Fix tests on main are broken #178
Conversation
| local_api_url = "https://gc.localhost/api/v1/" | ||
| local_api_url = os.environ.get( | ||
| "LOCAL_API_URL", | ||
| "https://gc.localhost/api/v1/", |
There was a problem hiding this comment.
I use http://gc.localhost:8000 locally.
There was a problem hiding this comment.
Might be good to namespace the env var, GCAPI_TESTS_LOCAL_API_URL maybe?
There was a problem hiding this comment.
The changes to the tests look good but please can you revert the checks against https checking? The checks are there not protect against MITM - they are to protect against the auth token being sent over HTTP where everyone has access to it unencrypted. I would very much prefer that we maintained these checks as it would otherwise mean that it is very easy to send the users auth token to GC over http which would result in account compromise.
|
BTW not tried it myself but you might be able to run the test server locally with SSL directly https://django-extensions.readthedocs.io/en/latest/runserver_plus.html#ssl |
Good idea. I'll try that route next time I'm working on gcapi locally. |
Reverted. Let's be double sure the users are using https when sending the tokens! |
|
Quickly writing it here as well: https://github.com/DIAGNijmegen/rse-cirrus-core/issues/3377 CIRRUS is broken, I suspect due to the ordering thing, maybe? I did not have time to sink my teeth in this yet, needs to wait until Monday. |
| local_api_url = "https://gc.localhost/api/v1/" | ||
| local_api_url = os.environ.get( | ||
| "LOCAL_API_URL", | ||
| "https://gc.localhost/api/v1/", |
There was a problem hiding this comment.
Might be good to namespace the env var, GCAPI_TESTS_LOCAL_API_URL maybe?
Also adds a few minor tweaks to make local testing more efficient.