api.v1.test_login¶
Test authentication with the server.
caseautomation: | automated |
---|---|
casecomponent: | api |
caseimportance: | high |
caselevel: | integration |
requirement: | Cloud Meter |
testtype: | functional |
upstream: | yes |
-
integrade.tests.api.v1.test_login.
test_login_logout
()¶ Test that we can login, make requests and logout to the server.
Id: 2eb55229-4e1e-4d35-ac4a-4f2424d37cf6
Description: Test that we can login, make requests and logout to the server.
Steps: - Send POST with username and password to the token endpoint.
- Send a GET request to /auth/me/ with the authorization token from previous step in the headers.
- Send a POST request to /auth/token/destroy/.
- Try to access /auth/me/ again with the authorization token from step 1.
Expectedresults: - Receive an authorization token that can then be used to build authentication headers and make authenticated requests.
- Assert a 200 response is returned and the information about the logged in user are correct, including being flagged as a non-super user
- Assert a 204 response is returned
- Assert a 401 response is returned and the detailed message states the authentication token is now invalid.
-
integrade.tests.api.v1.test_login.
test_superuser_login
()¶ Test that we can login as a super user and identify we are super.
Id: 0815070f-5042-45ba-a6bb-f2596f764c7e
Description: Test that we can login with a super user’s credentials and that the token response includes a flag indicating super user status.
Steps: - Send POST with username and password to the token endpoint.
Expectedresults: - Receive an authorization token that can then be used to build authentication headers and make authenticated requests.
- Assert a 200 response is returned and the information about the logged in user are correct
- Assert the response includes the is_superuser field set to True
-
integrade.tests.api.v1.test_login.
test_token_negative
(endpoint)¶ Given that we have an invalid token, we cannot make requests.
Id: a87f7069-3ee9-4435-a953-fd8664199419
Description: Test that if we have a bad token, we cannot use it to make requests to any of the /api/v1/* endpoints
Steps: - Send a GET request with a invalid authorization token in the header to all /api/v1/* endpoints.
- Assert that we get a 401 response for all requests.
Expectedresults: The server rejects our invalid token for all /api/v1/* endpoints.