Merge d8223cb297 into 56bee93346

2025-04-28 17:32:38 +02:00 · 2025-04-03 12:21:19 +00:00 · 2025-04-03 12:21:19 +00:00 · d92cc1730d
commit d92cc1730d
parent 56bee93346 d8223cb297
4 changed files with 76 additions and 5 deletions
--- a/ihatemoney/templates/home.html
+++ b/ihatemoney/templates/home.html
@ -33,6 +33,20 @@
 </header>
 <main class="row home">
  <div class="card-deck ml-auto mr-auto">
+  {% if 'projects' in session %}
+    <div class="card">
+      <div class="card-header">
+        {{ _("Open a connected project") }}
+      </div>
+      <div class="card-body">
+        <ul>
+          {% for id, name in session['projects'].items() %}
+            <li><a href="{{ url_for("main.list_bills", project_id=id )}}">{{name}}</a>
+          {% endfor %}
+        </ul>
+      </div>
+    </div>
+    {% endif %}
    <div class="card">
      <div class="card-header">
        {{ _("Log in to an existing project") }}
--- a/ihatemoney/tests/api_test.py
+++ b/ihatemoney/tests/api_test.py
@ -6,6 +6,7 @@ import pytest

 from ihatemoney.tests.common.help_functions import em_surround
 from ihatemoney.tests.common.ihatemoney_testcase import IhatemoneyTestCase
+from flask import url_for


 class TestAPI(IhatemoneyTestCase):
@ -1079,3 +1080,58 @@ class TestAPI(IhatemoneyTestCase):
        # Bill type should now be "Expense"
        got = json.loads(req.data.decode("utf-8"))
        assert got["bill_type"] == "Expense"
+
+    def test_project_list_redirection(self):
+        self.post_project("project1", default_currency="USD")
+        self.post_project("project2", default_currency="EUR")
+
+        # Step 2: Log into these projects (simulate a user accessing them)
+        self.login("project1")
+        self.login("project2")
+
+        # Step 3: Access the homepage where the project list should be displayed
+        response = self.client.get("/")
+        self.assertStatus(200, response)
+        page_content = response.data.decode("utf-8")
+
+        # Check that both project names appear in the list
+        assert "project1" in page_content
+        assert "project2" in page_content
+
+        # Step 4: Simulate clicking on "project1" by visiting its link
+        response = self.client.get("/project1/")
+        self.assertStatus(200, response)  # Should load the project page
+        
+        assert "project1" in response.data.decode("utf-8")  # Project content should be visible
+
+    def test_get_auth(self):
+        """
+        Redirects to logged in projects
+        """
+        self.create_project("test-project")
+        self.login("test-project")
+
+        req = self.client.get(url_for('main.list_bills', project_id='test-project'))
+        self.assertStatus(200, req)
+
+    def test_post_auth_wrong_password(self):
+        """
+        Rejects wrong passwords for projects
+        in the session
+        """
+        self.create_project("project1", password="a")
+        req = self.login("project1", "b")
+
+
+        assert req.request.path == '/authenticate'
+
+    def test_post_auth_correct_password(self):
+        """
+        Accepts correct passwords for projects
+        in the session
+        """
+        self.create_project("project1", password="a")
+        req = self.login("project1", "a")
+        
+        assert req.request.path == '/project1/'
+
--- a/ihatemoney/web.py
+++ b/ihatemoney/web.py
@ -258,6 +258,7 @@ def join_project(token):
 def authenticate(project_id=None):
    """Authentication form"""
    form = AuthenticationForm()
+    is_post_auth = request.method == "POST" and form.validate()

    if not form.id.data and request.args.get("project_id"):
        form.id.data = request.args["project_id"]
@ -271,13 +272,12 @@ def authenticate(project_id=None):
            "authenticate.html", form=form, create_project=project_id
        )
    
-    # if credentials are already in session, redirect
-    if session.get(project_id):
+    # if credentials are already in session and no password is provided, redirect
+    if session.get(project_id) and not is_post_auth:
        setattr(g, "project", project)
        return redirect(url_for(".list_bills"))

    # else do form authentication authentication
-    is_post_auth = request.method == "POST" and form.validate()
    if is_post_auth and check_password_hash(project.password, form.password.data):
        set_authorized_project(project)
        setattr(g, "project", project)
@ -290,6 +290,7 @@ def authenticate(project_id=None):


 def get_project_form():
+    fancy = {'complexity':'Cyclo. compl.', 'churn': 'Churn', 'comments_ratio': 'Ratio', 'loc': 'LOC', 'dit': 'DIT', 'cbo': 'CBO', 'vulns': 'Vuln.', 'smells': 'Smells'}
    if current_app.config.get("ENABLE_CAPTCHA", False):
        return ProjectFormWithCaptcha()
    return ProjectForm()