banned response from auth api

misago/users/api/auth.py

@@ -25,8 +25,13 @@ def login(request):
         return Response(AuthenticatedUserSerializer(form.user_cache).data)
     else:
         error = form.errors.as_data()['__all__'][0]
+        if error.code == 'banned':
+            error.message = form.user_ban.ban.get_serialized_message()
+        else:
+            error.message = error.messages[0]
+
         return Response({
-            'detail': error.messages[0],
+            'detail': error.message,
             'code': error.code
         }, status=status.HTTP_400_BAD_REQUEST)
 

misago/users/tests/test_auth_api.py

@@ -4,6 +4,8 @@ from django.contrib.auth import get_user_model
 from django.core.urlresolvers import reverse
 from django.test import TestCase
 
+from misago.users.models import Ban, BAN_USERNAME
+
 
 class AuthenticateAPITests(TestCase):
     def test_api_invalid_credentials(self):
@@ -32,9 +34,6 @@ class AuthenticateAPITests(TestCase):
 
         self.assertEqual(response.status_code, 200)
 
-        response = self.client.get(reverse('misago:index'))
-        self.assertEqual(response.status_code, 200)
-
         response = self.client.get(reverse('misago:api:auth_user'))
         self.assertEqual(response.status_code, 200)
 
@@ -44,8 +43,49 @@ class AuthenticateAPITests(TestCase):
 
     def test_api_signin_banned(self):
         """login api fails to sign banned user in"""
-        raise NotImplemented("TODO: test_api_signin_banned")
+        User = get_user_model()
+        User.objects.create_user('Bob', 'bob@test.com', 'Pass.123')
+
+        ban = Ban.objects.create(check_type=BAN_USERNAME,
+                                 banned_value='bob',
+                                 user_message='You are tragically banned.')
+
+        response = self.client.post(
+            reverse('misago:api:login'),
+            data={'username': 'Bob', 'password': 'Pass.123'})
+        self.assertEqual(response.status_code, 400)
+
+        response_json = json.loads(response.content)
+        self.assertEqual(response_json['code'], 'banned')
+        self.assertEqual(response_json['detail']['message']['plain'],
+                         ban.user_message)
+        self.assertEqual(response_json['detail']['message']['html'],
+                         '<p>%s</p>' % ban.user_message)
+
+    def test_api_signin_inactive_admin(self):
+        """login api fails to sign admin-activated user in"""
+        User = get_user_model()
+        User.objects.create_user('Bob', 'bob@test.com', 'Pass.123',
+                                 requires_activation=1)
+
+        response = self.client.post(
+            reverse('misago:api:login'),
+            data={'username': 'Bob', 'password': 'Pass.123'})
+        self.assertEqual(response.status_code, 400)
+
+        response_json = json.loads(response.content)
+        self.assertEqual(response_json['code'], 'inactive_user')
+
+    def test_api_signin_inactive_user(self):
+        """login api fails to sign user-activated user in"""
+        User = get_user_model()
+        User.objects.create_user('Bob', 'bob@test.com', 'Pass.123',
+                                 requires_activation=2)
+
+        response = self.client.post(
+            reverse('misago:api:login'),
+            data={'username': 'Bob', 'password': 'Pass.123'})
+        self.assertEqual(response.status_code, 400)
 
-    def test_api_signin_inactive(self):
-        """login api fails to sign inactive user in"""
-        raise NotImplemented("TODO: test_api_signin_inactive")
+        response_json = json.loads(response.content)
+        self.assertEqual(response_json['code'], 'inactive_admin')