test: update test for signup , forget password, otpverification

Sajal-techie · Aug 20, 2024 · 7580e78 · 7580e78
1 parent 61dc574
commit 7580e78
Show file tree

Hide file tree

Showing 2 changed files with 204 additions and 50 deletions.
diff --git a/users/tests/test_views.py b/users/tests/test_views.py
@@ -1,65 +1,158 @@
 from django.test import TestCase
 from django.urls import reverse
+from django.core.exceptions import ValidationError
 from rest_framework import status
 from rest_framework.test import APIClient
 from users.models import Users, Academy,UserProfile, Sport
-from selection_trial.models import Trial
-from user_profile.models import Follow, FriendRequest
 from real_time.models import Notification
 from unittest.mock import patch
 
 class SignupViewTest(TestCase):
     def setUp(self):
         self.client = APIClient()
-        self.signup_url = reverse('signup')  # Assume you've named your URL
+        self.signup_url = reverse('signup') 
 
-    def test_successful_signup(self):
-        data = {
-            'email': 'test@example.com',
-            'username': 'testuser',
-            'password': 'testpass123',
+
+        self.valid_player_data = {
+            'email': 'newplayer@example.com',
+            'username': 'newplayer',
             'sport': 'football',
-            'state': 'TestState',
-            'district': 'TestDistrict',
-            'dob': '1990-01-01'
+            'state': 'California',
+            'district': 'Los Angeles',
+            'dob': '1990-01-01',
+            'password': 'testpass123',
+        }
+
+        self.valid_academy_data = {
+            'email': 'newacademy@example.com',
+            'username': 'newacademy',
+            'sport[]': ['football', 'basketball'],  
+            'state': 'New York',
+            'district': 'Manhattan',
+            'dob': '1980-01-01',
+            'password': 'testpass123',
+            'license': 'ABC123',
+            'is_academy': 'true',
         }
-        with patch('users.views.send_otp.delay') as mock_send_otp:
-            response = self.client.post(self.signup_url, data)
-        self.assertEqual(response.status_code, status.HTTP_200_OK)
-        self.assertEqual(Users.objects.count(), 1)
-        mock_send_otp.assert_called_once_with('test@example.com')
 
-    def test_invalid_signup(self):
-        data = {'email': 'invalid'}  # Missing required fields
+    def test_signup_missing_email(self):
+        data = self.valid_player_data.copy()
+        del data['email']
+        response = self.client.post(self.signup_url, data)
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertIn("Email field is Required", str(response.data['message']))
+
+    def test_signup_invalid_email(self):
+        data = self.valid_player_data.copy()
+        data["email"] = 'invalid email' 
         response = self.client.post(self.signup_url, data)
         self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertIn("Email is not Valid", str(response.data["message"]))
+
+    def test_signup_existing_email(self):
+        Users.objects.create_user(email='existing@gmail.com', password='testpass123')
+        data = self.valid_player_data.copy()
+        data["email"] = "existing@gmail.com"
+        response = self.client.post(self.signup_url, data)
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertIn("Account with Email already exist try login", str(response.data["message"]))
+
+    def test_signup_academy_missing_license(self):
+        data = self.valid_academy_data.copy()
+        del data['license']
+        response = self.client.post(self.signup_url, data)
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertIn("License is required", str(response.data["message"]))
+
+    @patch('users.views.CustomUsersSerializer')
+    @patch('users.task.send_otp.delay')
+    def test_successfull_player_signup(self, mock_send_otp, mock_serializer):
+        mock_serializer.return_value.is_valid.return_value = True
+        response = self.client.post(self.signup_url, self.valid_player_data)
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["message"], "Registration Successfull, Check Email For Verification")
+        mock_send_otp.assert_called_once_with(self.valid_player_data['email'])
+
+    @patch('users.views.CustomUsersSerializer')
+    @patch('users.task.send_otp.delay')
+    def test_successfull_academy_signup(self, mock_send_otp, mock_serializer):
+        mock_serializer.return_value.is_valid.return_value = True
+        response = self.client.post(self.signup_url, self.valid_academy_data)
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["message"], "Registration Successfull, Check Email For Verification")
+        mock_send_otp.assert_called_once_with(self.valid_academy_data['email'])
+
+    @patch('users.views.CustomUsersSerializer')
+    def test_signup_serializer_error(self, mock_serializer):
+        mock_serializer.return_value.is_valid.side_effect = ValidationError("Serializer error")
+        response = self.client.post(self.signup_url, self.valid_player_data)
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertIn("Serializer error", str(response.data))
+
 
 class VerifyOtpViewTest(TestCase):
     def setUp(self):
         self.client = APIClient()
         self.verify_otp_url = reverse('otp_verification')
-        self.user = Users.objects.create_user(email='test@example.com', password='testpass123')
-        self.user.otp = '123456'
+        self.user = Users.objects.create_user(
+            email='testuser@example.com',
+            password='testpass123',
+            is_verified=False,
+            otp='123456'
+        )
+
+    def test_verify_otp_missing_email(self):
+        """Test OTP verification with missing email"""
+        response = self.client.put(self.verify_otp_url, {'otp': '123456'})
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertIn('Email is required', str(response.data['message']))
+
+    def test_verify_otp_missing_otp(self):
+        """Test OTP verification with missing OTP"""
+        response = self.client.put(self.verify_otp_url, {'email': 'testuser@example.com'})
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertIn('OTP is required', str(response.data['message']))
+
+    def test_verify_otp_expired(self):
+        """Test OTP verification when OTP has expired"""
+        self.user.otp = None
         self.user.save()
+        response = self.client.put(self.verify_otp_url, {'email': 'testuser@example.com', 'otp': '123456'})
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertEqual(response.data['message'], 'OTP Expired try resending otp')
+
+    def test_verify_otp_invalid(self):
+        """Test OTP verification with invalid OTP"""
+        response = self.client.put(self.verify_otp_url, {'email': 'testuser@example.com', 'otp': '654321'})
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertEqual(response.data['message'], 'Invalid OTP')
+
 
-    def test_successful_otp_verification(self):
-        data = {'email': 'test@example.com', 'otp': '123456'}
-        response = self.client.put(self.verify_otp_url, data)
+    def test_verify_otp_valid(self):
+        """Test successful OTP verification"""
+        response = self.client.put(self.verify_otp_url, {'email': 'testuser@example.com', 'otp': '123456'})
         self.assertEqual(response.status_code, status.HTTP_200_OK)
-        self.user.refresh_from_db()
-        self.assertTrue(self.user.is_verified)
+        self.assertEqual(response.data['message'], 'OTP Verified')
+
+    def test_verify_otp_method_not_allowed(self):
+        """Test that only PUT method is allowed for OTP verification"""
+        response = self.client.post(self.verify_otp_url, {'email': 'testuser@example.com', 'otp': '123456'})
+        self.assertEqual(response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED)
+
+    def test_verify_otp_already_verified(self):
+        """Test OTP verification for an already verified user"""
+        self.user.is_verified = True
+        self.user.save()
+        response = self.client.put(self.verify_otp_url, {'email': 'testuser@example.com', 'otp': '123456'})
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data['message'], 'Already verfied Try logging in again')
 
-    def test_invalid_otp(self):
-        data = {'email': 'test@example.com', 'otp': '000000'}
-        response = self.client.put(self.verify_otp_url, data)
-        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
 
 class LoginViewTestCase(TestCase):
     def setUp(self):
         self.client = APIClient()
-        self.login_url = reverse('login')  # Assuming you have a URL name 'login' for this view
+        self.login_url = reverse('login') 
 
-        # Create a regular user
         self.user = Users.objects.create_user(
             email='user@example.com',
             password='testpass123',
@@ -68,7 +161,6 @@ def setUp(self):
             is_active=True
         )
 
-        # Create an academy user
         self.academy_user = Users.objects.create_user(
             email='academy@example.com',
             password='testpass123',
@@ -79,7 +171,6 @@ def setUp(self):
         )
         Academy.objects.create(user=self.academy_user, is_certified=True)
 
-        # Create an admin user
         self.admin_user = Users.objects.create_user(
             email='admin@example.com',
             password='testpass123',
@@ -185,22 +276,60 @@ def test_resend_otp(self, mock_send_otp):
         self.assertEqual(response.status_code, status.HTTP_200_OK)
         mock_send_otp.assert_called_once_with('test@example.com')
 
-class ForgetPasswordViewTest(TestCase):
+
+
+class ForgetPasswordViewTestCase(TestCase):
     def setUp(self):
         self.client = APIClient()
         self.forget_password_url = reverse('forget_pass')
-        self.user = Users.objects.create_user(email='test@example.com', password='oldpass123')
+
+        self.user = Users.objects.create_user(
+            email='testuser@example.com',
+            password='oldpassword123'
+        )
 
-    @patch('users.views.send_otp.delay')
-    def test_forget_password_send_otp(self, mock_send_otp):
-        data = {'email': 'test@example.com'}
-        response = self.client.post(self.forget_password_url, data)
+    def test_forget_password_missing_email(self):
+        """Test forget password with missing email"""
+        response = self.client.post(self.forget_password_url, {})
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertEqual(response.data['message'], 'Email is required')
+
+    def test_forget_password_non_existent_email(self):
+        """Test forget password with non-existent email"""
+        response = self.client.post(self.forget_password_url, {'email': 'nonexistent@example.com'})
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertEqual(response.data['message'], 'Email is not valid, Try signin')
+
+    @patch('users.task.send_otp.delay')
+    def test_forget_password_valid_email_without_password(self, mock_send_otp):
+        """Test forget password with valid email but without new password"""
+        response = self.client.post(self.forget_password_url, {'email': 'testuser@example.com'})
         self.assertEqual(response.status_code, status.HTTP_200_OK)
-        mock_send_otp.assert_called_once_with('test@example.com')
+        self.assertEqual(response.data['message'], 'Email is valid')
+        mock_send_otp.assert_called_once_with('testuser@example.com')
 
-    def test_forget_password_reset(self):
-        data = {'email': 'test@example.com', 'password': 'newpass123'}
-        response = self.client.post(self.forget_password_url, data)
+    def test_forget_password_valid_email_with_password(self):
+        """Test forget password with valid email and new password"""
+        response = self.client.post(self.forget_password_url, {
+            'email': 'testuser@example.com',
+            'password': 'newpassword123'
+        })
         self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data['message'], 'Password Resetted successfully')
+
+        # Verify that the password was actually changed
         self.user.refresh_from_db()
-        self.assertTrue(self.user.check_password('newpass123'))
+        self.assertTrue(self.user.check_password('newpassword123'))
+
+    def test_forget_password_method_not_allowed(self):
+        """Test that only POST method is allowed for forget password"""
+        response = self.client.get(self.forget_password_url, {'email': 'testuser@example.com'})
+        self.assertEqual(response.status_code, status.HTTP_405_METHOD_NOT_ALLOWED)
+
+    @patch('users.task.send_otp.delay')
+    def test_forget_password_otp_sending_failure(self, mock_send_otp):
+        """Test forget password when OTP sending fails"""
+        mock_send_otp.side_effect = Exception('OTP sending failed')
+        response = self.client.post(self.forget_password_url, {'email': 'testuser@example.com'})
+        self.assertEqual(response.status_code, status.HTTP_400_BAD_REQUEST)
+        self.assertEqual(response.data['message'], 'Internal Server Error')
diff --git a/users/views.py b/users/views.py
@@ -27,7 +27,8 @@ class Signup(APIView):
     email for verification.
     """
     def post(self, request):
-        data = request.data
+        data = request.data.copy()
+        print(data, 'data')
 
         # Initialize an empty dictionary for validation errors
         errors = {}
@@ -42,7 +43,7 @@ def post(self, request):
             except Exception:
                 errors["email"] = "Email is not Valid"
 
-        # If the user is an academy, set the 'sport' field
+        # If the user is an academy, set the 'sport' field    
         if "is_academy" in data:
             if data["is_academy"] == "true":
                 data.setlist("sport", request.data.getlist("sport[]", []))
@@ -60,7 +61,7 @@ def post(self, request):
             errors["dob"] = "Date of birth is required"
         if "password" in data and not data["password"]:
             errors["password"] = "Password is required"
-        if "license" in data and not data["license"]:
+        if (data.get("is_academy",None) == "true" and "license" not in data) or  ("license" in data and not data["license"]) :
             errors["license"] = "License is required"
 
         # Check if an account with the provided email already exists
@@ -84,7 +85,7 @@ def post(self, request):
             send_otp.delay(email)
             return Response(
                 {
-                    "message": "Registration Successful, Check Email For Verification",
+                    "message": "Registration Successfull, Check Email For Verification",
                 },status.HTTP_200_OK
             )
         except Exception as e:
@@ -103,7 +104,27 @@ def put(self, request):
             data = request.data
             email = data["email"] if "email" in data else None
             otp = data["otp"] if "otp" in data else None
+            print(email, data, 'email data')
+            if email is None:
+                return Response(
+                    {
+                    "message": "Email is required"
+                    },status=status.HTTP_400_BAD_REQUEST
+                )
+
             user = Users.objects.get(email=email)
+            if user.is_verified:
+                return Response(
+                    {
+                        "message": "Already verfied Try logging in again"
+                    }
+                )
+            if otp is None:
+                return Response(
+                    {
+                    "message": "OTP is required"
+                    },status=status.HTTP_400_BAD_REQUEST
+                )
 
             # Check if the OTP has expired
             if not user.otp:
@@ -300,7 +321,7 @@ class Logout(APIView):
     This view invalidates the user's JWT tokens upon logout.
     """
     def post(self, request):
-        refresh_token = request.data.get("refresh")
+        refresh_token = request.data.get("refresh", None)
         if refresh_token:
             token = RefreshToken(refresh_token)
             token.blacklist()
@@ -339,7 +360,11 @@ class ForgetPassword(APIView):
     """
     def post(self, request):
         try:
-            if "email" in request.data:
+            if "email" not in request.data:
+                return Response({
+                    "message": "Email is required"
+                },status=status.HTTP_400_BAD_REQUEST)
+            else:
                 email = request.data["email"]
 
                 # Check if the request includes a new password