Flask-WTF – 无法测试表单提交。

huangapple go评论86阅读模式
英文:

Flask-WTF - Unable to test a form submission

问题

我想测试一个带有CSRF令牌的wtf表单,但我不知道如何发送这个令牌。

这是我的表单:

class myLoginForm(FlaskForm):
    username = StringField()
    password = StringField()
    mySubmit = SubmitField('Save')

这是我的路由:

@app.route('/login', methods=['GET', 'POST'])
def login():
    loginForm = myLoginForm()

    if loginForm.validate_on_submit():
        result = request.form
        username = result.get("username")
        password = result.get("password")

这是我的测试:

import unittest
from flask_testing import TestCase
from flask import Flask
import json

class TestLogin(TestCase):

    def create_app(self):
        app = Flask(__name__)
        return app

    def test_submission(self):
        headers = {
            'ContentType': 'application/json',
            'dataType': 'json'
        }
        data = {
            'username': 'foo',
            'password': 'bar'
        }

        response = app.test_client().post(
            '/login',
            data=json.dumps(data),
            content_type='application/json',
            follow_redirects=True
        )

        assert self.get_context_variable("loginForm").validate_on_submit() == True

断言失败,因为validate_on_submit()返回False。我认为这是由于CSRF令牌导致的。

如何将CSRF令牌发送到POST请求?

祝你有个愉快的一天!

英文:

I would like to test a wtf-form with a crsf token but I don't know how to send the token.

Here is my form :

class myLoginForm(FlaskForm):
    username = StringField()
    password = StringField()
    mySubmit = SubmitField('Save')

Here is my route :

@app.route('/login', methods=['GET', 'POST'])
def login():
    loginForm = myLoginForm()

    if loginForm.validate_on_submit():
        result = request.form
        username = result.get("username")
        password = result.get("password")

Here is my test :

import unittest
from flask_testing import TestCase
from flask import Flask
import json

class TestLogin(TestCase):

    def create_app(self):
        app = Flask(__name__)
        return app

    def test_submission(self):
        headers = {
            'ContentType': 'application/json',
            'dataType': 'json'
        }
        data = {
            'username': 'foo',
            'password': 'bar'
        }

        response = app.test_client().post(
            '/login',
            data=json.dumps(data),
            content_type='application/json',
            follow_redirects=True
        )

        assert self.get_context_variable("loginForm").validate_on_submit() == True

The assertion fails, because the validate_on_submit() returns False. I think it is due to the crsf token.

How can I send the crsf token to the POST request ?

Have a nice day

答案1

得分: 2

也许这可以帮助您。
使在自动化测试中更容易访问CSRF令牌

英文:

Maybe this could help you.
Make it easier to access a CSRF token in automated tests

答案2

得分: 1

除非你想要在Flask-WTF中测试实际的CSRF保护,在运行单元测试时完全关闭CSRF在应用程序配置中会更简单。触发CSRF保护的条件可能更容易通过集成/端对端测试来测试。

英文:

Unless you want to test actual CSRF protection in Flask-WTF it's much simpler to turn off CSRF completely in app config when running unit tests. The conditions that trigger CSRF protection may be easier tested with integration/e2e tests.

huangapple
  • 本文由 发表于 2020年1月7日 00:32:06
  • 转载请务必保留本文链接:https://go.coder-hub.com/59615679.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定