I am unit testing my flask app which uses the flask-login extension.
I am setting up all my tests like this using webtest:
class TestCase(unittest.TestCase):
def setUp(self):
app.config['TESTING'] = True
self.client = webtest.TestApp(app)
But when I try to visit urls through self.client.get() which are decorated with @login_required, I get a 401 error with a message that I am not authorized to access the url.
According to the documentation https://flask-login.readthedocs.org/en/latest/#protecting-views and this discussion, setting the config value of 'TESTING' to True should disable the login requirements, but that doesn't seem to be working for me.
Any suggestions?
the login process seems secure. But you didn't check the potential existing user in the signup form, or existing email address. Unless this is managed by the underlying User schema. And you should require a minimal password complexity.
Flask-Login provides user session management for Flask. It handles the common tasks of logging in, logging out, and remembering your users' sessions over extended periods of time. It will: Store the active user's ID in the Flask Session, and let you easily log them in and out.
from flask login documentation it's said that :
It can be convenient to globally turn off authentication when unit testing. To enable this, if the application configuration variable LOGIN_DISABLED is set to True, this decorator will be ignored.
if you are using application factory design pattern add this to your testing config :
LOGIN_DISABLED = True
or you can add it while creating the app like this :
class TestCase(unittest.TestCase):
def setUp(self):
app.config['LOGIN_DISABLED'] = True
self.client = webtest.TestApp(app)
Hope this will help the others who will have the same problem
This because Flask-Login
caching TESTING
or LOGIN_DISABLED
on init_app
(https://github.com/maxcountryman/flask-login/blob/master/flask_login.py#L164).
So if you create application and then set something in config then you config changes will ignored.
Better way use application factory with separated configs for production and tests, it also decrease probability get errors with not cleaned application state in tests.
The easiest way reinit login_manager
:
class TestCase(unittest.TestCase):
def setUp(self):
app.config['TESTING'] = True
app.login_manager.init_app(app)
self.client = webtest.TestApp(app)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With