matemat/matemat/webserver/test/test_session.py


from typing import Any, Dict

from datetime import datetime, timedelta
from time import sleep

from matemat.webserver import HttpHandler, RequestArguments
from matemat.webserver.test.abstract_httpd_test import AbstractHttpdTest, test_pagelet


@test_pagelet('/just/testing/sessions')
def session_test_pagelet(method: str,
                         path: str,
                         args: RequestArguments,
                         session_vars: Dict[str, Any],
                         headers: Dict[str, str]):
    session_vars['test'] = 'hello, world!'
    headers['Content-Type'] = 'text/plain'
    return 200, 'session test'


class TestSession(AbstractHttpdTest):
    """
    Test session handling of the Matemat webserver.
    """

    def test_create_new_session(self):
        # Reference date to make sure the session expiry lies in the future
        refdate: datetime = datetime.utcnow() + timedelta(seconds=3500)
        # Send a mock GET request for '/just/testing/sessions'
        self.client_sock.set_request(b'GET /just/testing/sessions HTTP/1.1\r\n\r\n')
        # Trigger request handling
        handler = HttpHandler(self.client_sock, ('::1', 45678), self.server)
        # Fetch the parsed response
        packet = self.client_sock.get_response()
        # Make sure a full HTTP response was parsed
        self.assertEqual('done', packet.parse_phase)
        # Make sure the request was served by the test pagelet
        self.assertEqual('session_test_pagelet', packet.pagelet)
        self.assertEqual(200, packet.statuscode)

        session_id: str = list(handler.server.session_vars.keys())[0]
        # Make sure a cookie was set - assuming that only one was set
        self.assertIn('Set-Cookie', packet.headers)
        # Split into the cookie itself
        cookie, expiry = packet.headers['Set-Cookie'].split(';')
        cookie: str = cookie.strip()
        expiry: str = expiry.strip()
        # Make sure the 'matemat_session_id' cookie was set to the session ID string
        self.assertEqual(f'matemat_session_id={session_id}', cookie)
        # Make sure the session expires in about one hour
        self.assertTrue(expiry.startswith('expires='))
        _, expdatestr = expiry.split('=', 1)
        expdate = datetime.strptime(expdatestr, '%a, %d %b %Y %H:%M:%S GMT')
        self.assertTrue(expdate > refdate)
        # Make sure the session exists on the server
        self.assertIn('test', handler.session_vars)
        self.assertEqual('hello, world!', handler.session_vars['test'])

    def test_resume_session(self):
        # Test session expiry date
        refdate: datetime = datetime.utcnow() + timedelta(hours=1)
        # Session ID for testing
        session_id: str = 'testsessionid'
        # Insert test session
        self.server.session_vars[session_id] = refdate, {'test': 'bar'}
        sleep(2)

        # Send a mock GET request for '/just/testing/sessions' with a matemat session cookie
        self.client_sock.set_request(
            f'GET /just/testing/sessions HTTP/1.1\r\nCookie: matemat_session_id={session_id}\r\n\r\n'.encode('utf-8'))
        # Trigger request handling
        handler = HttpHandler(self.client_sock, ('::1', 45678), self.server)
        # Fetch the parsed response
        packet = self.client_sock.get_response()
        # Make sure a full HTTP response was parsed
        self.assertEqual('done', packet.parse_phase)
        # Make sure the request was served by the test pagelet
        self.assertEqual('session_test_pagelet', packet.pagelet)
        self.assertEqual(200, packet.statuscode)

        response_session_id: str = list(handler.server.session_vars.keys())[0]
        # Make sure a cookie was set - assuming that only one was set
        self.assertIn('Set-Cookie', packet.headers)
        # Split into the cookie itself
        cookie, expiry = packet.headers['Set-Cookie'].split(';')
        cookie: str = cookie.strip()
        expiry: str = expiry.strip()
        # Make sure the 'matemat_session_id' cookie was set to the session ID string
        self.assertEqual(f'matemat_session_id={response_session_id}', cookie)
        # Make sure the session ID matches the one we sent along
        self.assertEqual(session_id, response_session_id)
        # Make sure the session timeout was postponed
        self.assertTrue(expiry.startswith('expires='))
        _, expdatestr = expiry.split('=', 1)
        expdate = datetime.strptime(expdatestr, '%a, %d %b %Y %H:%M:%S GMT')
        self.assertTrue(expdate > refdate)
        # Make sure the session exists on the server
        self.assertIn('test', handler.session_vars)
        self.assertEqual('hello, world!', handler.session_vars['test'])

    def test_unknown_session_id(self):
        # Unknown session ID
        session_id: str = 'theserverdoesnotknowthisid'
        refdate: datetime = datetime.utcnow() + timedelta(seconds=3500)
        # Send a mock GET request for '/just/testing/sessions' with a session cookie not known to the server
        self.client_sock.set_request(
            f'GET /just/testing/sessions HTTP/1.1\r\nCookie: matemat_session_id={session_id}\r\n\r\n'.encode('utf-8'))
        # Trigger request handling
        handler = HttpHandler(self.client_sock, ('::1', 45678), self.server)
        # Fetch the parsed response
        packet = self.client_sock.get_response()
        # Make sure a full HTTP response was parsed
        self.assertEqual('done', packet.parse_phase)
        # Make sure the request was served by the test pagelet
        self.assertEqual('session_test_pagelet', packet.pagelet)
        self.assertEqual(200, packet.statuscode)

        server_session_id: str = list(handler.server.session_vars.keys())[0]
        self.assertNotEqual(session_id, server_session_id)
        # Make sure a cookie was set - assuming that only one was set
        self.assertIn('Set-Cookie', packet.headers)
        # Split into the cookie itself
        cookie, expiry = packet.headers['Set-Cookie'].split(';')
        cookie: str = cookie.strip()
        expiry: str = expiry.strip()
        # Make sure the 'matemat_session_id' cookie was set to the session ID string
        self.assertEqual(f'matemat_session_id={server_session_id}', cookie)
        # Make sure the session expires in about one hour
        self.assertTrue(expiry.startswith('expires='))
        _, expdatestr = expiry.split('=', 1)
        expdate = datetime.strptime(expdatestr, '%a, %d %b %Y %H:%M:%S GMT')
        self.assertTrue(expdate > refdate)
        # Make sure the session exists on the server
        self.assertIn('test', handler.session_vars)
        self.assertEqual('hello, world!', handler.session_vars['test'])

    def test_session_expired(self):
        # Test session expiry date
        refdate: datetime = datetime.utcnow() - timedelta(hours=1)
        # Session ID for testing
        session_id: str = 'testsessionid'
        # Insert test session
        self.server.session_vars[session_id] = refdate, {'test': 'bar'}

        # Send a mock GET request for '/just/testing/sessions' with a matemat session cookie
        self.client_sock.set_request(
            f'GET /just/testing/sessions HTTP/1.1\r\nCookie: matemat_session_id={session_id}\r\n\r\n'.encode('utf-8'))
        # Trigger request handling
        handler = HttpHandler(self.client_sock, ('::1', 45678), self.server)
        # Fetch the parsed response
        packet = self.client_sock.get_response()
        # Make sure a full HTTP response was parsed
        self.assertEqual('done', packet.parse_phase)
        # Make sure the server redirects to /
        self.assertEqual(302, packet.statuscode)
        self.assertIn('Location', packet.headers)
        self.assertEqual('/', packet.headers['Location'])
        # Make sure the session was terminated
        self.assertNotIn(session_id, self.server.session_vars)
No results found.