FlaskTester - Pytest fixtures for Flask internal and external authenticated tests
This package allows to run authenticated tests against a Flask application,
either with internal Flask tests (aka test_client
) or external tests (with
requests
which performs actual HTTP requests), including password and token
authentication and per-user cookies.
Only one set of tests is needed, switching from internal to external is achieved by setting an environment variable.
Usage
Install package with pip install FlaskTester
or equivalent.
The following test creates a local fixture with 2 users identified by a
password, and retrieves tokens for both users using a /login
route
provided by the application.
It then proceeds to run authenticated requests against the /admin
route.
import pytest
from FlaskTester import ft_authenticator, ft_client
import secret
def authHook(api, user: str, pwd: str|None):
if pwd is not None: # get a token when a login/password is provided
res = api.get("/login", login=user, auth="basic", status=200)
api.setToken(user, res.json["token"])
else: # remove token
api.setToken(user, None)
@pytest.fixture
def app(ft_client):
# register authentication hook
ft_client.setHook(authHook)
# add test passwords for Calvin and Hobbes (must be consistent with app!)
ft_client.setPass("calvin", secret.PASSES["calvin"])
ft_client.setPass("hobbes", secret.PASSES["hobbes"])
# also set a cookie
ft_client.setCookie("hobbes", "lang", "fr")
ft_client.setCookie("calvin", "lang", "en")
# return working client
yield ft_client
def test_app_admin(app):
app.get("/admin", login=None, status=401)
for auth in ["bearer", "basic", "param"]:
res = app.get("/admin", login="calvin", auth=auth, status=200)
assert res.json["user"] == "calvin" and res.json["isadmin"]
res = app.get("/admin", login="hobbes", auth=auth, status=403)
assert 'not in group "ADMIN"' in res.text
This can be run against a local or remote server:
export TEST_SEED="some-random-data" # shared test seed
flask --app app:app run & # start flask app
pid=$! # keep pid
export FLASK_TESTER_APP="http://localhost:5000" # set app url, local or remote
pytest test.py # run external tests
kill $pid # stop app with pid
Or locally with the Flask internal test infrastructure:
export FLASK_TESTER_APP="app:app" # set app package
pytest test.py # run internal tests
The above test runs with tests/app.py
Flask
REST application back-end with password and token authentication based on
FlaskSimpleAuth.
The code uses 23 lines of Python for implementing
password (basic and parameters) and token authentications,
admin group authorization, and routes for
token generation (2), identity tests (2) and an incredible open cookie-based
translation service.
See the documentation.
License
This code is Public Domain.
All software has bug, this is software, hence… Beware that you may lose your hairs or your friends because of it. If you like it, feel free to send a postcard to the author.
Versions
Packages are distributed from PyPI, sources are available on GitHub, please report any issues.
- Documentation
- API Reference
- Versions
- TODO
- ? on ?
- 4.3 on 2024-08-10
- 4.2 on 2024-07-28
- 4.1 on 2024-07-28
- 4.0 on 2024-05-20
- 3.6 on 2024-03-30
- 3.5 on 2024-03-30
- 3.4 on 2024-03-30
- 3.3 on 2024-03-25
- 3.2 on 2024-03-24
- 3.1 on 2024-03-24
- 3.0 on 2024-03-23
- 2.0 on 2024-03-23
- 1.4 on 2024-03-19
- 1.3 on 2024-03-16
- 1.2 on 2024-03-15
- 1.1 on 2024-03-13
- 1.0 on 2024-03-12
- 0.9 on 2024-03-11