中控
This commit is contained in:
@@ -0,0 +1,48 @@
|
||||
"""验证中控 embed-auth 与 login 返回 session_token。"""
|
||||
from __future__ import annotations
|
||||
|
||||
import sys
|
||||
from pathlib import Path
|
||||
|
||||
ROOT = Path(__file__).resolve().parents[1]
|
||||
sys.path.insert(0, str(ROOT / "manual_trading_hub"))
|
||||
sys.path.insert(0, str(ROOT))
|
||||
|
||||
from fastapi.testclient import TestClient
|
||||
|
||||
import os
|
||||
|
||||
os.environ.setdefault("HUB_PASSWORD", "test-pass")
|
||||
os.environ.setdefault("HUB_USERNAME", "admin")
|
||||
os.environ["HUB_ALLOW_PUBLIC"] = "true"
|
||||
|
||||
import hub as hub_mod # noqa: E402
|
||||
|
||||
client = TestClient(hub_mod.app)
|
||||
|
||||
|
||||
def main() -> int:
|
||||
r = client.post("/api/auth/login", json={"username": "admin", "password": "test-pass"})
|
||||
assert r.status_code == 200, r.text
|
||||
data = r.json()
|
||||
assert data.get("ok") is True, data
|
||||
token = data.get("session_token")
|
||||
assert token, "login 应返回 session_token"
|
||||
|
||||
r2 = client.get(f"/embed-auth?token={token}&next=/monitor", follow_redirects=False)
|
||||
assert r2.status_code in (302, 307), r2.status_code
|
||||
assert r2.headers.get("location", "").endswith("/monitor")
|
||||
assert hub_mod.SESSION_COOKIE in r2.headers.get("set-cookie", "")
|
||||
|
||||
r3 = client.get("/monitor", cookies={hub_mod.SESSION_COOKIE: token})
|
||||
assert r3.status_code == 200, r3.status_code
|
||||
|
||||
csp = client.get("/login").headers.get("content-security-policy", "")
|
||||
assert "frame-ancestors" in csp, csp
|
||||
|
||||
print("OK: embed-auth sets session cookie; login returns session_token")
|
||||
return 0
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
raise SystemExit(main())
|
||||
Reference in New Issue
Block a user