python/fastapi-users
1
0
Fork 0
mirror of https://github.com/fastapi-users/fastapi-users.git synced 2025-08-14 18:58:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix #475: add uuid convertor to routes so they are not catching custom routes

Browse Source
This commit is contained in:
François Voron
2021-02-06 11:16:15 +01:00
parent 7c5573fbbc
commit 3146a1ffe6
2 changed files with 34 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
fastapi_users/router/users.py
View File

@ -71,7 +71,7 @@ def get_users_router(
return updated_user return updated_user
@router.get( @router.get(
"/{id}", "/{id:uuid}",
response_model=user_model, response_model=user_model,
dependencies=[Depends(get_current_superuser)], dependencies=[Depends(get_current_superuser)],
) )
@ -79,7 +79,7 @@ def get_users_router(
return await _get_or_404(id) return await _get_or_404(id)
@router.patch( @router.patch(
"/{id}", "/{id:uuid}",
response_model=user_model, response_model=user_model,
dependencies=[Depends(get_current_superuser)], dependencies=[Depends(get_current_superuser)],
) )
@ -95,7 +95,7 @@ def get_users_router(
return await _update_user(user, updated_user_data, request) return await _update_user(user, updated_user_data, request)
@router.delete( @router.delete(
"/{id}", "/{id:uuid}",
status_code=status.HTTP_204_NO_CONTENT, status_code=status.HTTP_204_NO_CONTENT,
dependencies=[Depends(get_current_superuser)], dependencies=[Depends(get_current_superuser)],
) )

76
tests/test_fastapi_users.py
View File

@ -30,6 +30,10 @@ async def test_app_client(
app.include_router(fastapi_users.get_users_router(), prefix="/users") app.include_router(fastapi_users.get_users_router(), prefix="/users")
app.include_router(fastapi_users.get_verify_router("SECRET")) app.include_router(fastapi_users.get_verify_router("SECRET"))
@app.delete("/users/me")
def custom_users_route():
return None
@app.get("/current-user") @app.get("/current-user")
def current_user(user=Depends(fastapi_users.get_current_user)): def current_user(user=Depends(fastapi_users.get_current_user)):
return user return user
@ -86,61 +90,35 @@ async def test_app_client(
@pytest.mark.fastapi_users @pytest.mark.fastapi_users
@pytest.mark.asyncio @pytest.mark.asyncio
class TestRoutes: @pytest.mark.parametrize(
async def test_routes_exist(self, test_app_client: httpx.AsyncClient): "path,method",
response = await test_app_client.post("/register") [
("/register", "POST"),
("/request-verify-token", "POST"),
("/verify", "POST"),
("/forgot-password", "POST"),
("/reset-password", "POST"),
("/login", "POST"),
("/logout", "POST"),
("/register", "POST"),
("/users/d35d213e-f3d8-4f08-954a-7e0d1bea286f", "GET"),
("/users/d35d213e-f3d8-4f08-954a-7e0d1bea286f", "PATCH"),
("/users/d35d213e-f3d8-4f08-954a-7e0d1bea286f", "DELETE"),
],
)
async def test_route_exists(test_app_client: httpx.AsyncClient, path: str, method: str):
response = await test_app_client.request(method, path)
assert response.status_code not in ( assert response.status_code not in (
status.HTTP_404_NOT_FOUND, status.HTTP_404_NOT_FOUND,
status.HTTP_405_METHOD_NOT_ALLOWED, status.HTTP_405_METHOD_NOT_ALLOWED,
) )
response = await test_app_client.post("/request-verify-token")
assert response.status_code not in (
status.HTTP_404_NOT_FOUND,
status.HTTP_405_METHOD_NOT_ALLOWED,
)
response = await test_app_client.post("/verify") @pytest.mark.fastapi_users
assert response.status_code not in ( @pytest.mark.asyncio
status.HTTP_404_NOT_FOUND, async def test_custom_users_route_not_catched(test_app_client: httpx.AsyncClient):
status.HTTP_405_METHOD_NOT_ALLOWED, response = await test_app_client.request("DELETE", "/users/me")
) assert response.status_code == status.HTTP_200_OK
response = await test_app_client.post("/forgot-password")
assert response.status_code not in (
status.HTTP_404_NOT_FOUND,
status.HTTP_405_METHOD_NOT_ALLOWED,
)
response = await test_app_client.post("/reset-password")
assert response.status_code not in (
status.HTTP_404_NOT_FOUND,
status.HTTP_405_METHOD_NOT_ALLOWED,
)
response = await test_app_client.post("/login")
assert response.status_code not in (
status.HTTP_404_NOT_FOUND,
status.HTTP_405_METHOD_NOT_ALLOWED,
)
response = await test_app_client.post("/logout")
assert response.status_code not in (
status.HTTP_404_NOT_FOUND,
status.HTTP_405_METHOD_NOT_ALLOWED,
)
response = await test_app_client.get("/users/aaa")
assert response.status_code not in (
status.HTTP_404_NOT_FOUND,
status.HTTP_405_METHOD_NOT_ALLOWED,
)
response = await test_app_client.patch("/users/aaa")
assert response.status_code not in (
status.HTTP_404_NOT_FOUND,
status.HTTP_405_METHOD_NOT_ALLOWED,
)
@pytest.mark.fastapi_users @pytest.mark.fastapi_users