Thank you Anthony for asserting that the session is not cleared.
I think the problem lies in `gluon/contrib/webclient.py` as the test works
well when using another browser like firefox.
I just tried to call another action without `session.forget` before calling
`index`, but the test still failed after registration.
Where can I read about what a browser shall do with respect to header and
cookies ? I suspect the problem lies somewhere in between, but I definitely
lack of knowledge.
-Mathieu
On Sun, Oct 9, 2016 at 6:23 PM Anthony <abasta...@gmail.com> wrote:
> session.forget() does not clear the session or stop the cookie from being
> exchanged -- it just prevents any changes in the session from being written
> to the persistent session storage.
>
> I'm not sure, but maybe your webclient test doesn't work because the test
> first calls /index and then immediately does a post to the /user/register
> action, but because you have session.forget() in the index function, no
> session is created at all. What happens if you try a test that visits at
> least one action (without session.forget) before attempting to
> register/login?
>
> Anthony
>
>
> On Sunday, October 9, 2016 at 8:23:37 AM UTC-4, Mathieu Clabaut wrote:
>
> Hello,
>
> I'm looking for a deeper understanding on how session and
> `session.forget` works. More precisely, I was wondering if the
> authentication would survive a `session.forget` call.
> So, I add `session.forget` at the beginning of the default/index
> controller, and everything seems to go fine when manually testing in a web
> browser (i.e., once logged, the user stay logged even after visiting
> default/index).
> However, when testing with webclient, the same action failed, and the
> user is now logged out after visiting default/index. You can try by
> applying the following patch on the last mercurial head :
> ```diff
> diff --git a/applications/welcome/controllers/default.py
> b/applications/welcome/controllers/default.py
> index 87c6d55..7d8b06a 100644
> --- a/applications/welcome/controllers/default.py
> +++ b/applications/welcome/controllers/default.py
> @@ -17,10 +17,15 @@ def index():
> if you need a simple wiki simply replace the two lines below with:
> return auth.wiki()
> """
> + session.forget(response)
> response.flash = T("Hello World")
> return dict(message=T('Welcome to web2py!'))
>
>
> +@auth.requires_login()
> +def logged_action():
> + return dict(res=auth.user)
> +
> def user():
> """
> exposes:
> diff --git a/gluon/tests/test_web.py b/gluon/tests/test_web.py
> index 4a3ef3b..4f0886f 100644
> --- a/gluon/tests/test_web.py
> +++ b/gluon/tests/test_web.py
> @@ -88,7 +88,9 @@ class TestWeb(LiveTest):
>
> # check registration and login were successful
> client.get('index')
> + self.assertTrue('Welcome Homer' in client.text)
>
> + client.get('logged_action')
> self.assertTrue('Welcome Homer' in client.text)
>
> client = WebClient('http://127.0.0.1:8000/admin/default/')
>
> ```
>
> and run the test with:
> ```
> python2 -m unittest -v gluon.tests.test_web
> ```
>
> Some questions follow:
> - how can a logged-in user stay logged after visiting a page which does a
> `session.forget` (I guess there are some cookies into the play) ?
> - is the observed behaviour of`webclient` expected ? If not, what shall
> `webclient` do to mimic the behaviour of a web browser.
>
> Thank you for sharing your insights.
>
> -Mathieu
>
> --
> Resources:
> - http://web2py.com
> - http://web2py.com/book (Documentation)
> - http://github.com/web2py/web2py (Source code)
> - https://code.google.com/p/web2py/issues/list (Report Issues)
> ---
> You received this message because you are subscribed to the Google Groups
> "web2py-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to web2py+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to web2py+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
