Implement unified story generation flow
This commit is contained in:
@@ -73,6 +73,7 @@ class TestDevSigninRedirect:
|
||||
|
||||
def test_dev_signin_uses_allowed_next_url(self, client: TestClient, monkeypatch):
|
||||
"""允许的 next 参数应作为登录完成后的回跳地址。"""
|
||||
monkeypatch.setattr(settings, "debug", True)
|
||||
monkeypatch.setattr(settings, "cors_origins", ["http://localhost:5173", "http://localhost:5174"])
|
||||
|
||||
response = client.get(
|
||||
@@ -86,6 +87,7 @@ class TestDevSigninRedirect:
|
||||
|
||||
def test_dev_signin_rejects_untrusted_next_url(self, client: TestClient, monkeypatch):
|
||||
"""不可信的 next 参数应回退到默认前端地址,避免开放重定向。"""
|
||||
monkeypatch.setattr(settings, "debug", True)
|
||||
monkeypatch.setattr(settings, "cors_origins", ["http://localhost:5173", "http://localhost:5174"])
|
||||
|
||||
response = client.get(
|
||||
|
||||
Reference in New Issue
Block a user