API - disable registration - #36
This commit is contained in:
parent
8762bc1779
commit
5b6a94fb85
@ -2,6 +2,7 @@ export REACT_APP_API_URL = http://$(HOST):$(API_PORT)
|
||||
export REACT_APP_THUNDERFOREST_API_KEY=
|
||||
export REACT_APP_GPX_LIMIT_IMPORT=10
|
||||
export WEATHER_API=
|
||||
export FT_ALLOW_REGISTRATION=true
|
||||
|
||||
# for dev env
|
||||
export CODACY_PROJECT_TOKEN=
|
||||
|
@ -186,6 +186,7 @@
|
||||
</li>
|
||||
</ul>
|
||||
</p></li>
|
||||
<li><p><a class="reference external" href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.4">403 Forbidden</a> – Error. Registration is disabled.</p></li>
|
||||
<li><p><a class="reference external" href="http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.5.1">500 Internal Server Error</a> – Error. Please try again or contact the administrator.</p></li>
|
||||
</ul>
|
||||
</dd>
|
||||
|
File diff suppressed because one or more lines are too long
@ -16,6 +16,9 @@ class BaseConfig:
|
||||
)
|
||||
PICTURE_ALLOWED_EXTENSIONS = {'jpg', 'png', 'gif'}
|
||||
ACTIVITY_ALLOWED_EXTENSIONS = {'gpx', 'zip'}
|
||||
REGISTRATION_ALLOWED = (
|
||||
False if os.getenv('FT_ALLOW_REGISTRATION') == "false" else True
|
||||
)
|
||||
|
||||
|
||||
class DevelopmentConfig(BaseConfig):
|
||||
|
@ -21,6 +21,18 @@ def app():
|
||||
return app
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def app_no_registration():
|
||||
app = create_app()
|
||||
app.config['REGISTRATION_ALLOWED'] = False
|
||||
with app.app_context():
|
||||
db.create_all()
|
||||
yield app
|
||||
db.session.remove()
|
||||
db.drop_all()
|
||||
return app
|
||||
|
||||
|
||||
@pytest.fixture()
|
||||
def user_1():
|
||||
user = User(username='test', email='test@test.com', password='12345678')
|
||||
|
@ -232,6 +232,28 @@ def test_user_registration_invalid_data(app):
|
||||
assert 'error' in data['status']
|
||||
|
||||
|
||||
def test_user_registration_not_allowed(app_no_registration):
|
||||
client = app_no_registration.test_client()
|
||||
response = client.post(
|
||||
'/api/auth/register',
|
||||
data=json.dumps(
|
||||
dict(
|
||||
username='test',
|
||||
email='test@test.com',
|
||||
password='12345678',
|
||||
password_conf='12345678',
|
||||
)
|
||||
),
|
||||
content_type='application/json',
|
||||
)
|
||||
|
||||
assert response.content_type == 'application/json'
|
||||
assert response.status_code == 403
|
||||
data = json.loads(response.data.decode())
|
||||
assert data['status'] == 'error'
|
||||
assert data['message'] == 'Error. Registration is disabled.'
|
||||
|
||||
|
||||
def test_login_registered_user(app, user_1):
|
||||
client = app.test_client()
|
||||
response = client.post(
|
||||
|
@ -66,10 +66,18 @@ def register_user():
|
||||
- Valid email must be provided.
|
||||
- Password and password confirmation don't match.
|
||||
- Password: 8 characters required.
|
||||
:statuscode 403:
|
||||
Error. Registration is disabled.
|
||||
:statuscode 500:
|
||||
Error. Please try again or contact the administrator.
|
||||
|
||||
"""
|
||||
if not current_app.config.get('REGISTRATION_ALLOWED'):
|
||||
response_object = {
|
||||
'status': 'error',
|
||||
'message': 'Error. Registration is disabled.',
|
||||
}
|
||||
return jsonify(response_object), 403
|
||||
# get post data
|
||||
post_data = request.get_json()
|
||||
if not post_data or post_data.get('username') is None \
|
||||
|
Loading…
Reference in New Issue
Block a user