我想测试一个需要身份验证的路由的 post 请求(来自 Django Rest Framework 的 Knox)。这里的 post 请求应该针对已登录的用户。
以下是urls.py
path('cards', addCard.as_view(), name="cards"),
以下是addCard视图
class addCard(generics.ListCreateAPIView):
serializer_class = CardSerializer
permission_classes = [permissions.IsAuthenticated, IsOwnerOrNot]
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
card = serializer.save(owner=self.request.user)
return Response({'card': CardSerializer(card, context=self.get_serializer_context()).data,})
def get_queryset(self):
return self.request.user.cards.order_by('-id')
以下是测试用例,我使用了 this answer,出现 401!=201 错误,显然是未经授权的用户。
class addCardAPIViewTestCase(APITestCase):
url = reverse("cards")
def setUp(self):
self.username = "john"
self.email = "john@snow.com"
self.password = "you_know_nothing"
self.user = get_user_model().objects.create_user(self.username,
self.password)
self.token = Token.objects.create(user=self.user)
def test_create_cards(self):
client = APIClient()
client.login(username=self.username,
password=self.password)
client.credentials(HTTP_AUTHORIZATION='Token ' + self.token.key)
response = client.post(self.url,{
"bank": "Citibank",
"card_number": "5618073505538298",
"owner_name": "c1",
"cvv": "121",
"expiry_date_month": "03",
"expiry_date_year": "2023"
},format='json')
self.assertEqual(response.status_code, 201)
答案 0 :(得分:0)
如果您想测试经过身份验证的用户,您可以使用 client.login OR client.credentials。如果您通过 rest_framework.authentication.SessionAuthentication 对用户进行身份验证(也考虑使用 client.force_login 以获得更好的性能)和第二个用于令牌身份验证,则应使用第一个。同时使用它们是没有意义的。
答案 1 :(得分:0)
使用client.force_authenticate(...)
class addCardAPIViewTestCase(APITestCase):
# Rest of your code
def test_create_cards(self):
self.client.force_authenticate(self.user)
response = self.client.post(self.url, {
"bank": "Citibank",
"card_number": "5618073505538298",
"owner_name": "c1",
"cvv": "121",
"expiry_date_month": "03",
"expiry_date_year": "2023"
}, format='json')
self.assertEqual(response.status_code, 201)