测试期间无法禁用WTF CSRF保护

时间:2016-01-22 18:17:18

标签: python-2.7 unit-testing flask flask-wtforms csrf-protection

在进行单元测试时,我无法弄清楚如何禁用CSRF保护。

我的test_login()功能未通过单元测试。当我调试时,我可以在表单中看到csrf_enabled值设置为True

文档说明app.config['WTF_CSRF_ENABLED'] = False应该足够,但似乎没有效果

有人可以建议我如何禁用CSRF保护吗?

由于

from flask.ext.testing import TestCase
from flask import Flask
from Shares import db, app as appy
from Shares.models import User
import manage


class test(TestCase):

def create_app(self):
    app = Flask(__name__)
    app.config['TESTING'] = True
    app.config['WTF_CSRF_ENABLED'] = False
    return appy

SQLALCHEMY_DATABASE_URI = "sqlite://"
TESTING = True

def setUp(self):

    manage.initdb()
    print self.login('lucas', 'test').data

def tearDown(self):

    db.session.remove()
    db.drop_all()

def login(self, username, password):
    return self.client.post('/login', data=dict(
        username=username,
        password=password
    ), follow_redirects=True)

def logout(self):
    return self.client.get('/logout', follow_redirects=True)

def test_adduser(self):

    lucas=User(username="lucas", email="lucas@example.com", password="test")
    user2 = User(username="lucas", email="lucas@test.com")

    db.session.add(lucas)
    db.session.commit()

    assert lucas in db.session
    assert user2 not in db.session

def test_login(self):

    lucas=User(username="lucas", email="lucas@example.com", password="test")
    db.session.add(lucas)
    db.session.commit()

    rv = self.login('lucas', 'test')
    assert 'Welcome' in rv.data

1 个答案:

答案 0 :(得分:2)

我已经解决了。

我的变量名称app& APPY 

def create_app(self):
    app = Flask(__name__)
    appy.config['TESTING'] = True
    appy.config['WTF_CSRF_ENABLED'] = False
    return appy
相关问题
最新问题