测试用例（2）

**测试用例2:**

### **概述**

本测试用例旨在评估一个基于 Python 的 Web 应用的完整性，包括其功能、性能、安全性等方面。我们将使用 Pytest 作为测试框架，并编写相应的测试用例来验证应用的正确性。

### **环境准备**

* Python3.9.x* Pytest6.2.x* Flask2.0.x (用于构建 Web 应用)
* requests2.25.x (用于 HTTP 请求)

### **测试用例**

#### **功能测试**

##### **测试用例1: 登录功能**

import pytestfrom app import app, db@pytest.fixturedef client():
 with app.test_client() as client:
 yield clientdef test_login(client):
 # 测试正常登录 response = client.post('/login', data={'username': 'test_user', 'password': 'test_password'})
 assert response.status_code ==200 # 测试错误的用户名或密码 response = client.post('/login', data={'username': 'wrong_user', 'password': 'wrong_password'})
 assert response.status_code ==401def test_register(client):
 # 测试正常注册 response = client.post('/register', data={'username': 'new_user', 'password': 'new_password'})
 assert response.status_code ==200 # 测试重复的用户名 response = client.post('/register', data={'username': 'existing_user', 'password': 'new_password'})
 assert response.status_code ==400

import pytestfrom app import db@pytest.fixturedef engine():
 return db.enginedef test_insert(engine):
 # 测试插入数据 with engine.connect() as conn:
 conn.execute('INSERT INTO users (username, password) VALUES (%s, %s)', ('test_user', 'test_password'))
 # 测试查询数据 with engine.connect() as conn:
 result = conn.execute('SELECT * FROM users WHERE username = %s', ('test_user',))
 assert len(result.fetchall()) ==1def test_update(engine):
 # 测试更新数据 with engine.connect() as conn:
 conn.execute('UPDATE users SET password = %s WHERE username = %s', ('new_password', 'test_user'))
 # 测试删除数据 with engine.connect() as conn:
 conn.execute('DELETE FROM users WHERE username = %s', ('test_user',))

import pytestfrom app import app@pytest.fixturedef client():
 with app.test_client() as client:
 yield clientdef test_response_time(client):
 # 测试正常请求的响应时间 start_time = time.time()
 response = client.get('/')
 end_time = time.time()
 assert end_time - start_time < 0.5 # 测试错误的请求 start_time = time.time()
 response = client.post('/wrong_url')
 end_time = time.time()
 assert end_time - start_time >1.0

import pytestfrom app import db@pytest.fixturedef engine():
 return db.enginedef test_sql_injection(engine):
 # 测试正常的 SQL 查询 with engine.connect() as conn:
 result = conn.execute('SELECT * FROM users WHERE username = %s', ('test_user',))
 assert len(result.fetchall()) ==1 # 测试 SQL 注入攻击 with engine.connect() as conn:
 result = conn.execute('SELECT * FROM users WHERE username = %s OR1=1', ('test_user',))
 assert len(result.fetchall()) >1