From b7d191a8ebb35ee822d0d118324cbadc8f87c6af Mon Sep 17 00:00:00 2001 From: dandds Date: Mon, 9 Jul 2018 13:50:36 -0400 Subject: [PATCH] do not redirect in get_current_user --- atst/handler.py | 2 +- tests/test_auth.py | 12 ++++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/atst/handler.py b/atst/handler.py index bed23d21..2ad1acaf 100644 --- a/atst/handler.py +++ b/atst/handler.py @@ -23,7 +23,7 @@ class BaseHandler(tornado.web.RequestHandler): try: session = self.application.sessions.get_session(cookie) except SessionNotFoundError: - return self.redirect("/login") + return None else: return None diff --git a/tests/test_auth.py b/tests/test_auth.py index 67a77e45..0f5cd6f3 100644 --- a/tests/test_auth.py +++ b/tests/test_auth.py @@ -19,6 +19,18 @@ def test_redirects_when_not_logged_in(http_client, base_url): assert re.match("/\??", location) +@pytest.mark.gen_test +def test_redirects_when_session_does_not_exist(monkeypatch, http_client, base_url): + monkeypatch.setattr("atst.handlers.main.MainHandler.get_secure_cookie", lambda s,c: 'stale cookie!') + response = yield http_client.fetch( + base_url + "/home", raise_error=False, follow_redirects=False + ) + location = response.headers["Location"] + assert response.code == 302 + assert response.error + assert re.match("/\??", location) + + @pytest.mark.gen_test def test_login_with_valid_bearer_token(app, monkeypatch, http_client, base_url): monkeypatch.setattr("atst.handlers.login.Login._fetch_user_info", _fetch_user_info)