diff --git a/accounts/api/tests.py b/accounts/api/tests.py index 7ce503c..3836b5d 100644 --- a/accounts/api/tests.py +++ b/accounts/api/tests.py @@ -1,3 +1,249 @@ +# from django.test import TestCase +# from rest_framework.test import APIClient +# from django.contrib.auth.models import User +# +# +# LOGIN_URL = 'api/accounts/login/' +# LOGOUT_URL = 'api/accounts/logout/' +# SIGNUP_URL = 'api/accounts/signup/' +# LOGIN_STATUS_URL = 'api/accounts/login_status/' +# +# +# +# # Create your tests here. +# class AccountApiTests(TestCase): +# +# def setUp(self): +# # this function will be called when every test function is being called +# self.client = APIClient() +# self.user = self.createUser( +# username = 'admin', +# email = 'admin@jiuzhang.com', +# password = 'correct password', +# ) +# +# def createUser(self, username, email, password): +# # can not code User.objects.create() +# # because password should be encrypted, username and email should be normalized +# return User.objects.create_user(username, email, password) +# +# def test_login(self): +# #this test must use POST not GEt +# response = self.client.get(LOGIN_URL, { +# 'username' : self.user.username, +# 'password' : 'correct password', +# }) +# #login failed, http status code return 405 = METHOD_NOT_ALLOWED +# self.assertEqual(response.status_code, 405) +# +# #use POST but wrong password +# response = self.client.post(LOGIN_URL, { +# 'username' : self.user.username, +# 'password' : 'wrong password', +# }) +# self.assertEqual(response.status_code, 400) +# +# #test have not logged in +# response = self.client.get(LOGIN_STATUS_URL) +# self.assertEqual(response.data['has_logged_in'], False) +# +# # use right password +# response = self.client.post(LOGIN_URL, { +# 'username' : self.user.username, +# 'password' : 'correct password', +# }) +# self.assertEqual(response.status_code, 200) +# self.assertNotEqual(response.data['user'], None) +# self.assertEqual(response.data['user']['email'], 'admin@jiuzhang.com') +# # check has login +# response = self.client.get(LOGIN_STATUS_URL) +# self.assertEqual(response.data['has_logged_in'], True) +# +# def test_logout(self): +# self.client.post(LOGIN_URL, { +# 'username' : self.user.username, +# 'password' : 'correct password', +# }) +# +# response = self.client.get(LOGIN_STATUS_URL) +# self.assertEqual(response.data['has_logged_in'], True) +# +# # test must use POST +# response = self.client.get(LOGOUT_URL) +# self.assertEqual(response.status_code, 405) +# +# #change to post, success +# response = self.client.post(LOGOUT_URL) +# self.assertEqual(response.status_code, 200) +# +# response = self.client.get(LOGIN_STATUS_URL) +# self.assertEqual(response.data['has_logged_in'], False) +# +# def test_signup(self): +# data = { +# 'username' : 'someone', +# 'email' : 'someone@jiuzhang.com', +# 'password' : 'any password', +# } +# # use get, fail +# response = self.client.get(SIGNUP_URL, data) +# self.assertEqual(response.status_code, 405) +# +# # use wrong type email +# response = self.client.post(SIGNUP_URL, { +# 'username' : 'someone', +# 'email' : 'not a correct email', +# 'password' : 'any password', +# }) +# self.assertEqual(response.status_code, 400) +# +# #use a too short password +# response = self.client.post(SIGNUP_URL, { +# 'username' : 'someone', +# 'email' : 'someone@jiuzhang.com', +# 'password' : '123', +# }) +# self.assertEqual(response.status_code, 400) +# +# # user too long username +# response = self.client.post(SIGNUP_URL, { +# 'username' : 'someone anyone hello mother father brother', +# 'email' : 'someone@jiuzhang.com', +# 'password' : 'any password' +# }) +# self.assertEqual(response.status_code, 400) +# +# #success +# response = self.client.post(SIGNUP_URL, data) +# self.assertEqual(response.status_code, 200) +# self.assertEqual(response.data['user']['username'], 'someone') +# response = self.client.get(LOGIN_STATUS_URL) +# self.assertEqual(response.data['has_logged_in'], True) +# +# +# +# from django.test import TestCase +from rest_framework.test import APIClient +from django.contrib.auth.models import User -# Create your tests here. + +LOGIN_URL = '/api/accounts/login/' +LOGOUT_URL = '/api/accounts/logout/' +SIGNUP_URL = '/api/accounts/signup/' +LOGIN_STATUS_URL = '/api/accounts/login_status/' + + +class AccountApiTests(TestCase): + + def setUp(self): + # 这个函数会在每个 test function 执行的时候被执行 + self.client = APIClient() + self.user = self.createUser( + username='admin', + email='admin@jiuzhang.com', + password='correct password', + ) + + def createUser(self, username, email, password): + # 不能写成 User.objects.create() + # 因为 password 需要被加密, username 和 email 需要进行一些 normalize 处理 + return User.objects.create_user(username, email, password) + + def test_login(self): + # 每个测试函数必须以 test_ 开头,才会被自动调用进行测试 + # 测试必须用 post 而不是 get + response = self.client.get(LOGIN_URL, { + 'username': self.user.username, + 'password': 'correct password', + }) + # 登陆失败,http status code 返回 405 = METHOD_NOT_ALLOWED + self.assertEqual(response.status_code, 405) + + # 用了 post 但是密码错了 + response = self.client.post(LOGIN_URL, { + 'username': self.user.username, + 'password': 'wrong password', + }) + self.assertEqual(response.status_code, 400) + + # 验证还没有登录 + response = self.client.get(LOGIN_STATUS_URL) + self.assertEqual(response.data['has_logged_in'], False) + # 用正确的密码 + response = self.client.post(LOGIN_URL, { + 'username': self.user.username, + 'password': 'correct password', + }) + self.assertEqual(response.status_code, 200) + self.assertNotEqual(response.data['user'], None) + self.assertEqual(response.data['user']['email'], 'admin@jiuzhang.com') + # 验证已经登录了 + response = self.client.get(LOGIN_STATUS_URL) + self.assertEqual(response.data['has_logged_in'], True) + + def test_logout(self): + # 先登录 + self.client.post(LOGIN_URL, { + 'username': self.user.username, + 'password': 'correct password', + }) + # 验证用户已经登录 + response = self.client.get(LOGIN_STATUS_URL) + self.assertEqual(response.data['has_logged_in'], True) + + # 测试必须用 post + response = self.client.get(LOGOUT_URL) + self.assertEqual(response.status_code, 405) + + # 改用 post 成功 logout + response = self.client.post(LOGOUT_URL) + self.assertEqual(response.status_code, 200) + # 验证用户已经登出 + response = self.client.get(LOGIN_STATUS_URL) + self.assertEqual(response.data['has_logged_in'], False) + + def test_signup(self): + data = { + 'username': 'someone', + 'email': 'someone@jiuzhang.com', + 'password': 'any password', + } + # 测试 get 请求失败 + response = self.client.get(SIGNUP_URL, data) + self.assertEqual(response.status_code, 405) + + # 测试错误的邮箱 + response = self.client.post(SIGNUP_URL, { + 'username': 'someone', + 'email': 'not a correct email', + 'password': 'any password' + }) + # print(response.data) + self.assertEqual(response.status_code, 400) + + # 测试密码太短 + response = self.client.post(SIGNUP_URL, { + 'username': 'someone', + 'email': 'someone@jiuzhang.com', + 'password': '123', + }) + # print(response.data) + self.assertEqual(response.status_code, 400) + + # 测试用户名太长 + response = self.client.post(SIGNUP_URL, { + 'username': 'username is tooooooooooooooooo loooooooong', + 'email': 'someone@jiuzhang.com', + 'password': 'any password', + }) + # print(response.data) + self.assertEqual(response.status_code, 400) + + # 成功注册 + response = self.client.post(SIGNUP_URL, data) + self.assertEqual(response.status_code, 201) + self.assertEqual(response.data['user']['username'], 'someone') + # 验证用户已经登入 + response = self.client.get(LOGIN_STATUS_URL) + self.assertEqual(response.data['has_logged_in'], True) diff --git a/accounts/api/views.py b/accounts/api/views.py index 2dee9bb..007c3c0 100644 --- a/accounts/api/views.py +++ b/accounts/api/views.py @@ -30,7 +30,10 @@ class AccountViewSet(viewsets.ViewSet): @action(methods=['GET'], detail=False) def login_status(self, request): # response data is HashMap - data = {'has_logged_in' : request.user.is_authenticated} + data = { + 'has_logged_in' : request.user.is_authenticated, + 'ip' : request.META['REMOTE_ADDR'], + } if request.user.is_authenticated: data['user'] = UserSerializer(request.user).data # Response could make HashMap data become JSON diff --git a/requirements.txt b/requirements.txt index 126b7b5..fcfd2c0 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,3 +1,24 @@ +asgiref==3.4.1 +asn1crypto==0.24.0 +certifi==2018.1.18 +chardet==3.0.4 +cryptography==2.1.4 Django==3.1.3 +django-debug-toolbar==3.2.4 +djangorestframework==3.12.2 +idna==2.6 +keyring==10.6.0 +keyrings.alt==3.0 mysqlclient==2.0.3 -djangorestframework==3.12.2 \ No newline at end of file +pycrypto==2.6.1 +PyGObject==3.26.1 +pytz==2024.1 +pyxdg==0.25 +requests==2.18.4 +SecretStorage==2.3.1 +six==1.11.0 +sqlparse==0.4.4 +ssh-import-id==5.7 +typing_extensions==4.1.1 +urllib3==1.22 +wrapt==1.16.0 diff --git a/twitter/settings.py b/twitter/settings.py index f7d5f79..3e5ce3a 100644 --- a/twitter/settings.py +++ b/twitter/settings.py @@ -26,6 +26,7 @@ DEBUG = True ALLOWED_HOSTS = ['127.0.0.1', '192.168.33.10', 'localhost'] +INTERNAL_IPS = ['192.168.65.1'] # Application definition @@ -42,6 +43,8 @@ # project apps 'accounts', + # debug tool + 'debug_toolbar', ] MIDDLEWARE = [ @@ -52,6 +55,7 @@ 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', + 'debug_toolbar.middleware.DebugToolbarMiddleware', ] ROOT_URLCONF = 'twitter.urls' diff --git a/twitter/urls.py b/twitter/urls.py index 3eaf584..935bf7f 100644 --- a/twitter/urls.py +++ b/twitter/urls.py @@ -26,4 +26,5 @@ path('admin/', admin.site.urls), path('', include(router.urls)), path('api-auth', include('rest_framework.urls', namespace='rest_framework')), + path("__debug__/", include("debug_toolbar.urls")), ]