taoerman · taoerman · May 22, 2024 · May 22, 2024
diff --git a/accounts/api/tests.py b/accounts/api/tests.py
@@ -1,3 +1,249 @@
+# from django.test import TestCase
+# from rest_framework.test import APIClient
+# from django.contrib.auth.models import User
+#
+#
+# LOGIN_URL = 'api/accounts/login/'
+# LOGOUT_URL = 'api/accounts/logout/'
+# SIGNUP_URL = 'api/accounts/signup/'
+# LOGIN_STATUS_URL = 'api/accounts/login_status/'
+#
+#
+#
+# # Create your tests here.
+# class AccountApiTests(TestCase):
+#
+#     def setUp(self):
+#         # this function will be called when every test function is being called
+#         self.client = APIClient()
+#         self.user = self.createUser(
+#             username = 'admin',
+#             email = 'admin@jiuzhang.com',
+#             password = 'correct password',
+#         )
+#
+#     def createUser(self, username, email, password):
+#         # can not code User.objects.create()
+#         # because password should be encrypted,  username and email should be normalized
+#         return User.objects.create_user(username, email, password)
+#
+#     def test_login(self):
+#         #this test must use POST not GEt
+#         response = self.client.get(LOGIN_URL, {
+#             'username' : self.user.username,
+#             'password' : 'correct password',
+#         })
+#         #login failed, http status code return 405 = METHOD_NOT_ALLOWED
+#         self.assertEqual(response.status_code, 405)
+#
+#         #use POST but wrong password
+#         response = self.client.post(LOGIN_URL, {
+#             'username' : self.user.username,
+#             'password' : 'wrong password',
+#         })
+#         self.assertEqual(response.status_code, 400)
+#
+#         #test have not logged in
+#         response = self.client.get(LOGIN_STATUS_URL)
+#         self.assertEqual(response.data['has_logged_in'], False)
+#
+#         # use right password
+#         response = self.client.post(LOGIN_URL, {
+#             'username' : self.user.username,
+#             'password' : 'correct password',
+#         })
+#         self.assertEqual(response.status_code, 200)
+#         self.assertNotEqual(response.data['user'], None)
+#         self.assertEqual(response.data['user']['email'], 'admin@jiuzhang.com')
+#         # check has login
+#         response = self.client.get(LOGIN_STATUS_URL)
+#         self.assertEqual(response.data['has_logged_in'], True)
+#
+#     def test_logout(self):
+#         self.client.post(LOGIN_URL, {
+#             'username' : self.user.username,
+#             'password' : 'correct password',
+#         })
+#
+#         response = self.client.get(LOGIN_STATUS_URL)
+#         self.assertEqual(response.data['has_logged_in'], True)
+#
+#         # test must use POST
+#         response = self.client.get(LOGOUT_URL)
+#         self.assertEqual(response.status_code, 405)
+#
+#         #change to post, success
+#         response = self.client.post(LOGOUT_URL)
+#         self.assertEqual(response.status_code, 200)
+#
+#         response = self.client.get(LOGIN_STATUS_URL)
+#         self.assertEqual(response.data['has_logged_in'], False)
+#
+#     def test_signup(self):
+#         data = {
+#             'username' : 'someone',
+#             'email' : 'someone@jiuzhang.com',
+#             'password' : 'any password',
+#         }
+#         # use get, fail
+#         response = self.client.get(SIGNUP_URL, data)
+#         self.assertEqual(response.status_code, 405)
+#
+#         # use wrong type email
+#         response = self.client.post(SIGNUP_URL, {
+#             'username' : 'someone',
+#             'email' : 'not a correct email',
+#             'password' : 'any password',
+#         })
+#         self.assertEqual(response.status_code, 400)
+#
+#         #use a too short password
+#         response = self.client.post(SIGNUP_URL, {
+#             'username' : 'someone',
+#             'email' : 'someone@jiuzhang.com',
+#             'password' : '123',
+#         })
+#         self.assertEqual(response.status_code, 400)
+#
+#         # user too long username
+#         response = self.client.post(SIGNUP_URL, {
+#             'username' : 'someone anyone hello mother father brother',
+#             'email' : 'someone@jiuzhang.com',
+#             'password' : 'any password'
+#         })
+#         self.assertEqual(response.status_code, 400)
+#
+#         #success
+#         response = self.client.post(SIGNUP_URL, data)
+#         self.assertEqual(response.status_code, 200)
+#         self.assertEqual(response.data['user']['username'], 'someone')
+#         response = self.client.get(LOGIN_STATUS_URL)
+#         self.assertEqual(response.data['has_logged_in'], True)
+#
+#
+#
+#
 from django.test import TestCase
+from rest_framework.test import APIClient
+from django.contrib.auth.models import User
 
-# Create your tests here.
+
+LOGIN_URL = '/api/accounts/login/'
+LOGOUT_URL = '/api/accounts/logout/'
+SIGNUP_URL = '/api/accounts/signup/'
+LOGIN_STATUS_URL = '/api/accounts/login_status/'
+
+
+class AccountApiTests(TestCase):
+
+    def setUp(self):
+        # 这个函数会在每个 test function 执行的时候被执行
+        self.client = APIClient()
+        self.user = self.createUser(
+            username='admin',
+            email='admin@jiuzhang.com',
+            password='correct password',
+        )
+
+    def createUser(self, username, email, password):
+        # 不能写成 User.objects.create()
+        # 因为 password 需要被加密, username 和 email 需要进行一些 normalize 处理
+        return User.objects.create_user(username, email, password)
+
+    def test_login(self):
+        # 每个测试函数必须以 test_ 开头，才会被自动调用进行测试
+        # 测试必须用 post 而不是 get
+        response = self.client.get(LOGIN_URL, {
+            'username': self.user.username,
+            'password': 'correct password',
+        })
+        # 登陆失败，http status code 返回 405 = METHOD_NOT_ALLOWED
+        self.assertEqual(response.status_code, 405)
+
+        # 用了 post 但是密码错了
+        response = self.client.post(LOGIN_URL, {
+            'username': self.user.username,
+            'password': 'wrong password',
+        })
+        self.assertEqual(response.status_code, 400)
+
+        # 验证还没有登录
+        response = self.client.get(LOGIN_STATUS_URL)
+        self.assertEqual(response.data['has_logged_in'], False)
+        # 用正确的密码
+        response = self.client.post(LOGIN_URL, {
+            'username': self.user.username,
+            'password': 'correct password',
+        })
+        self.assertEqual(response.status_code, 200)
+        self.assertNotEqual(response.data['user'], None)
+        self.assertEqual(response.data['user']['email'], 'admin@jiuzhang.com')
+        # 验证已经登录了
+        response = self.client.get(LOGIN_STATUS_URL)
+        self.assertEqual(response.data['has_logged_in'], True)
+
+    def test_logout(self):
+        # 先登录
+        self.client.post(LOGIN_URL, {
+            'username': self.user.username,
+            'password': 'correct password',
+        })
+        # 验证用户已经登录
+        response = self.client.get(LOGIN_STATUS_URL)
+        self.assertEqual(response.data['has_logged_in'], True)
+
+        # 测试必须用 post
+        response = self.client.get(LOGOUT_URL)
+        self.assertEqual(response.status_code, 405)
+
+        # 改用 post 成功 logout
+        response = self.client.post(LOGOUT_URL)
+        self.assertEqual(response.status_code, 200)
+        # 验证用户已经登出
+        response = self.client.get(LOGIN_STATUS_URL)
+        self.assertEqual(response.data['has_logged_in'], False)
+
+    def test_signup(self):
+        data = {
+            'username': 'someone',
+            'email': 'someone@jiuzhang.com',
+            'password': 'any password',
+        }
+        # 测试 get 请求失败
+        response = self.client.get(SIGNUP_URL, data)
+        self.assertEqual(response.status_code, 405)
+
+        # 测试错误的邮箱
+        response = self.client.post(SIGNUP_URL, {
+            'username': 'someone',
+            'email': 'not a correct email',
+            'password': 'any password'
+        })
+        # print(response.data)
+        self.assertEqual(response.status_code, 400)
+
+        # 测试密码太短
+        response = self.client.post(SIGNUP_URL, {
+            'username': 'someone',
+            'email': 'someone@jiuzhang.com',
+            'password': '123',
+        })
+        # print(response.data)
+        self.assertEqual(response.status_code, 400)
+
+        # 测试用户名太长
+        response = self.client.post(SIGNUP_URL, {
+            'username': 'username is tooooooooooooooooo loooooooong',
+            'email': 'someone@jiuzhang.com',
+            'password': 'any password',
+        })
+        # print(response.data)
+        self.assertEqual(response.status_code, 400)
+
+        # 成功注册
+        response = self.client.post(SIGNUP_URL, data)
+        self.assertEqual(response.status_code, 201)
+        self.assertEqual(response.data['user']['username'], 'someone')
+        # 验证用户已经登入
+        response = self.client.get(LOGIN_STATUS_URL)
+        self.assertEqual(response.data['has_logged_in'], True)
diff --git a/accounts/api/views.py b/accounts/api/views.py
@@ -30,7 +30,10 @@ class AccountViewSet(viewsets.ViewSet):
     @action(methods=['GET'], detail=False)
     def login_status(self, request):
         # response data is HashMap
-        data = {'has_logged_in' : request.user.is_authenticated}
+        data = {
+            'has_logged_in' : request.user.is_authenticated,
+            'ip' : request.META['REMOTE_ADDR'],
+        }
         if request.user.is_authenticated:
             data['user'] = UserSerializer(request.user).data
         # Response could make HashMap data become JSON

diff --git a/requirements.txt b/requirements.txt
@@ -1,3 +1,24 @@
+asgiref==3.4.1
+asn1crypto==0.24.0
+certifi==2018.1.18
+chardet==3.0.4
+cryptography==2.1.4
 Django==3.1.3
+django-debug-toolbar==3.2.4
+djangorestframework==3.12.2
+idna==2.6
+keyring==10.6.0
+keyrings.alt==3.0
 mysqlclient==2.0.3
-djangorestframework==3.12.2
+pycrypto==2.6.1
+PyGObject==3.26.1
+pytz==2024.1
+pyxdg==0.25
+requests==2.18.4
+SecretStorage==2.3.1
+six==1.11.0
+sqlparse==0.4.4
+ssh-import-id==5.7
+typing_extensions==4.1.1
+urllib3==1.22
+wrapt==1.16.0
diff --git a/twitter/settings.py b/twitter/settings.py
@@ -26,6 +26,7 @@
 DEBUG = True
 
 ALLOWED_HOSTS = ['127.0.0.1', '192.168.33.10', 'localhost']
+INTERNAL_IPS = ['192.168.65.1']
 
 
 # Application definition
@@ -42,6 +43,8 @@
 
     # project apps
     'accounts',
+    # debug tool
+    'debug_toolbar',
 ]
 
 MIDDLEWARE = [
@@ -52,6 +55,7 @@
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
+    'debug_toolbar.middleware.DebugToolbarMiddleware',
 ]
 
 ROOT_URLCONF = 'twitter.urls'

diff --git a/twitter/urls.py b/twitter/urls.py
@@ -26,4 +26,5 @@
     path('admin/', admin.site.urls),
     path('', include(router.urls)),
     path('api-auth', include('rest_framework.urls', namespace='rest_framework')),
+    path("__debug__/", include("debug_toolbar.urls")),
 ]