Failing tests with WTForms 3.0.*

[mcepl]

Hi, while packaging flask-security 4.1.3 for openSUSE (with WTForms 3.0.1) I get plenty of failed asserts where location didn’t contain http://localhost anymore. With this patch I get all but one test passing:

[  125s] =================================== FAILURES ===================================
[  125s] _____________________________ test_two_factor_flag _____________________________
[  125s]
[  125s] app = <Flask 'tests.conftest'>, client = <FlaskClient <Flask 'tests.conftest'>>
[  125s]
[  125s]     @pytest.mark.settings(two_factor_required=True)
[  125s]     def test_two_factor_flag(app, client):
[  125s]         # trying to verify code without going through two-factor
[  125s]         # first login function
[  125s]         wrong_code = b"000000"
[  125s]         response = client.post(
[  125s]             "/tf-validate", data=dict(code=wrong_code), follow_redirects=True
[  125s]         )
[  125s]
[  125s]         message = b"You currently do not have permissions to access this page"
[  125s]         assert message in response.data
[  125s]
[  125s]         # Test login using invalid email
[  125s]         data = dict(email="nobody@lp.com", password="password")
[  125s]         response = client.post("/login", data=data, follow_redirects=True)
[  125s]         assert b"Specified user does not exist" in response.data
[  125s]         response = client.post(
[  125s]             "/login",
[  125s]             json=data,
[  125s]             headers={"Content-Type": "application/json"},
[  125s]             follow_redirects=True,
[  125s]         )
[  125s]         assert b"Specified user does not exist" in response.data
[  125s]
[  125s]         # Test login using valid email and invalid password
[  125s]         data = dict(email="gal@lp.com", password="wrong_pass")
[  125s]         response = client.post("/login", data=data, follow_redirects=True)
[  125s]         assert b"Invalid password" in response.data
[  125s]         response = client.post(
[  125s]             "/login",
[  125s]             json=data,
[  125s]             headers={"Content-Type": "application/json"},
[  125s]             follow_redirects=True,
[  125s]         )
[  125s]         assert b"Invalid password" in response.data
[  125s]
[  125s]         # Test two-factor authentication first login
[  125s]         data = dict(email="matt@lp.com", password="password")
[  125s]         response = client.post("/login", data=data, follow_redirects=True)
[  125s]         message = b"Two-factor authentication adds an extra layer of security"
[  125s]         assert message in response.data
[  125s]         response = client.post(
[  125s]             "/tf-setup", data=dict(setup="not_a_method"), follow_redirects=True
[  125s]         )
[  125s]         assert b"Marked method is not valid" in response.data
[  125s]         session = get_session(response)
[  125s] >       assert session["tf_state"] == "setup_from_login"
[  125s] E       TypeError: 'NoneType' object is not subscriptable
[  125s]
[  125s] tests/test_two_factor.py:323: TypeError

Any idea what’s wrong there?

Complete build log with all versions of packages and steps taken.

[jwag956]

I believe this is a dup of #594 - this has been fixed in master. Not sure when I will be able to push a new release.