43 lines
1.1 KiB
Python
43 lines
1.1 KiB
Python
|
# -*- coding: utf-8 -*-
|
|||
|
|
"""
|
|||
|
|
管理端鉴权测试。POST /api/admin 登录,GET /api/admin 鉴权检查。
|
|||
|
|
"""
|
|||
|
|
import pytest
|
|||
|
|
import requests
|
|||
|
|
|
|||
|
|
from util import admin_headers
|
|||
|
|
|
|||
|
|
|
|||
|
|
def test_admin_login(base_url):
|
|||
|
|
"""POST /api/admin 登录成功"""
|
|||
|
|
r = requests.post(
|
|||
|
|
f"{base_url}/api/admin",
|
|||
|
|
json={"username": "admin", "password": "admin123"},
|
|||
|
|
timeout=10,
|
|||
|
|
)
|
|||
|
|
assert r.status_code == 200
|
|||
|
|
data = r.json()
|
|||
|
|
assert data.get("success") is True
|
|||
|
|
assert "token" in data
|
|||
|
|
assert "user" in data
|
|||
|
|
|
|||
|
|
|
|||
|
|
def test_admin_check_with_token(admin_token, base_url):
|
|||
|
|
"""GET /api/admin 带 token 鉴权通过"""
|
|||
|
|
if not admin_token:
|
|||
|
|
pytest.skip("admin 登录失败,跳过鉴权测试")
|
|||
|
|
r = requests.get(
|
|||
|
|
f"{base_url}/api/admin",
|
|||
|
|
headers=admin_headers(admin_token),
|
|||
|
|
timeout=10,
|
|||
|
|
)
|
|||
|
|
assert r.status_code == 200
|
|||
|
|
data = r.json()
|
|||
|
|
assert data.get("success") is True
|
|||
|
|
|
|||
|
|
|
|||
|
|
def test_admin_check_without_token(base_url):
|
|||
|
|
"""GET /api/admin 无 token 返回 401"""
|
|||
|
|
r = requests.get(f"{base_url}/api/admin", timeout=10)
|
|||
|
|
assert r.status_code == 401
|