https://www.django-rest-framework.org/api-guide/testing/#making-requests
from rest_framwork import APIRequestFactory
factory = APIRequestFactory()
request = factory.post('/notes/', {'title':'new idea'})
factory = APIRequestFactory()
request = factory.post('/notes/', {'title':'new idea'}, format = 'json')
request = factory.post('/notes/', json.dumps({'title':'new idea'}), content_type='application/json')
factory = APIRequestFactory()
request = factory.put('/notes/547/', {'title': 'remeber to email dave'})
from django.test.client import encode_multipart, RequestFactory
factory = RequestFactory()
data = {'title': 'remember to email dave'}
content = encode_multipart('BoUnDaRyStRiNg', data)
content_type = 'multipart/form-data; boundary=BoUnDaRyStRiNg'
request = factory.put('/notes/547/', content, content_type=content_type)
from rest_framework.test import force_authenticate
factory = APIRequestFactory()
user = User.objects.get(username='olivia')
view = AccountDetail.as_view()
request = factory.get('/accounts/django-superstars/')
force_authenticate(request, user=user)
response = view(request)
the signature of the method is 'force_authenticate(request, user=None, token=None)'. When making the call, either or both of the user and token may be set.
when forcibly authenticating using a token, you might do something like
user = User.objects.get(username='olivia')
request = factory.get('/accounts/django-superstars/')
force_authenticate(request, user=user, token=user.auth_token)
force_authenticate directly sets request.user to the in-memory user instance. If you are re-using the same user instance across multiple tests that update the saved user state, you may need to call refresh_from_db() between tests.
when using APIRequestFactory the object that is returned is django's standard HTTPRequest, and not REST framework's Request object, which is only generated once the view is called.
factory = APIRequestFactory(enforce_csrf_checks=True)
from rest_framework.test import APIClient
client = APIClient()
client.post('/notes/', {'title':'new idea'}, format='json')
the 'login' method functions exactly as it does with django's regular Client class. This allows you to authenticate requests against any views which include 'SessionAuthentication'.
login(**kwargs)
client = APIClient()
client.login(username='lauren', password='secret')
from rest_framework.authtoken.models import Token
from rest_framework.test import APIClient
token = Token.objects.get(user__username='lauren')
client= APIClient()
client.credentials(HTTP_AUTHORIZATION='Token' + token.key)
the credentials method is appropriate for testing apis that require authentication headers, such as basic authentication, oauth1 and oauth2 authentication, and simple token authentication schemes.
.force_authenticate(user=None, token=None)
sometimes you may want to bypass authentication entirely and force all requests by the test client to be automatically treated as authenticated.
user = User.objects.get(username='lauren')
client = APIClient()
client.force_authenticate(user=user)
from rest_framework.test import RequestsClient
client = RequestsClient()
response = client.get('http://testserver/users/')
assert response.status_code == 200
from requests.auth import HTTPBasicAuth
client.auth = HTTPBasicAuth('user', 'pass')
client.headers.update({'x-test':'true'})
client = RequestsClient()
response = client.get('http://testserver/homepage/')
assert response.status_code == 200
csrftoken = response.cookies['csrftoken']
#interact with the api
response = client.post('http://testserver/organisation/', json={
'name': 'MegaCorp'.
'status':'active'
}, headers={'X-CSRFToken': csrftoken})
assert response.status_code == 200
#fetch the api schema
client = CoreAPIClient()
schema = client.get('http://testserver/schema/')
#create new organisation
params = {'name':'MegaCorp', 'status':'active'}
client.action(schema, ['organisations', 'create'], params)
#ensure that the organisation exists in the listing
data = client.action(schema, ['organisations', 'list'])
assert(len(data)==1)
assert(data == [{'name':'MegaCorp', 'status':'active'}])
from request.auth import HTTPBasicAuth
client = CoreAPIClient()
client.session.auth = HTTPBasicAuth('user', 'pass')
client.session.headers.update({'x-test':'true'})
REST framework includes the following test cases, that mirror existing django test case classes, but use APIClient instead of django's default Client.