:
        print("Admin delete product test passed.", response.json())
    else:
        print("Admin delete product test failed. Response:", response.json())

if admin_token:
    test_admin_delete_product(admin_token, 13)
    test_admin_products(admin_token)

Admin delete product test passed. {'message': 'Product removed successfully'}
Admin view products test passed. {'products': [{'description': '????', 'item_id': 1, 'name': 'TEST', 'price': 1.1}, {'description': 'a', 'item_id': 2, 'name': 'a', 'price': 123.0}, {'description': 'tat', 'item_id': 3, 'name': 'Real Product', 'price': 999.0}, {'description': 'Wowwwww so rare', 'item_id': 4, 'name': 'Really Unique Craft Item', 'price': 1000000.0}, {'description': 'U get 1x artist. No refunds', 'item_id': 5, 'name': 'Artist', 'price': 420.69}, {'description': 'No ideas anymore', 'item_id': 6, 'name': 'Out Of Ideas', 'price': 999999999999.0}, {'description': 'Bob', 'item_id': 7, 'name': 'Alice', 'price': 123.0}, {'description': '12', 'item_id': 8, 'name': 'Product 12', 'price': 12.0}, {'description': 'Tax', 'item_id': 9, 'name': 'Tax', 'price': 0.1}, {'description': 'You (who)', 'item_id': 10, 'name': 'Me', 'price': 9.99}, {'description': 'string', 'item_id': 12, 'name': 'test2', 'price': 10.0}]}

In [53]:
# test if normal user can access admin routes
token = test_login()
test_admin_products(token)

Login test passed. Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJmcmVzaCI6ZmFsc2UsImlhdCI6MTcwODkzODU3OCwianRpIjoiNDViMThjNmQtNTNlYS00NjZjLTg0NTctYjNkOGUxYjU5YzQwIiwidHlwZSI6ImFjY2VzcyIsInN1YiI6InRlc3R1c2VyMiIsIm5iZiI6MTcwODkzODU3OCwiY3NyZiI6IjBhODUzZDRmLWU5MzgtNDQ0ZC1iNDZjLTIwMWNjMWU5ZTBkNiIsImV4cCI6MTcwODkzOTQ3OH0.nC_5I0Y7PIA3WHsuzYL2CDULmTWUix9DHitnnS0uKwI
Admin view products test failed. Response: {'error': 'Unauthorized'}
