feat: forbid form data in html

It has been a while since all pages have moved to json instead of form
data, except for login page. This commit changes login to json data
instead of form one

tests/ahriman/web/views/test_view_base.py

@@ -87,68 +87,6 @@ def test_get_non_empty() -> None:
         BaseView.get_non_empty(lambda k: [], "key")
 
 
-async def test_data_as_json(base: BaseView) -> None:
-    """
-    must parse multi value form payload
-    """
-    json = {"key1": "value1", "key2": ["value2", "value3"], "key3": ["value4", "value5", "value6"]}
-
-    async def get_data():
-        result = MultiDict()
-        for key, values in json.items():
-            if isinstance(values, list):
-                for value in values:
-                    result.add(key, value)
-            else:
-                result.add(key, values)
-        return result
-
-    base._request = pytest.helpers.request(base.request.app, "", "", data=get_data)
-    assert await base.data_as_json([]) == json
-
-
-async def test_data_as_json_with_list_keys(base: BaseView) -> None:
-    """
-    must parse multi value form payload with forced list
-    """
-    json = {"key1": "value1"}
-
-    async def get_data():
-        return json
-
-    base._request = pytest.helpers.request(base.request.app, "", "", data=get_data)
-    assert await base.data_as_json(["key1"]) == {"key1": ["value1"]}
-
-
-async def test_extract_data_json(base: BaseView) -> None:
-    """
-    must parse and return json
-    """
-    json = {"key1": "value1", "key2": "value2"}
-
-    async def get_json():
-        return json
-
-    base._request = pytest.helpers.request(base.request.app, "", "", json=get_json)
-    assert await base.extract_data() == json
-
-
-async def test_extract_data_post(base: BaseView) -> None:
-    """
-    must parse and return form data
-    """
-    json = {"key1": "value1", "key2": "value2"}
-
-    async def get_json():
-        raise ValueError()
-
-    async def get_data():
-        return json
-
-    base._request = pytest.helpers.request(base.request.app, "", "", json=get_json, data=get_data)
-    assert await base.extract_data() == json
-
-
 async def test_head(client: TestClient) -> None:
     """
     must implement head as get method

tests/ahriman/web/views/v1/service/test_view_v1_service_update.py

@@ -63,7 +63,6 @@ async def test_post_empty(client: TestClient, mocker: MockerFixture) -> None:
     """
     must call raise 400 on invalid request
     """
-    mocker.patch("ahriman.web.views.base.BaseView.extract_data", side_effect=Exception())
     update_mock = mocker.patch("ahriman.core.spawn.Spawn.packages_update")
     response_schema = pytest.helpers.schema_response(UpdateView.post, code=400)
 

tests/ahriman/web/views/v1/user/test_view_v1_user_login.py

@@ -125,9 +125,6 @@ async def test_post(client_with_auth: TestClient, user: User, mocker: MockerFixt
     response = await client_with_auth.post("/api/v1/login", json=payload)
     assert response.ok
 
-    response = await client_with_auth.post("/api/v1/login", data=payload)
-    assert response.ok
-
     remember_mock.assert_called()
 
 
@@ -156,3 +153,16 @@ async def test_post_unauthorized(client_with_auth: TestClient, user: User, mocke
     assert response.status == 401
     assert not response_schema.validate(await response.json())
     remember_mock.assert_not_called()
+
+
+async def test_post_invalid_json(client_with_auth: TestClient, mocker: MockerFixture) -> None:
+    """
+    must return unauthorized on invalid auth
+    """
+    response_schema = pytest.helpers.schema_response(LoginView.post, code=400)
+    remember_mock = mocker.patch("aiohttp_security.remember")
+
+    response = await client_with_auth.post("/api/v1/login")
+    assert response.status == 400
+    assert not response_schema.validate(await response.json())
+    remember_mock.assert_not_called()