diff options
author | Roald de Vries <rdevries@thoughtworks.com> | 2016-11-30 16:11:27 +0100 |
---|---|---|
committer | Roald de Vries <rdevries@thoughtworks.com> | 2016-11-30 16:11:27 +0100 |
commit | 13378255c02b97184132881599ed47826963f54a (patch) | |
tree | 01a47f844f581a12dae9d022be19d4010433633e /service/test/unit/resources/test_login_resource.py | |
parent | a493da72d53fe90d679d7fa1980dd185415d9be3 (diff) |
add csrf token to login form
Diffstat (limited to 'service/test/unit/resources/test_login_resource.py')
-rw-r--r-- | service/test/unit/resources/test_login_resource.py | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/service/test/unit/resources/test_login_resource.py b/service/test/unit/resources/test_login_resource.py index d3d7ba64..696b0c46 100644 --- a/service/test/unit/resources/test_login_resource.py +++ b/service/test/unit/resources/test_login_resource.py @@ -157,6 +157,19 @@ class TestLoginResource(unittest.TestCase): d.addCallback(assert_default_invalid_banner_disclaimer_rendered) return d + def test_form_should_contain_csrftoken_input(self): + request = DummyRequest(['']) + + d = self.web.get(request) + + def assert_form_has_csrftoken_input(_): + input_username = 'name="csrftoken"' + written_response = ''.join(request.written) + self.assertIn(input_username, written_response) + + d.addCallback(assert_form_has_csrftoken_input) + return d + class TestLoginPOST(unittest.TestCase): def setUp(self): |