Add some auth view tests

Author: davegaeddert

.github/workflows/test.yml

@@ -11,7 +11,7 @@ jobs:
         python-version: ["3.11", "3.12", "3.13"]
 
     env:
-      PACKAGES: plain plain-worker plain-flags plain-sessions plain-admin plain-oauth plain-models plain-api plain-elements plain-htmx
+      PACKAGES: plain plain-worker plain-flags plain-sessions plain-admin plain-oauth plain-auth plain-models plain-api plain-elements plain-htmx
 
     steps:
     - uses: actions/checkout@v4

plain-auth/pyproject.toml

@@ -13,6 +13,11 @@ dependencies = [
     "plain.sessions<1.0.0",
 ]
 
+[tool.uv]
+dev-dependencies = [
+    "plain.pytest<1.0.0",
+]
+
 [tool.hatch.build.targets.wheel]
 packages = ["plain"]
 

plain-auth/tests/app/settings.py

@@ -0,0 +1,18 @@
+SECRET_KEY = "test"
+URLS_ROUTER = "app.urls.AppRouter"
+INSTALLED_PACKAGES = [
+    "plain.auth",
+    "plain.sessions",
+    "plain.models",
+    "app.users",
+]
+DATABASE = {
+    "ENGINE": "plain.models.backends.sqlite3",
+    "NAME": ":memory:",
+}
+MIDDLEWARE = [
+    "plain.sessions.middleware.SessionMiddleware",
+    "plain.auth.middleware.AuthenticationMiddleware",
+]
+AUTH_LOGIN_URL = "login"
+AUTH_USER_MODEL = "users.User"

plain-auth/tests/app/urls.py

@@ -0,0 +1,45 @@
+from plain.auth.views import AuthViewMixin
+from plain.urls import Router, path
+from plain.views import View
+
+
+class LoginView(View):
+    def get(self):
+        return "login"
+
+
+class ProtectedView(AuthViewMixin, View):
+    def get(self):
+        return "protected"
+
+
+class OpenView(AuthViewMixin, View):
+    login_required = False
+
+    def get(self):
+        return "open"
+
+
+class AdminView(AuthViewMixin, View):
+    admin_required = True
+
+    def get(self):
+        return "admin"
+
+
+class NoLoginUrlView(AuthViewMixin, View):
+    login_url = None
+
+    def get(self):
+        return "none"
+
+
+class AppRouter(Router):
+    namespace = ""
+    urls = [
+        path("login/", LoginView, name="login"),
+        path("protected/", ProtectedView, name="protected"),
+        path("open/", OpenView, name="open"),
+        path("admin/", AdminView, name="admin"),
+        path("nolink/", NoLoginUrlView, name="nolink"),
+    ]

plain-auth/tests/app/users/migrations/0001_initial.py

@@ -0,0 +1,21 @@
+# Generated by Plain 0.21.5 on 2025-02-17 04:12
+
+from plain import models
+from plain.models import migrations
+
+
+class Migration(migrations.Migration):
+    initial = True
+
+    dependencies = []
+
+    operations = [
+        migrations.CreateModel(
+            name="User",
+            fields=[
+                ("id", models.BigAutoField(auto_created=True, primary_key=True)),
+                ("username", models.CharField(max_length=255)),
+                ("is_admin", models.BooleanField(default=False)),
+            ],
+        ),
+    ]

plain-auth/tests/app/users/migrations/__init__.py

@@ -0,0 +1,7 @@
+from plain import models
+
+
+@models.register_model
+class User(models.Model):
+    username = models.CharField(max_length=255)
+    is_admin = models.BooleanField(default=False)

plain-auth/tests/app/users/models.py

@@ -0,0 +1,41 @@
+from plain.auth import get_user_model
+from plain.test import Client
+
+
+def test_login_required_redirect(db):
+    client = Client()
+    response = client.get("/protected/")
+    assert response.status_code == 302
+    assert response.url == "/login/?next=/protected/"
+
+
+def test_view_without_login_required(db):
+    client = Client()
+    response = client.get("/open/")
+    assert response.status_code == 200
+    assert response.content == b"open"
+    assert response.headers["Cache-Control"] == "private"
+
+
+def test_admin_required(db):
+    client = Client()
+    # login required first
+    assert client.get("/admin/").status_code == 302
+
+    user = get_user_model().objects.create(username="user")
+    client.force_login(user)
+    # not admin -> 404
+    assert client.get("/admin/").status_code == 404
+
+    user.is_admin = True
+    user.save()
+    # now admin -> success
+    resp = client.get("/admin/")
+    assert resp.status_code == 200
+    assert resp.content == b"admin"
+
+
+def test_no_login_url_forbidden(db):
+    client = Client()
+    response = client.get("/nolink/")
+    assert response.status_code == 403