在功能测试中，如何使用Play Framework中的安全模块伪造经过身份验证的用户? [英] In a functional test, how can I fake an authenticated user using Secure module in Play Framework?

问题描述

您如何在Play Framework 1.2.3的功能测试中伪造会话值?

How would you fake a session value in functional test in Play Framework 1.2.3?

我正在做一个简单的测试，例如:

I'm doing a simple test like:

在运行测试之前，我设置了一个空白会话，希望它可以成为测试的一部分:

Before running the test, I set up a blank session, hoping it will make part of the test:

@Before
public void setupHTTP() {
   Session.current.set(new Session());
}

@Test
public void testRedirectToUserHomeForAuthenticatedUserWhenBlankAction() {
    authenticateUser("test@user.com");
    Response response = GET("/user/blank");
    assertRedirected(response, "/user/home");
}

方法

authenticate(String userEmail)

只是将密钥用户名"放在会话映射中:

just put the key "username" in the session map:

protected void authenticateUser(String userEmail) {
        // Put in session the email
        Session.current.get().put(USERNAME, userEmail);
}

但是，只要我能理解，测试就在不同的线程中运行，并且看不到我已设置的会话...

But the test runs in a different thread, as long as I could understand, and don't see the session I've set up...

如何在功能测试中伪造会话值?

How to fake session values in functional tests?

推荐答案

为什么要假冒伪劣，您可以通过在请求之间携带cookie来对用户进行身份验证并在功能测试中使用其会话.

Why do you want to fake, you can authenticate a user and work with its session in a functional test by carrying cookies between requests.

类似

Response response = makeRequest(...); // connexion request
Request request = newRequest(...);  // new request
request.cookies = response.cookies

通过获取上一个响应的Cookie，您可以进行会话

by getting the cookies of the previous response you carry your session

这篇关于在功能测试中，如何使用Play Framework中的安全模块伪造经过身份验证的用户?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！