Fully migrate API security tests into the pytest test suite
Also adds an additional test that ensures that at least one security test exists for every (api endpoint, http method) pair.
This commit is contained in:
Joseph Schorr
parent
beebe6d5ed
commit
924dda296f
7 changed files with 1340 additions and 4493 deletions
|
|
@ -14,11 +14,11 @@ CSRF_TOKEN = '123csrfforme'
|
|||
@contextmanager
|
||||
def client_with_identity(auth_username, client):
|
||||
with client.session_transaction() as sess:
|
||||
sess[CSRF_TOKEN_KEY] = CSRF_TOKEN
|
||||
if auth_username and auth_username is not None:
|
||||
loaded = model.user.get_user(auth_username)
|
||||
sess['user_id'] = loaded.uuid
|
||||
sess['login_time'] = datetime.datetime.now()
|
||||
sess[CSRF_TOKEN_KEY] = CSRF_TOKEN
|
||||
else:
|
||||
sess['user_id'] = 'anonymous'
|
||||
|
||||
|
|
|
|||
Reference in a new issue