In Turbogears framework, whenever a user who is not logged in tries to access a url that requires login, he/she is redirected to /login page. But it somehow causes an issue for me here. Actually whenever a HTTPUnauthorized exception is raised, Turbogears itself returns and 302 indicating redirection to the /login page. I am using Turbogears to develop a web api for a mobile app. I am testing a scenario using nosetests where user provides wrong password for logging in expecting 401 status:
invalid_password = {
'username': 'test',
'password': 'invalid'
}
self.app.post('/users/login', params=invalid_password, status=401)
and this is my actual code returning 401:
if not user.validate_password(password):
raise HTTPUnauthorized(explanation='Invalid password')
but Turbogeras itself redirect to login page, returning 302. What is the solution? how can I modify this behaviour?
Aucun commentaire:
Enregistrer un commentaire