【发布时间】:2016-01-22 18:17:17
【问题描述】:
在进行单元测试时,我无法弄清楚如何禁用 CSRF 保护。
我的 test_login() 函数未能通过单元测试。当我调试时,我可以看到在表单中 csrf_enabled 值设置为 True
文档指出app.config['WTF_CSRF_ENABLED'] = False 应该足够了,但似乎不起作用
谁能告诉我如何禁用 CSRF 保护?
谢谢
from flask.ext.testing import TestCase
from flask import Flask
from Shares import db, app as appy
from Shares.models import User
import manage
class test(TestCase):
def create_app(self):
app = Flask(__name__)
app.config['TESTING'] = True
app.config['WTF_CSRF_ENABLED'] = False
return appy
SQLALCHEMY_DATABASE_URI = "sqlite://"
TESTING = True
def setUp(self):
manage.initdb()
print self.login('lucas', 'test').data
def tearDown(self):
db.session.remove()
db.drop_all()
def login(self, username, password):
return self.client.post('/login', data=dict(
username=username,
password=password
), follow_redirects=True)
def logout(self):
return self.client.get('/logout', follow_redirects=True)
def test_adduser(self):
lucas=User(username="lucas", email="lucas@example.com", password="test")
user2 = User(username="lucas", email="lucas@test.com")
db.session.add(lucas)
db.session.commit()
assert lucas in db.session
assert user2 not in db.session
def test_login(self):
lucas=User(username="lucas", email="lucas@example.com", password="test")
db.session.add(lucas)
db.session.commit()
rv = self.login('lucas', 'test')
assert 'Welcome' in rv.data
【问题讨论】:
标签: python-2.7 unit-testing flask flask-wtforms csrf-protection