fix(test): FastAPI 0.87.0 - warning fixes

FastAPI 0.87.0 switched to the httpx library for their TestClient * cookies need to be defined on the request instance instead of method calls Signed-off-by: moson-mo <mo-son@mailbox.org>
2025-02-03 10:43:03 +01:00 · 2022-11-24 22:43:31 +01:00 · 2022-11-24 22:43:31 +01:00 · a832b3cddb
commit a832b3cddb
parent 1216399d53
10 changed files with 463 additions and 281 deletions
--- a/test/test_accounts_routes.py
+++ b/test/test_accounts_routes.py
@ -107,7 +107,8 @@ def test_get_passreset_authed_redirects(client: TestClient, user: User):
    assert sid is not None
    with client as request:
-        response = request.get("/passreset", cookies={"AURSID": sid})
+        request.cookies = {"AURSID": sid}
        response = request.get("/passreset")
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    assert response.headers.get("location") == "/"
@ -122,7 +123,8 @@ def test_get_passreset(client: TestClient):
 def test_get_passreset_translation(client: TestClient):
    # Test that translation works; set it to de.
    with client as request:
-        response = request.get("/passreset", cookies={"AURLANG": "de"})
+        request.cookies = {"AURLANG": "de"}
        response = request.get("/passreset")
    # The header title should be translated.
    assert "Passwort zurücksetzen" in response.text
@ -136,7 +138,8 @@ def test_get_passreset_translation(client: TestClient):
    # Restore english.
    with client as request:
-        response = request.get("/passreset", cookies={"AURLANG": "en"})
+        request.cookies = {"AURLANG": "en"}
        response = request.get("/passreset")
 def test_get_passreset_with_resetkey(client: TestClient):
@ -150,9 +153,9 @@ def test_post_passreset_authed_redirects(client: TestClient, user: User):
    assert sid is not None
    with client as request:
        request.cookies = {"AURSID": sid}
        response = request.post(
            "/passreset",
            cookies={"AURSID": sid},
            data={"user": "blah"},
        )
@ -652,7 +655,8 @@ def test_get_account_edit_tu_as_tu(client: TestClient, tu_user: User):
    endpoint = f"/account/{user2.Username}/edit"
    with client as request:
-        response = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        response = request.get(endpoint)
    assert response.status_code == int(HTTPStatus.OK)
    # Verify that we have an account type selection and that the
@ -677,7 +681,8 @@ def test_get_account_edit_as_tu(client: TestClient, tu_user: User):
    endpoint = f"/account/{user2.Username}/edit"
    with client as request:
-        response = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        response = request.get(endpoint)
    assert response.status_code == int(HTTPStatus.OK)
    # Verify that we have an account type selection and that the
@ -700,7 +705,8 @@ def test_get_account_edit_type(client: TestClient, user: User):
    endpoint = f"/account/{user.Username}/edit"
    with client as request:
-        response = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        response = request.get(endpoint)
    assert response.status_code == int(HTTPStatus.OK)
    assert "id_type" not in response.text
@ -713,7 +719,8 @@ def test_get_account_edit_type_as_tu(client: TestClient, tu_user: User):
    endpoint = f"/account/{user2.Username}/edit"
    with client as request:
-        response = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        response = request.get(endpoint)
    assert response.status_code == int(HTTPStatus.OK)
    root = parse_root(response.text)
@ -737,7 +744,8 @@ def test_get_account_edit_unauthorized(client: TestClient, user: User):
    endpoint = f"/account/{user2.Username}/edit"
    with client as request:
        # Try to edit `test2` while authenticated as `test`.
-        response = request.get(endpoint, cookies={"AURSID": sid})
+        request.cookies = {"AURSID": sid}
        response = request.get(endpoint)
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    expected = f"/account/{user2.Username}"
@ -751,9 +759,9 @@ def test_post_account_edit(client: TestClient, user: User):
    post_data = {"U": "test", "E": "test666@example.org", "passwd": "testPassword"}
    with client as request:
        request.cookies = {"AURSID": sid}
        response = request.post(
            "/account/test/edit",
            cookies={"AURSID": sid},
            data=post_data,
        )
@ -777,7 +785,8 @@ def test_post_account_edit_type_as_tu(client: TestClient, tu_user: User):
        "passwd": "testPassword",
    }
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.OK)
@ -795,7 +804,8 @@ def test_post_account_edit_type_as_dev(client: TestClient, tu_user: User):
        "passwd": "testPassword",
    }
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.OK)
    assert user2.AccountTypeID == at.DEVELOPER_ID
@ -814,7 +824,8 @@ def test_post_account_edit_invalid_type_as_tu(client: TestClient, tu_user: User)
        "passwd": "testPassword",
    }
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    assert user2.AccountTypeID == at.USER_ID
@ -840,7 +851,8 @@ def test_post_account_edit_dev(client: TestClient, tu_user: User):
    endpoint = f"/account/{tu_user.Username}/edit"
    with client as request:
-        response = request.post(endpoint, cookies={"AURSID": sid}, data=post_data)
+        request.cookies = {"AURSID": sid}
        response = request.post(endpoint, data=post_data)
    assert response.status_code == int(HTTPStatus.OK)
    expected = "The account, <strong>test</strong>, "
@ -860,9 +872,9 @@ def test_post_account_edit_language(client: TestClient, user: User):
    }
    with client as request:
        request.cookies = {"AURSID": sid}
        response = request.post(
            "/account/test/edit",
            cookies={"AURSID": sid},
            data=post_data,
        )
@ -889,9 +901,9 @@ def test_post_account_edit_timezone(client: TestClient, user: User):
    }
    with client as request:
        request.cookies = {"AURSID": sid}
        response = request.post(
            "/account/test/edit",
            cookies={"AURSID": sid},
            data=post_data,
        )
@ -905,9 +917,9 @@ def test_post_account_edit_error_missing_password(client: TestClient, user: User
    post_data = {"U": "test", "E": "test@example.org", "TZ": "CET", "passwd": ""}
    with client as request:
        request.cookies = {"AURSID": sid}
        response = request.post(
            "/account/test/edit",
            cookies={"AURSID": sid},
            data=post_data,
        )
@ -924,9 +936,9 @@ def test_post_account_edit_error_invalid_password(client: TestClient, user: User
    post_data = {"U": "test", "E": "test@example.org", "TZ": "CET", "passwd": "invalid"}
    with client as request:
        request.cookies = {"AURSID": sid}
        response = request.post(
            "/account/test/edit",
            cookies={"AURSID": sid},
            data=post_data,
        )
@ -945,9 +957,8 @@ def test_post_account_edit_suspend_unauthorized(client: TestClient, user: User):
        "passwd": "testPassword",
    }
    with client as request:
-        resp = request.post(
+        request.cookies = cookies
-            f"/account/{user.Username}/edit", data=post_data, cookies=cookies
+        resp = request.post(f"/account/{user.Username}/edit", data=post_data)
        )
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
@ -968,9 +979,8 @@ def test_post_account_edit_inactivity(client: TestClient, user: User):
        "passwd": "testPassword",
    }
    with client as request:
-        resp = request.post(
+        request.cookies = cookies
-            f"/account/{user.Username}/edit", data=post_data, cookies=cookies
+        resp = request.post(f"/account/{user.Username}/edit", data=post_data)
        )
    assert resp.status_code == int(HTTPStatus.OK)
    # Make sure the user record got updated correctly.
@ -978,9 +988,8 @@ def test_post_account_edit_inactivity(client: TestClient, user: User):
    post_data.update({"J": False})
    with client as request:
-        resp = request.post(
+        request.cookies = cookies
-            f"/account/{user.Username}/edit", data=post_data, cookies=cookies
+        resp = request.post(f"/account/{user.Username}/edit", data=post_data)
        )
    assert resp.status_code == int(HTTPStatus.OK)
    assert user.InactivityTS == 0
@ -1000,7 +1009,8 @@ def test_post_account_edit_suspended(client: TestClient, user: User):
    }
    endpoint = f"/account/{user.Username}/edit"
    with client as request:
-        resp = request.post(endpoint, data=post_data, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data=post_data)
    assert resp.status_code == int(HTTPStatus.OK)
    # Make sure the user record got updated correctly.
@ -1032,7 +1042,8 @@ def test_post_account_edit_error_unauthorized(client: TestClient, user: User):
    endpoint = f"/account/{user2.Username}/edit"
    with client as request:
        # Attempt to edit 'test2' while logged in as 'test'.
-        response = request.post(endpoint, cookies={"AURSID": sid}, data=post_data)
+        request.cookies = {"AURSID": sid}
        response = request.post(endpoint, data=post_data)
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    expected = f"/account/{user2.Username}"
@ -1051,9 +1062,9 @@ def test_post_account_edit_ssh_pub_key(client: TestClient, user: User):
    }
    with client as request:
        request.cookies = {"AURSID": sid}
        response = request.post(
            "/account/test/edit",
            cookies={"AURSID": sid},
            data=post_data,
        )
@ -1063,9 +1074,9 @@ def test_post_account_edit_ssh_pub_key(client: TestClient, user: User):
    post_data["PK"] = make_ssh_pubkey()
    with client as request:
        request.cookies = {"AURSID": sid}
        response = request.post(
            "/account/test/edit",
            cookies={"AURSID": sid},
            data=post_data,
        )
@ -1084,9 +1095,9 @@ def test_post_account_edit_missing_ssh_pubkey(client: TestClient, user: User):
    }
    with client as request:
        request.cookies = {"AURSID": sid}
        response = request.post(
            "/account/test/edit",
            cookies={"AURSID": sid},
            data=post_data,
        )
@ -1100,9 +1111,9 @@ def test_post_account_edit_missing_ssh_pubkey(client: TestClient, user: User):
    }
    with client as request:
        request.cookies = {"AURSID": sid}
        response = request.post(
            "/account/test/edit",
            cookies={"AURSID": sid},
            data=post_data,
        )
@ -1120,7 +1131,8 @@ def test_post_account_edit_invalid_ssh_pubkey(client: TestClient, user: User):
    }
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        response = request.post("/account/test/edit", data=data, cookies=cookies)
+        request.cookies = cookies
        response = request.post("/account/test/edit", data=data)
    assert response.status_code == int(HTTPStatus.BAD_REQUEST)
@ -1138,9 +1150,9 @@ def test_post_account_edit_password(client: TestClient, user: User):
    }
    with client as request:
        request.cookies = {"AURSID": sid}
        response = request.post(
            "/account/test/edit",
            cookies={"AURSID": sid},
            data=post_data,
        )
@ -1154,7 +1166,8 @@ def test_post_account_edit_self_type_as_user(client: TestClient, user: User):
    endpoint = f"/account/{user.Username}/edit"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.OK)
    assert "id_type" not in resp.text
@ -1165,7 +1178,8 @@ def test_post_account_edit_self_type_as_user(client: TestClient, user: User):
        "passwd": "testPassword",
    }
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
@ -1181,7 +1195,8 @@ def test_post_account_edit_other_user_as_user(client: TestClient, user: User):
    endpoint = f"/account/{user2.Username}/edit"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == f"/account/{user2.Username}"
@ -1192,7 +1207,8 @@ def test_post_account_edit_self_type_as_tu(client: TestClient, tu_user: User):
    # We cannot see the Account Type field on our own edit page.
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.OK)
    assert "id_type" in resp.text
@ -1204,7 +1220,8 @@ def test_post_account_edit_self_type_as_tu(client: TestClient, tu_user: User):
        "passwd": "testPassword",
    }
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.OK)
    assert tu_user.AccountTypeID == USER_ID
@ -1223,7 +1240,8 @@ def test_post_account_edit_other_user_type_as_tu(
    # As a TU, we can see the Account Type field for other users.
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.OK)
    assert "id_type" in resp.text
@ -1234,8 +1252,10 @@ def test_post_account_edit_other_user_type_as_tu(
        "T": TRUSTED_USER_ID,
        "passwd": "testPassword",
    }
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.OK)
    # Let's make sure the DB got updated properly.
@ -1267,14 +1287,16 @@ def test_post_account_edit_other_user_suspend_as_tu(client: TestClient, tu_user:
    user_cookies = {"AURSID": sid}
    with client as request:
        endpoint = f"/account/{user.Username}/edit"
-        resp = request.get(endpoint, cookies=user_cookies)
+        request.cookies = user_cookies
        resp = request.get(endpoint)
    assert resp.status_code == HTTPStatus.OK
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    assert cookies is not None  # This is useless, we create the dict here ^
    # As a TU, we can see the Account for other users.
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.OK)
    # As a TU, we can modify other user's account types.
    data = {
@ -1290,7 +1312,8 @@ def test_post_account_edit_other_user_suspend_as_tu(client: TestClient, tu_user:
    # Test that `user` no longer has a session.
    with user_client as request:
-        resp = request.get(endpoint, cookies=user_cookies)
+        request.cookies = user_cookies
        resp = request.get(endpoint)
    assert resp.status_code == HTTPStatus.SEE_OTHER
    # Since user is now suspended, they should not be able to login.
@ -1314,7 +1337,8 @@ def test_post_account_edit_other_user_type_as_tu_invalid_type(
    # As a TU, we can modify other user's account types.
    data = {"U": user2.Username, "E": user2.Email, "T": 0, "passwd": "testPassword"}
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
@ -1327,7 +1351,8 @@ def test_get_account(client: TestClient, user: User):
    sid = user.login(request, "testPassword")
    with client as request:
-        response = request.get("/account/test", cookies={"AURSID": sid})
+        request.cookies = {"AURSID": sid}
        response = request.get("/account/test")
    assert response.status_code == int(HTTPStatus.OK)
@ -1337,7 +1362,8 @@ def test_get_account_not_found(client: TestClient, user: User):
    sid = user.login(request, "testPassword")
    with client as request:
-        response = request.get("/account/not_found", cookies={"AURSID": sid})
+        request.cookies = {"AURSID": sid}
        response = request.get("/account/not_found")
    assert response.status_code == int(HTTPStatus.NOT_FOUND)
@ -1358,7 +1384,8 @@ def test_get_accounts(client: TestClient, user: User, tu_user: User):
    cookies = {"AURSID": sid}
    with client as request:
-        response = request.get("/accounts", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/accounts")
    assert response.status_code == int(HTTPStatus.OK)
    parser = lxml.etree.HTMLParser()
@ -1426,7 +1453,8 @@ def test_post_accounts(client: TestClient, user: User, tu_user: User):
    cookies = {"AURSID": sid}
    with client as request:
-        response = request.post("/accounts", cookies=cookies)
+        request.cookies = cookies
        response = request.post("/accounts")
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1468,7 +1496,8 @@ def test_post_accounts_username(client: TestClient, user: User, tu_user: User):
    cookies = {"AURSID": sid}
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"U": user.Username})
+        request.cookies = cookies
        response = request.post("/accounts", data={"U": user.Username})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1501,13 +1530,15 @@ def test_post_accounts_account_type(client: TestClient, user: User, tu_user: Use
    # Expect no entries; we marked our only user as a User type.
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"T": "t"})
+        request.cookies = cookies
        response = request.post("/accounts", data={"T": "t"})
    assert response.status_code == int(HTTPStatus.OK)
    assert len(get_rows(response.text)) == 0
    # So, let's also ensure that specifying "u" returns our user.
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"T": "u"})
+        request.cookies = cookies
        response = request.post("/accounts", data={"T": "u"})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1525,7 +1556,8 @@ def test_post_accounts_account_type(client: TestClient, user: User, tu_user: Use
        )
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"T": "t"})
+        request.cookies = cookies
        response = request.post("/accounts", data={"T": "t"})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1542,7 +1574,8 @@ def test_post_accounts_account_type(client: TestClient, user: User, tu_user: Use
        )
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"T": "d"})
+        request.cookies = cookies
        response = request.post("/accounts", data={"T": "d"})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1559,7 +1592,8 @@ def test_post_accounts_account_type(client: TestClient, user: User, tu_user: Use
        )
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"T": "td"})
+        request.cookies = cookies
        response = request.post("/accounts", data={"T": "td"})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1577,7 +1611,8 @@ def test_post_accounts_status(client: TestClient, user: User, tu_user: User):
    cookies = {"AURSID": sid}
    with client as request:
-        response = request.post("/accounts", cookies=cookies)
+        request.cookies = cookies
        response = request.post("/accounts")
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1591,7 +1626,8 @@ def test_post_accounts_status(client: TestClient, user: User, tu_user: User):
        user.Suspended = True
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"S": True})
+        request.cookies = cookies
        response = request.post("/accounts", data={"S": True})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1608,7 +1644,8 @@ def test_post_accounts_email(client: TestClient, user: User, tu_user: User):
    # Search via email.
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"E": user.Email})
+        request.cookies = cookies
        response = request.post("/accounts", data={"E": user.Email})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1621,7 +1658,8 @@ def test_post_accounts_realname(client: TestClient, user: User, tu_user: User):
    cookies = {"AURSID": sid}
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"R": user.RealName})
+        request.cookies = cookies
        response = request.post("/accounts", data={"R": user.RealName})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1634,7 +1672,8 @@ def test_post_accounts_irc(client: TestClient, user: User, tu_user: User):
    cookies = {"AURSID": sid}
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"I": user.IRCNick})
+        request.cookies = cookies
        response = request.post("/accounts", data={"I": user.IRCNick})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1652,14 +1691,16 @@ def test_post_accounts_sortby(client: TestClient, user: User, tu_user: User):
    # Show that "u" is the default search order, by username.
    with client as request:
-        response = request.post("/accounts", cookies=cookies)
+        request.cookies = cookies
        response = request.post("/accounts")
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
    assert len(rows) == 2
    first_rows = rows
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"SB": "u"})
+        request.cookies = cookies
        response = request.post("/accounts", data={"SB": "u"})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
    assert len(rows) == 2
@ -1671,7 +1712,8 @@ def test_post_accounts_sortby(client: TestClient, user: User, tu_user: User):
    assert compare_text_values(0, first_rows, rows) is True
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"SB": "i"})
+        request.cookies = cookies
        response = request.post("/accounts", data={"SB": "i"})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
    assert len(rows) == 2
@ -1681,7 +1723,8 @@ def test_post_accounts_sortby(client: TestClient, user: User, tu_user: User):
    # Sort by "i" -> RealName.
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"SB": "r"})
+        request.cookies = cookies
        response = request.post("/accounts", data={"SB": "r"})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
    assert len(rows) == 2
@ -1696,7 +1739,8 @@ def test_post_accounts_sortby(client: TestClient, user: User, tu_user: User):
    # Fetch first_rows again with our new AccountType ordering.
    with client as request:
-        response = request.post("/accounts", cookies=cookies)
+        request.cookies = cookies
        response = request.post("/accounts")
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
    assert len(rows) == 2
@ -1704,7 +1748,8 @@ def test_post_accounts_sortby(client: TestClient, user: User, tu_user: User):
    # Sort by "t" -> AccountType.
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"SB": "t"})
+        request.cookies = cookies
        response = request.post("/accounts", data={"SB": "t"})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
    assert len(rows) == 2
@ -1722,7 +1767,8 @@ def test_post_accounts_pgp_key(client: TestClient, user: User, tu_user: User):
    # Search via PGPKey.
    with client as request:
-        response = request.post("/accounts", cookies=cookies, data={"K": user.PGPKey})
+        request.cookies = cookies
        response = request.post("/accounts", data={"K": user.PGPKey})
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1749,7 +1795,8 @@ def test_post_accounts_paged(client: TestClient, user: User, tu_user: User):
    cookies = {"AURSID": sid}
    with client as request:
-        response = request.post("/accounts", cookies=cookies)
+        request.cookies = cookies
        response = request.post("/accounts")
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1775,9 +1822,8 @@ def test_post_accounts_paged(client: TestClient, user: User, tu_user: User):
    assert "disabled" not in page_next.attrib
    with client as request:
-        response = request.post(
+        request.cookies = cookies
-            "/accounts", cookies=cookies, data={"O": 50}
+        response = request.post("/accounts", data={"O": 50})  # +50 offset.
        )  # +50 offset.
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1791,9 +1837,8 @@ def test_post_accounts_paged(client: TestClient, user: User, tu_user: User):
        assert username.text.strip() == _user.Username
    with client as request:
-        response = request.post(
+        request.cookies = cookies
-            "/accounts", cookies=cookies, data={"O": 101}
+        response = request.post("/accounts", data={"O": 101})  # Last page.
        )  # Last page.
    assert response.status_code == int(HTTPStatus.OK)
    rows = get_rows(response.text)
@ -1824,12 +1869,14 @@ def test_get_terms_of_service(client: TestClient, user: User):
    # First of all, let's test that we get redirected to /tos
    # when attempting to browse authenticated without accepting terms.
    with client as request:
-        response = request.get("/", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/")
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    assert response.headers.get("location") == "/tos"
    with client as request:
-        response = request.get("/tos", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tos")
    assert response.status_code == int(HTTPStatus.OK)
    with db.begin():
@ -1838,7 +1885,8 @@ def test_get_terms_of_service(client: TestClient, user: User):
        )
    with client as request:
-        response = request.get("/tos", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tos")
    # We accepted the term, there's nothing left to accept.
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
@ -1847,7 +1895,8 @@ def test_get_terms_of_service(client: TestClient, user: User):
        term.Revision = 2
    with client as request:
-        response = request.get("/tos", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tos")
    # This time, we have a modified term Revision that hasn't
    # yet been agreed to via AcceptedTerm update.
    assert response.status_code == int(HTTPStatus.OK)
@ -1856,7 +1905,8 @@ def test_get_terms_of_service(client: TestClient, user: User):
        accepted_term.Revision = term.Revision
    with client as request:
-        response = request.get("/tos", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tos")
    # We updated the term revision, there's nothing left to accept.
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
@ -1876,17 +1926,20 @@ def test_post_terms_of_service(client: TestClient, user: User):
    # Test that the term we just created is listed.
    with client as request:
-        response = request.get("/tos", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tos")
    assert response.status_code == int(HTTPStatus.OK)
    # Make a POST request to /tos with the agree checkbox disabled (False).
    with client as request:
-        response = request.post("/tos", data={"accept": False}, cookies=cookies)
+        request.cookies = cookies
        response = request.post("/tos", data={"accept": False})
    assert response.status_code == int(HTTPStatus.OK)
    # Make a POST request to /tos with the agree checkbox enabled (True).
    with client as request:
-        response = request.post("/tos", data=data, cookies=cookies)
+        request.cookies = cookies
        response = request.post("/tos", data=data)
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    # Query the db for the record created by the post request.
@ -1900,12 +1953,14 @@ def test_post_terms_of_service(client: TestClient, user: User):
    # A GET request gives us the new revision to accept.
    with client as request:
-        response = request.get("/tos", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tos")
    assert response.status_code == int(HTTPStatus.OK)
    # Let's POST again and agree to the new term revision.
    with client as request:
-        response = request.post("/tos", data=data, cookies=cookies)
+        request.cookies = cookies
        response = request.post("/tos", data=data)
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    # Check that the records ended up matching.
@ -1913,7 +1968,8 @@ def test_post_terms_of_service(client: TestClient, user: User):
    # Now, see that GET redirects us to / with no terms left to accept.
    with client as request:
-        response = request.get("/tos", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tos")
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    assert response.headers.get("location") == "/"
@ -1921,14 +1977,16 @@ def test_post_terms_of_service(client: TestClient, user: User):
 def test_account_comments_not_found(client: TestClient, user: User):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get("/account/non-existent/comments", cookies=cookies)
+        request.cookies = cookies
        resp = request.get("/account/non-existent/comments")
    assert resp.status_code == int(HTTPStatus.NOT_FOUND)
 def test_accounts_unauthorized(client: TestClient, user: User):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get("/accounts", cookies=cookies)
+        request.cookies = cookies
        resp = request.get("/accounts")
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == "/"
@ -1941,16 +1999,18 @@ def test_account_delete_self_unauthorized(client: TestClient, tu_user: User):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    endpoint = f"/account/{user2.Username}/delete"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
        assert resp.status_code == HTTPStatus.UNAUTHORIZED
-        resp = request.post(endpoint, cookies=cookies)
+        resp = request.post(endpoint)
        assert resp.status_code == HTTPStatus.UNAUTHORIZED
    # But a TU does have access
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with TestClient(app=app) as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == HTTPStatus.OK
@ -1958,10 +2018,11 @@ def test_account_delete_self_not_found(client: TestClient, user: User):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    endpoint = "/account/non-existent-user/delete"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
        assert resp.status_code == HTTPStatus.NOT_FOUND
-        resp = request.post(endpoint, cookies=cookies)
+        resp = request.post(endpoint)
        assert resp.status_code == HTTPStatus.NOT_FOUND
@ -1972,15 +2033,16 @@ def test_account_delete_self(client: TestClient, user: User):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    endpoint = f"/account/{username}/delete"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == HTTPStatus.OK
    # The checkbox must be checked
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={"passwd": "fakePassword", "confirm": False},
            cookies=cookies,
        )
    assert resp.status_code == HTTPStatus.BAD_REQUEST
    errors = get_errors(resp.text)
@ -1991,10 +2053,10 @@ def test_account_delete_self(client: TestClient, user: User):
    # The correct password must be supplied
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={"passwd": "fakePassword", "confirm": True},
            cookies=cookies,
        )
    assert resp.status_code == HTTPStatus.BAD_REQUEST
    errors = get_errors(resp.text)
@ -2002,10 +2064,10 @@ def test_account_delete_self(client: TestClient, user: User):
    # Supply everything correctly and delete ourselves
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={"passwd": "testPassword", "confirm": True},
            cookies=cookies,
        )
    assert resp.status_code == HTTPStatus.SEE_OTHER
@ -2026,15 +2088,16 @@ def test_account_delete_self_with_ssh_public_key(client: TestClient, user: User)
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    endpoint = f"/account/{username}/delete"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == HTTPStatus.OK
    # Supply everything correctly and delete ourselves
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={"passwd": "testPassword", "confirm": True},
            cookies=cookies,
        )
    assert resp.status_code == HTTPStatus.SEE_OTHER
@ -2055,10 +2118,10 @@ def test_account_delete_as_tu(client: TestClient, tu_user: User):
    # Delete the user
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={"passwd": "testPassword", "confirm": True},
            cookies=cookies,
        )
    assert resp.status_code == HTTPStatus.SEE_OTHER
--- a/test/test_auth_routes.py
+++ b/test/test_auth_routes.py
@ -71,10 +71,10 @@ def test_login_logout(client: TestClient, user: User):
        response = request.post("/logout", data=post_data)
        assert response.status_code == int(HTTPStatus.SEE_OTHER)
        request.cookies = {"AURSID": response.cookies.get("AURSID")}
        response = request.post(
            "/logout",
            data=post_data,
            cookies={"AURSID": response.cookies.get("AURSID")},
        )
        assert response.status_code == int(HTTPStatus.SEE_OTHER)
@ -196,7 +196,9 @@ def test_authenticated_login(client: TestClient, user: User):
        # when requesting GET /login as an authenticated user.
        # Now, let's verify that we receive 403 Forbidden when we
        # try to get /login as an authenticated user.
-        response = request.get("/login", cookies=response.cookies)
+        request.cookies = response.cookies
        response = request.get("/login")
        assert response.status_code == int(HTTPStatus.OK)
        assert "Logged-in as: <strong>test</strong>" in response.text
@ -356,7 +358,8 @@ def test_generate_unique_sid_exhausted(
    with mock.patch(generate_unique_sid_, mock_generate_sid):
        with client as request:
            # Set cookies = {} to remove any previous login kept by TestClient.
-            response = request.post("/login", data=post_data, cookies={})
+            request.cookies = {}
            response = request.post("/login", data=post_data)
    assert response.status_code == int(HTTPStatus.INTERNAL_SERVER_ERROR)
    assert "500 - Internal Server Error" in response.text
--- a/test/test_git_archives.py
+++ b/test/test_git_archives.py
@ -197,7 +197,8 @@ def test_metadata_change(
    with client as request:
        endp = f"/pkgbase/{pkgbasename}/keywords"
        post_data = {"keywords": "abc def"}
-        resp = request.post(endp, data=post_data, cookies=cookies, allow_redirects=True)
+        request.cookies = cookies
        resp = request.post(endp, data=post_data)
    assert resp.status_code == HTTPStatus.OK
    # Run main() again, which should now produce a new commit with the
--- a/test/test_homepage.py
+++ b/test/test_homepage.py
@ -210,7 +210,8 @@ def test_homepage_dashboard(redis, packages, user):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        response = request.get("/", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/")
    assert response.status_code == int(HTTPStatus.OK)
    root = parse_root(response.text)
@ -307,7 +308,8 @@ def test_homepage_dashboard_flagged(user: User, user2: User, package: Package):
    # flagged maintained packages.
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get("/", cookies=cookies)
+        request.cookies = cookies
        resp = request.get("/")
    assert resp.status_code == int(HTTPStatus.OK)
    root = parse_root(resp.text)
--- a/test/test_html.py
+++ b/test/test_html.py
@ -71,7 +71,8 @@ def test_archdev_navbar_authenticated(client: TestClient, user: User):
    expected = ["Dashboard", "Packages", "Requests", "My Account", "Logout"]
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get("/", cookies=cookies)
+        request.cookies = cookies
        resp = request.get("/")
    assert resp.status_code == int(HTTPStatus.OK)
    root = parse_root(resp.text)
@ -92,7 +93,8 @@ def test_archdev_navbar_authenticated_tu(client: TestClient, trusted_user: User)
    ]
    cookies = {"AURSID": trusted_user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get("/", cookies=cookies)
+        request.cookies = cookies
        resp = request.get("/")
    assert resp.status_code == int(HTTPStatus.OK)
    root = parse_root(resp.text)
@ -173,9 +175,12 @@ def test_rtl(client: TestClient):
    expected = [[], [], ["rtl"], ["rtl"]]
    with client as request:
        responses["default"] = request.get("/")
-        responses["de"] = request.get("/", cookies={"AURLANG": "de"})
+        request.cookies = {"AURLANG": "de"}
-        responses["he"] = request.get("/", cookies={"AURLANG": "he"})
+        responses["de"] = request.get("/")
-        responses["ar"] = request.get("/", cookies={"AURLANG": "ar"})
+        request.cookies = {"AURLANG": "he"}
        responses["he"] = request.get("/")
        request.cookies = {"AURLANG": "ar"}
        responses["ar"] = request.get("/")
    for i, (lang, resp) in enumerate(responses.items()):
        assert resp.status_code == int(HTTPStatus.OK)
        t = parse_root(resp.text)
--- a/test/test_packages_routes.py
+++ b/test/test_packages_routes.py
@ -410,7 +410,8 @@ def test_package_comments(client: TestClient, user: User, package: Package):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get(package_endpoint(package), cookies=cookies)
+        request.cookies = cookies
        resp = request.get(package_endpoint(package))
    assert resp.status_code == int(HTTPStatus.OK)
    root = parse_root(resp.text)
@ -465,7 +466,8 @@ def test_package_authenticated(client: TestClient, user: User, package: Package)
    This process also occurs when pkgbase.html is rendered."""
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get(package_endpoint(package), cookies=cookies)
+        request.cookies = cookies
        resp = request.get(package_endpoint(package))
    assert resp.status_code == int(HTTPStatus.OK)
    expected = [
@ -493,7 +495,8 @@ def test_package_authenticated_maintainer(
 ):
    cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get(package_endpoint(package), cookies=cookies)
+        request.cookies = cookies
        resp = request.get(package_endpoint(package))
    assert resp.status_code == int(HTTPStatus.OK)
    expected = [
@ -515,7 +518,8 @@ def test_package_authenticated_maintainer(
 def test_package_authenticated_tu(client: TestClient, tu_user: User, package: Package):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get(package_endpoint(package), cookies=cookies)
+        request.cookies = cookies
        resp = request.get(package_endpoint(package))
    assert resp.status_code == int(HTTPStatus.OK)
    expected = [
@ -941,10 +945,10 @@ def test_packages_sort_by_voted(
    # Test that, by default, the first result is what we just set above.
    cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        response = request.get(
            "/packages",
            params={"SB": "w", "SO": "d"},  # Voted  # Descending, Voted first.
            cookies=cookies,
        )
    assert response.status_code == int(HTTPStatus.OK)
@ -966,10 +970,10 @@ def test_packages_sort_by_notify(
    # Test that, by default, the first result is what we just set above.
    cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        response = request.get(
            "/packages",
            params={"SB": "o", "SO": "d"},  # Voted  # Descending, Voted first.
            cookies=cookies,
        )
    assert response.status_code == int(HTTPStatus.OK)
@ -1142,10 +1146,10 @@ def test_packages_post_unknown_action(client: TestClient, user: User, package: P
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        resp = request.post(
            "/packages",
            data={"action": "unknown"},
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
@ -1158,10 +1162,10 @@ def test_packages_post_error(client: TestClient, user: User, package: Package):
    with mock.patch.dict("aurweb.routers.packages.PACKAGE_ACTIONS", actions):
        cookies = {"AURSID": user.login(Request(), "testPassword")}
        with client as request:
            request.cookies = cookies
            resp = request.post(
                "/packages",
                data={"action": "stub"},
                cookies=cookies,
            )
        assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
@ -1178,10 +1182,10 @@ def test_packages_post(client: TestClient, user: User, package: Package):
    with mock.patch.dict("aurweb.routers.packages.PACKAGE_ACTIONS", actions):
        cookies = {"AURSID": user.login(Request(), "testPassword")}
        with client as request:
            request.cookies = cookies
            resp = request.post(
                "/packages",
                data={"action": "stub"},
                cookies=cookies,
            )
        assert resp.status_code == int(HTTPStatus.OK)
@ -1250,7 +1254,8 @@ def test_packages_post_notify(client: TestClient, user: User, package: Package):
    # an error to be rendered.
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.post("/packages", data={"action": "notify"}, cookies=cookies)
+        request.cookies = cookies
        resp = request.post("/packages", data={"action": "notify"})
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
    expected = "You did not select any packages to be notified about."
@ -1258,9 +1263,8 @@ def test_packages_post_notify(client: TestClient, user: User, package: Package):
    # Now let's actually enable notifications on `package`.
    with client as request:
-        resp = request.post(
+        request.cookies = cookies
-            "/packages", data={"action": "notify", "IDs": [package.ID]}, cookies=cookies
+        resp = request.post("/packages", data={"action": "notify", "IDs": [package.ID]})
        )
    assert resp.status_code == int(HTTPStatus.OK)
    expected = "The selected packages' notifications have been enabled."
    successes = get_successes(resp.text)
@ -1269,9 +1273,8 @@ def test_packages_post_notify(client: TestClient, user: User, package: Package):
    # Try to enable notifications when they're already enabled,
    # causing an error to be rendered.
    with client as request:
-        resp = request.post(
+        request.cookies = cookies
-            "/packages", data={"action": "notify", "IDs": [package.ID]}, cookies=cookies
+        resp = request.post("/packages", data={"action": "notify", "IDs": [package.ID]})
        )
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
    expected = "You did not select any packages to be notified about."
@ -1289,7 +1292,8 @@ def test_packages_post_unnotify(client: TestClient, user: User, package: Package
    # Request removal of the notification without any IDs.
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.post("/packages", data={"action": "unnotify"}, cookies=cookies)
+        request.cookies = cookies
        resp = request.post("/packages", data={"action": "unnotify"})
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
    expected = "You did not select any packages for notification removal."
@ -1297,10 +1301,10 @@ def test_packages_post_unnotify(client: TestClient, user: User, package: Package
    # Request removal of the notification; really.
    with client as request:
        request.cookies = cookies
        resp = request.post(
            "/packages",
            data={"action": "unnotify", "IDs": [package.ID]},
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.OK)
    successes = get_successes(resp.text)
@ -1315,10 +1319,10 @@ def test_packages_post_unnotify(client: TestClient, user: User, package: Package
    # Try it again. The notif no longer exists.
    with client as request:
        request.cookies = cookies
        resp = request.post(
            "/packages",
            data={"action": "unnotify", "IDs": [package.ID]},
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
@ -1331,7 +1335,8 @@ def test_packages_post_adopt(client: TestClient, user: User, package: Package):
    # Try to adopt an empty list of packages.
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.post("/packages", data={"action": "adopt"}, cookies=cookies)
+        request.cookies = cookies
        resp = request.post("/packages", data={"action": "adopt"})
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
    expected = "You did not select any packages to adopt."
@ -1339,10 +1344,10 @@ def test_packages_post_adopt(client: TestClient, user: User, package: Package):
    # Now, let's try to adopt a package that's already maintained.
    with client as request:
        request.cookies = cookies
        resp = request.post(
            "/packages",
            data={"action": "adopt", "IDs": [package.ID], "confirm": True},
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
@ -1356,9 +1361,8 @@ def test_packages_post_adopt(client: TestClient, user: User, package: Package):
    # Now, let's try to adopt without confirming.
    with client as request:
-        resp = request.post(
+        request.cookies = cookies
-            "/packages", data={"action": "adopt", "IDs": [package.ID]}, cookies=cookies
+        resp = request.post("/packages", data={"action": "adopt", "IDs": [package.ID]})
        )
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
    expected = (
@ -1369,10 +1373,10 @@ def test_packages_post_adopt(client: TestClient, user: User, package: Package):
    # Let's do it again now that there is no maintainer.
    with client as request:
        request.cookies = cookies
        resp = request.post(
            "/packages",
            data={"action": "adopt", "IDs": [package.ID], "confirm": True},
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.OK)
    successes = get_successes(resp.text)
@ -1446,10 +1450,10 @@ def test_packages_post_disown(
    """Disown packages as a Trusted User, which cannot bypass idle time."""
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        resp = request.post(
            "/packages",
            data={"action": "disown", "IDs": [package.ID], "confirm": True},
            cookies=cookies,
        )
    errors = get_errors(resp.text)
@ -1576,7 +1580,8 @@ def test_account_comments(client: TestClient, user: User, package: Package):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    endpoint = f"/account/{user.Username}/comments"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.OK)
    root = parse_root(resp.text)
--- a/test/test_pkgbase_routes.py
+++ b/test/test_pkgbase_routes.py
@ -312,7 +312,8 @@ def test_pkgbase_voters(client: TestClient, tu_user: User, package: Package):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.OK)
    # We should've gotten one link to the voter, tu_user.
@ -343,7 +344,8 @@ def test_pkgbase_comment_not_found(
    comment_id = 12345  # A non-existing comment.
    endpoint = f"/pkgbase/{package.PackageBase.Name}/comments/{comment_id}"
    with client as request:
-        resp = request.post(endpoint, data={"comment": "Failure"}, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data={"comment": "Failure"})
    assert resp.status_code == int(HTTPStatus.NOT_FOUND)
@ -365,7 +367,8 @@ def test_pkgbase_comment_form_unauthorized(
    pkgbasename = package.PackageBase.Name
    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment.ID}/form"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.UNAUTHORIZED)
@ -377,7 +380,8 @@ def test_pkgbase_comment_form_not_found(
    pkgbasename = package.PackageBase.Name
    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment_id}/form"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.NOT_FOUND)
@ -387,7 +391,8 @@ def test_pkgbase_comments_missing_comment(
    cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
    endpoint = f"/pkgbase/{package.PackageBase.Name}/comments"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
@ -409,10 +414,10 @@ def test_pkgbase_comments(
    pkgbasename = package.PackageBase.Name
    endpoint = f"/pkgbase/{pkgbasename}/comments"
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={"comment": "Test comment.", "enable_notifications": True},
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
@ -440,7 +445,8 @@ def test_pkgbase_comments(
    # Test the non-javascript version of comment editing by
    # visiting the /pkgbase/{name}/comments/{id}/edit route.
    with client as request:
-        resp = request.get(f"{endpoint}/{comment_id}/edit", cookies=cookies)
+        request.cookies = cookies
        resp = request.get(f"{endpoint}/{comment_id}/edit")
    assert resp.status_code == int(HTTPStatus.OK)
    # Clear up the PackageNotification. This doubles as testing
@ -457,10 +463,10 @@ def test_pkgbase_comments(
    comment_id = int(headers[0].attrib["id"].split("-")[-1])
    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment_id}"
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={"comment": "Edited comment.", "enable_notifications": True},
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
@ -485,14 +491,16 @@ def test_pkgbase_comments(
    # Don't supply a comment; should return BAD_REQUEST.
    with client as request:
-        fail_resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        fail_resp = request.post(endpoint)
    assert fail_resp.status_code == int(HTTPStatus.BAD_REQUEST)
    # Now, test the form route, which should return form markup
    # via JSON.
    endpoint = f"{endpoint}/form"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.OK)
    data = resp.json()
@ -510,11 +518,11 @@ def test_pkgbase_comment_edit_unauthorized(
    cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        endp = f"/pkgbase/{pkgbase.Name}/comments/{comment.ID}"
        response = request.post(
            endp,
            data={"comment": "abcd im trying to change this comment."},
            cookies=cookies,
        )
    assert response.status_code == HTTPStatus.UNAUTHORIZED
@ -561,7 +569,8 @@ def test_pkgbase_comment_delete_unauthorized(
    pkgbasename = package.PackageBase.Name
    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment.ID}/delete"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.UNAUTHORIZED)
@ -573,7 +582,8 @@ def test_pkgbase_comment_delete_not_found(
    pkgbasename = package.PackageBase.Name
    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment_id}/delete"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.NOT_FOUND)
@ -585,7 +595,8 @@ def test_pkgbase_comment_undelete_not_found(
    pkgbasename = package.PackageBase.Name
    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment_id}/undelete"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.NOT_FOUND)
@ -607,7 +618,8 @@ def test_pkgbase_comment_pin_as_co(
    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment.ID}/pin"
    cookies = {"AURSID": comaint.login(Request(), "testPassword")}
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    # Assert that PinnedTS got set.
@ -616,7 +628,8 @@ def test_pkgbase_comment_pin_as_co(
    # Unpin the comment we just pinned.
    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment.ID}/unpin"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    # Let's assert that PinnedTS was unset.
@ -633,7 +646,8 @@ def test_pkgbase_comment_pin(
    # Pin the comment.
    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment_id}/pin"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    # Assert that PinnedTS got set.
@ -642,7 +656,8 @@ def test_pkgbase_comment_pin(
    # Unpin the comment we just pinned.
    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment_id}/unpin"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    # Let's assert that PinnedTS was unset.
@ -657,7 +672,8 @@ def test_pkgbase_comment_pin_unauthorized(
    pkgbasename = package.PackageBase.Name
    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment_id}/pin"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.UNAUTHORIZED)
@ -669,7 +685,8 @@ def test_pkgbase_comment_unpin_unauthorized(
    pkgbasename = package.PackageBase.Name
    endpoint = f"/pkgbase/{pkgbasename}/comments/{comment_id}/unpin"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.UNAUTHORIZED)
@ -677,7 +694,8 @@ def test_pkgbase_comaintainers_not_found(client: TestClient, maintainer: User):
    cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
    endpoint = "/pkgbase/fake/comaintainers"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.NOT_FOUND)
@ -685,7 +703,8 @@ def test_pkgbase_comaintainers_post_not_found(client: TestClient, maintainer: Us
    cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
    endpoint = "/pkgbase/fake/comaintainers"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.NOT_FOUND)
@ -696,7 +715,8 @@ def test_pkgbase_comaintainers_unauthorized(
    endpoint = f"/pkgbase/{pkgbase.Name}/comaintainers"
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
@ -708,7 +728,8 @@ def test_pkgbase_comaintainers_post_unauthorized(
    endpoint = f"/pkgbase/{pkgbase.Name}/comaintainers"
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
@ -720,7 +741,8 @@ def test_pkgbase_comaintainers_post_invalid_user(
    endpoint = f"/pkgbase/{pkgbase.Name}/comaintainers"
    cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
    with client as request:
-        resp = request.post(endpoint, data={"users": "\nfake\n"}, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data={"users": "\nfake\n"})
    assert resp.status_code == int(HTTPStatus.OK)
    root = parse_root(resp.text)
@ -738,20 +760,20 @@ def test_pkgbase_comaintainers(
    # Start off by adding user as a comaintainer to package.
    # The maintainer username given should be ignored.
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={"users": f"\n{user.Username}\n{maintainer.Username}\n"},
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
    # Do it again to exercise the last_priority bump path.
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={"users": f"\n{user.Username}\n{maintainer.Username}\n"},
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
@ -760,7 +782,8 @@ def test_pkgbase_comaintainers(
    # let's perform a GET request to make sure that the backend produces
    # the user we added in the users textarea.
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.OK)
    root = parse_root(resp.text)
@ -769,12 +792,14 @@ def test_pkgbase_comaintainers(
    # Finish off by removing all the comaintainers.
    with client as request:
-        resp = request.post(endpoint, data={"users": str()}, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data={"users": str()})
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.OK)
    root = parse_root(resp.text)
@ -788,7 +813,8 @@ def test_pkgbase_request_not_found(client: TestClient, user: User):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.NOT_FOUND)
@ -798,16 +824,16 @@ def test_pkgbase_request(client: TestClient, user: User, package: Package):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.OK)
 def test_pkgbase_request_post_not_found(client: TestClient, user: User):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.post(
+        request.cookies = cookies
-            "/pkgbase/fake/request", data={"type": "fake"}, cookies=cookies
+        resp = request.post("/pkgbase/fake/request", data={"type": "fake"})
        )
    assert resp.status_code == int(HTTPStatus.NOT_FOUND)
@ -817,7 +843,8 @@ def test_pkgbase_request_post_invalid_type(
    endpoint = f"/pkgbase/{package.PackageBase.Name}/request"
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.post(endpoint, data={"type": "fake"}, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data={"type": "fake"})
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
@ -827,13 +854,13 @@ def test_pkgbase_request_post_no_comment_error(
    endpoint = f"/pkgbase/{package.PackageBase.Name}/request"
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={
                "type": "deletion",
                "comments": "",  # An empty comment field causes an error.
            },
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.OK)
@ -849,6 +876,7 @@ def test_pkgbase_request_post_merge_not_found_error(
    endpoint = f"/pkgbase/{package.PackageBase.Name}/request"
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={
@ -856,7 +884,6 @@ def test_pkgbase_request_post_merge_not_found_error(
                "merge_into": "fake",  # There is no PackageBase.Name "fake"
                "comments": "We want to merge this.",
            },
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.OK)
@ -872,6 +899,7 @@ def test_pkgbase_request_post_merge_no_merge_into_error(
    endpoint = f"/pkgbase/{package.PackageBase.Name}/request"
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={
@ -879,7 +907,6 @@ def test_pkgbase_request_post_merge_no_merge_into_error(
                "merge_into": "",  # There is no PackageBase.Name "fake"
                "comments": "We want to merge this.",
            },
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.OK)
@ -895,6 +922,7 @@ def test_pkgbase_request_post_merge_self_error(
    endpoint = f"/pkgbase/{package.PackageBase.Name}/request"
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={
@ -902,7 +930,6 @@ def test_pkgbase_request_post_merge_self_error(
                "merge_into": package.PackageBase.Name,
                "comments": "We want to merge this.",
            },
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.OK)
@ -1017,7 +1044,8 @@ def test_pkgbase_flag_vcs(client: TestClient, user: User, package: Package):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get(f"/pkgbase/{package.PackageBase.Name}/flag", cookies=cookies)
+        request.cookies = cookies
        resp = request.get(f"/pkgbase/{package.PackageBase.Name}/flag")
    assert resp.status_code == int(HTTPStatus.OK)
    expected = (
@ -1042,7 +1070,8 @@ def test_pkgbase_notify(client: TestClient, user: User, package: Package):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    endpoint = f"/pkgbase/{pkgbase.Name}/notify"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    notif = pkgbase.notifications.filter(PackageNotification.UserID == user.ID).first()
@ -1051,7 +1080,8 @@ def test_pkgbase_notify(client: TestClient, user: User, package: Package):
    # Disable notifications.
    endpoint = f"/pkgbase/{pkgbase.Name}/unnotify"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    notif = pkgbase.notifications.filter(PackageNotification.UserID == user.ID).first()
@ -1069,7 +1099,8 @@ def test_pkgbase_vote(client: TestClient, user: User, package: Package):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    endpoint = f"/pkgbase/{pkgbase.Name}/vote"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    vote = pkgbase.package_votes.filter(PackageVote.UsersID == user.ID).first()
@ -1079,7 +1110,8 @@ def test_pkgbase_vote(client: TestClient, user: User, package: Package):
    # Remove vote.
    endpoint = f"/pkgbase/{pkgbase.Name}/unvote"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    vote = pkgbase.package_votes.filter(PackageVote.UsersID == user.ID).first()
@ -1096,7 +1128,8 @@ def test_pkgbase_disown_as_sole_maintainer(
    # But we do here.
    with client as request:
-        resp = request.post(endpoint, data={"confirm": True}, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data={"confirm": True})
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
@ -1114,9 +1147,8 @@ def test_pkgbase_disown_as_maint_with_comaint(
    maint_cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
    with client as request:
-        resp = request.post(
+        request.cookies = maint_cookies
-            endp, data=post_data, cookies=maint_cookies, follow_redirects=True
+        resp = request.post(endp, data=post_data, follow_redirects=True)
        )
    assert resp.status_code == int(HTTPStatus.OK)
    package = db.refresh(package)
@ -1219,21 +1251,24 @@ def test_pkgbase_adopt(
    # Adopt the package base.
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert package.PackageBase.Maintainer == maintainer
    # Try to adopt it when it already has a maintainer; nothing changes.
    user_cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.post(endpoint, cookies=user_cookies)
+        request.cookies = user_cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert package.PackageBase.Maintainer == maintainer
    # Steal the package as a TU.
    tu_cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.post(endpoint, cookies=tu_cookies)
+        request.cookies = tu_cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert package.PackageBase.Maintainer == tu_user
@ -1245,13 +1280,15 @@ def test_pkgbase_delete_unauthorized(client: TestClient, user: User, package: Pa
    # Test GET.
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
    # Test POST.
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
@ -1263,17 +1300,20 @@ def test_pkgbase_delete(client: TestClient, tu_user: User, package: Package):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    endpoint = f"/pkgbase/{pkgbase.Name}/delete"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.OK)
    # Test that POST works and denies us because we haven't confirmed.
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    # Test that we can actually delete the pkgbase.
    with client as request:
-        resp = request.post(endpoint, data={"confirm": True}, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data={"confirm": True})
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    # Let's assert that the package base record got removed.
@ -1300,7 +1340,8 @@ def test_pkgbase_delete_with_request(
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    endpoint = f"/pkgbase/{pkgbase.Name}/delete"
    with client as request:
-        resp = request.post(endpoint, data={"confirm": True}, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint, data={"confirm": True})
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == "/packages"
@ -1316,10 +1357,10 @@ def test_pkgbase_delete_with_request(
 def test_packages_post_unknown_action(client: TestClient, user: User, package: Package):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        resp = request.post(
            "/packages",
            data={"action": "unknown"},
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
@ -1332,10 +1373,10 @@ def test_packages_post_error(client: TestClient, user: User, package: Package):
    with mock.patch.dict("aurweb.routers.packages.PACKAGE_ACTIONS", actions):
        cookies = {"AURSID": user.login(Request(), "testPassword")}
        with client as request:
            request.cookies = cookies
            resp = request.post(
                "/packages",
                data={"action": "stub"},
                cookies=cookies,
            )
        assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
@ -1352,10 +1393,10 @@ def test_packages_post(client: TestClient, user: User, package: Package):
    with mock.patch.dict("aurweb.routers.packages.PACKAGE_ACTIONS", actions):
        cookies = {"AURSID": user.login(Request(), "testPassword")}
        with client as request:
            request.cookies = cookies
            resp = request.post(
                "/packages",
                data={"action": "stub"},
                cookies=cookies,
            )
        assert resp.status_code == int(HTTPStatus.OK)
@ -1368,7 +1409,8 @@ def test_pkgbase_merge_unauthorized(client: TestClient, user: User, package: Pac
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    endpoint = f"/pkgbase/{package.PackageBase.Name}/merge"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.UNAUTHORIZED)
@ -1376,7 +1418,8 @@ def test_pkgbase_merge(client: TestClient, tu_user: User, package: Package):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    endpoint = f"/pkgbase/{package.PackageBase.Name}/merge"
    with client as request:
-        resp = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.OK)
    assert not get_errors(resp.text)
@ -1387,7 +1430,8 @@ def test_pkgbase_merge_post_unauthorized(
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    endpoint = f"/pkgbase/{package.PackageBase.Name}/merge"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.UNAUTHORIZED)
@ -1397,7 +1441,8 @@ def test_pkgbase_merge_post_unconfirmed(
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    endpoint = f"/pkgbase/{package.PackageBase.Name}/merge"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
    expected = (
@ -1413,9 +1458,8 @@ def test_pkgbase_merge_post_invalid_into(
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    endpoint = f"/pkgbase/{package.PackageBase.Name}/merge"
    with client as request:
-        resp = request.post(
+        request.cookies = cookies
-            endpoint, data={"into": "not_real", "confirm": True}, cookies=cookies
+        resp = request.post(endpoint, data={"into": "not_real", "confirm": True})
        )
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
    expected = "Cannot find package to merge votes and comments into."
@ -1428,10 +1472,10 @@ def test_pkgbase_merge_post_self_invalid(
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    endpoint = f"/pkgbase/{package.PackageBase.Name}/merge"
    with client as request:
        request.cookies = cookies
        resp = request.post(
            endpoint,
            data={"into": package.PackageBase.Name, "confirm": True},
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
@ -1461,20 +1505,24 @@ def test_pkgbase_merge_post(
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    endpoint = f"/pkgbase/{package.PackageBase.Name}/vote"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    # Enable notifications.
    endpoint = f"/pkgbase/{package.PackageBase.Name}/notify"
    with client as request:
-        resp = request.post(endpoint, cookies=cookies)
+        request.cookies = cookies
        resp = request.post(endpoint)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    # Comment on the package.
    endpoint = f"/pkgbase/{package.PackageBase.Name}/comments"
    with client as request:
        request.cookies = cookies
        resp = request.post(
-            endpoint, data={"comment": "Test comment."}, cookies=cookies
+            endpoint,
            data={"comment": "Test comment."},
        )
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
@ -1486,9 +1534,8 @@ def test_pkgbase_merge_post(
    # Merge the package into target.
    endpoint = f"/pkgbase/{package.PackageBase.Name}/merge"
    with client as request:
-        resp = request.post(
+        request.cookies = cookies
-            endpoint, data={"into": target.Name, "confirm": True}, cookies=cookies
+        resp = request.post(endpoint, data={"into": target.Name, "confirm": True})
        )
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    loc = resp.headers.get("location")
    assert loc == f"/pkgbase/{target.Name}"
@ -1604,9 +1651,10 @@ def test_unauthorized_pkgbase_keywords(client: TestClient, package: Package):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        pkgbase = package.PackageBase
        endp = f"/pkgbase/{pkgbase.Name}/keywords"
-        response = request.post(endp, cookies=cookies)
+        response = request.post(endp)
    assert response.status_code == HTTPStatus.UNAUTHORIZED
--- a/test/test_requests.py
+++ b/test/test_requests.py
@ -254,7 +254,8 @@ def test_request(client: TestClient, auser: User, pkgbase: PackageBase):
    """Test the standard pkgbase request route GET method."""
    endpoint = f"/pkgbase/{pkgbase.Name}/request"
    with client as request:
-        resp = request.get(endpoint, cookies=auser.cookies)
+        request.cookies = auser.cookies
        resp = request.get(endpoint)
    assert resp.status_code == int(HTTPStatus.OK)
@ -263,7 +264,8 @@ def test_request_post_deletion(client: TestClient, auser2: User, pkgbase: Packag
    endpoint = f"/pkgbase/{pkgbase.Name}/request"
    data = {"comments": "Test request.", "type": "deletion"}
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=auser2.cookies)
+        request.cookies = auser2.cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    pkgreq = pkgbase.requests.first()
@ -285,7 +287,8 @@ def test_request_post_deletion_as_maintainer(
    endpoint = f"/pkgbase/{pkgbase.Name}/request"
    data = {"comments": "Test request.", "type": "deletion"}
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=auser.cookies)
+        request.cookies = auser.cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    # Check the pkgreq record got created and accepted.
@ -368,7 +371,8 @@ def test_request_post_merge(
        "comments": "Test request.",
    }
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=auser.cookies)
+        request.cookies = auser.cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    pkgreq = pkgbase.requests.first()
@ -392,7 +396,8 @@ def test_request_post_orphan(client: TestClient, auser: User, pkgbase: PackageBa
        "comments": "Test request.",
    }
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=auser.cookies)
+        request.cookies = auser.cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    pkgreq = pkgbase.requests.first()
@ -428,7 +433,8 @@ def test_deletion_request(
    comments = "Test closure."
    data = {"comments": comments, "confirm": True}
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=tu_user.cookies)
+        request.cookies = tu_user.cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == "/packages"
@ -460,7 +466,8 @@ def test_deletion_autorequest(client: TestClient, tu_user: User, pkgbase: Packag
    endpoint = f"/pkgbase/{pkgbase.Name}/delete"
    data = {"confirm": True}
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=tu_user.cookies)
+        request.cookies = tu_user.cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == "/packages"
@ -498,7 +505,8 @@ def test_merge_request(
    comments = "Test merge closure."
    data = {"into": target.Name, "comments": comments, "confirm": True}
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=tu_user.cookies)
+        request.cookies = tu_user.cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == f"/pkgbase/{target.Name}"
@ -545,7 +553,8 @@ def test_merge_autorequest(
    endpoint = f"/pkgbase/{pkgbase.Name}/merge"
    data = {"into": target.Name, "confirm": True}
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=tu_user.cookies)
+        request.cookies = tu_user.cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == f"/pkgbase/{target.Name}"
@ -582,7 +591,8 @@ def test_orphan_request(
    comments = "Test orphan closure."
    data = {"comments": comments, "confirm": True}
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=tu_user.cookies)
+        request.cookies = tu_user.cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
@ -615,7 +625,8 @@ def test_request_post_orphan_autogenerated_closure(
    endpoint = f"/pkgbase/{pkgbase.Name}/disown"
    data = {"confirm": True}
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=tu_user.cookies)
+        request.cookies = tu_user.cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
@ -677,7 +688,8 @@ def test_orphan_as_maintainer(client: TestClient, auser: User, pkgbase: PackageB
    endpoint = f"/pkgbase/{pkgbase.Name}/disown"
    data = {"confirm": True}
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=auser.cookies)
+        request.cookies = auser.cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == f"/pkgbase/{pkgbase.Name}"
@ -694,7 +706,8 @@ def test_orphan_without_requests(
    endpoint = f"/pkgbase/{pkgbase.Name}/disown"
    data = {"confirm": True}
    with client as request:
-        resp = request.post(endpoint, data=data, cookies=tu_user.cookies)
+        request.cookies = tu_user.cookies
        resp = request.post(endpoint, data=data)
    assert resp.status_code == int(HTTPStatus.BAD_REQUEST)
    errors = get_errors(resp.text)
@ -733,6 +746,7 @@ def test_requests(
 ):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        resp = request.get(
            "/requests",
            params={
@ -742,7 +756,6 @@ def test_requests(
                "SeB": "nd",
                "SB": "n",
            },
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.OK)
@ -756,7 +769,8 @@ def test_requests(
    # Request page 2 of the requests page.
    with client as request:
-        resp = request.get("/requests", params={"O": 50}, cookies=cookies)  # Page 2
+        request.cookies = cookies
        resp = request.get("/requests", params={"O": 50})  # Page 2
    assert resp.status_code == int(HTTPStatus.OK)
    assert "‹ Previous" in resp.text
@ -775,6 +789,7 @@ def test_requests_with_filters(
 ):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        resp = request.get(
            "/requests",
            params={
@ -789,7 +804,6 @@ def test_requests_with_filters(
                "filter_rejected": True,
                "filter_maintainer_requests": False,
            },
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.OK)
@ -803,6 +817,7 @@ def test_requests_with_filters(
    # Request page 2 of the requests page.
    with client as request:
        request.cookies = cookies
        resp = request.get(
            "/requests",
            params={
@ -813,7 +828,6 @@ def test_requests_with_filters(
                "filter_rejected": True,
                "filter_maintainer_requests": False,
            },
            cookies=cookies,
        )  # Page 2
    assert resp.status_code == int(HTTPStatus.OK)
@ -833,10 +847,10 @@ def test_requests_for_maintainer_requests(
 ):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        resp = request.get(
            "/requests",
            params={"filter_maintainer_requests": True},
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.OK)
@ -854,7 +868,8 @@ def test_requests_by_deleted_users(
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get("/requests", cookies=cookies)
+        request.cookies = cookies
        resp = request.get("/requests")
    assert resp.status_code == HTTPStatus.OK
    root = parse_root(resp.text)
@ -867,7 +882,8 @@ def test_requests_selfmade(
 ):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get("/requests", cookies=cookies)
+        request.cookies = cookies
        resp = request.get("/requests")
    assert resp.status_code == int(HTTPStatus.OK)
    # As the user who creates all of the requests, we should see all of them.
@ -885,7 +901,8 @@ def test_requests_selfmade(
 def test_requests_close(client: TestClient, user: User, pkgreq: PackageRequest):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get(f"/requests/{pkgreq.ID}/close", cookies=cookies)
+        request.cookies = cookies
        resp = request.get(f"/requests/{pkgreq.ID}/close")
    assert resp.status_code == int(HTTPStatus.OK)
@ -894,7 +911,10 @@ def test_requests_close_unauthorized(
 ):
    cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
    with client as request:
-        resp = request.get(f"/requests/{pkgreq.ID}/close", cookies=cookies)
+        request.cookies = cookies
        resp = request.get(
            f"/requests/{pkgreq.ID}/close",
        )
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == "/"
@ -904,10 +924,10 @@ def test_requests_close_post_unauthorized(
 ):
    cookies = {"AURSID": maintainer.login(Request(), "testPassword")}
    with client as request:
        request.cookies = cookies
        resp = request.post(
            f"/requests/{pkgreq.ID}/close",
            data={"reason": ACCEPTED_ID},
            cookies=cookies,
        )
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert resp.headers.get("location") == "/"
@ -916,7 +936,8 @@ def test_requests_close_post_unauthorized(
 def test_requests_close_post(client: TestClient, user: User, pkgreq: PackageRequest):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.post(f"/requests/{pkgreq.ID}/close", cookies=cookies)
+        request.cookies = cookies
        resp = request.post(f"/requests/{pkgreq.ID}/close")
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert pkgreq.Status == REJECTED_ID
@ -929,7 +950,10 @@ def test_requests_close_post_rejected(
 ):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        resp = request.post(f"/requests/{pkgreq.ID}/close", cookies=cookies)
+        request.cookies = cookies
        resp = request.post(
            f"/requests/{pkgreq.ID}/close",
        )
    assert resp.status_code == int(HTTPStatus.SEE_OTHER)
    assert pkgreq.Status == REJECTED_ID
--- a/test/test_routes.py
+++ b/test/test_routes.py
@ -99,7 +99,8 @@ def test_user_language(client: TestClient, user: User):
    assert sid is not None
    with client as req:
-        response = req.post("/language", data=post_data, cookies={"AURSID": sid})
+        req.cookies = {"AURSID": sid}
        response = req.post("/language", data=post_data)
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    assert user.LangPreference == "de"
@ -154,6 +155,5 @@ def test_id_redirect(client: TestClient):
                "key": "value",  # Test that this param persists.
                "key2": "value2",  # And this one.
            },
            allow_redirects=False,
        )
    assert response.headers.get("location") == "/test?key=value&key2=value2"
--- a/test/test_trusted_user_routes.py
+++ b/test/test_trusted_user_routes.py
@ -166,7 +166,8 @@ def test_tu_index_unauthorized(client: TestClient, user: User):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
        # Login as a normal user, not a TU.
-        response = request.get("/tu", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tu")
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    assert response.headers.get("location") == "/"
@ -177,7 +178,8 @@ def test_tu_empty_index(client, tu_user):
    # Make a default get request to /tu.
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
-        response = request.get("/tu", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tu")
    assert response.status_code == int(HTTPStatus.OK)
    # Parse lxml root.
@ -226,9 +228,9 @@ def test_tu_index(client, tu_user):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
        # Pass an invalid cby and pby; let them default to "desc".
        request.cookies = cookies
        response = request.get(
            "/tu",
            cookies=cookies,
            params={"cby": "BAD!", "pby": "blah"},
        )
@ -295,7 +297,8 @@ def test_tu_index(client, tu_user):
 def test_tu_stats(client: TestClient, tu_user: User):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
-        response = request.get("/tu", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tu")
    assert response.status_code == HTTPStatus.OK
    root = parse_root(response.text)
@ -316,7 +319,8 @@ def test_tu_stats(client: TestClient, tu_user: User):
        tu_user.InactivityTS = time.utcnow()
    with client as request:
-        response = request.get("/tu", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tu")
    assert response.status_code == HTTPStatus.OK
    root = parse_root(response.text)
@ -364,7 +368,8 @@ def test_tu_index_table_paging(client, tu_user):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
-        response = request.get("/tu", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tu")
    assert response.status_code == int(HTTPStatus.OK)
    # Parse lxml.etree root.
@ -394,7 +399,8 @@ def test_tu_index_table_paging(client, tu_user):
    # Now, get the next page of current votes.
    offset = 10  # Specify coff=10
    with client as request:
-        response = request.get("/tu", cookies=cookies, params={"coff": offset})
+        request.cookies = cookies
        response = request.get("/tu", params={"coff": offset})
    assert response.status_code == int(HTTPStatus.OK)
    old_rows = rows
@ -421,7 +427,8 @@ def test_tu_index_table_paging(client, tu_user):
    offset = 20  # Specify coff=10
    with client as request:
-        response = request.get("/tu", cookies=cookies, params={"coff": offset})
+        request.cookies = cookies
        response = request.get("/tu", params={"coff": offset})
    assert response.status_code == int(HTTPStatus.OK)
    # Do it again, we only have five left.
@ -470,7 +477,8 @@ def test_tu_index_sorting(client, tu_user):
    # Make a default request to /tu.
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
-        response = request.get("/tu", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tu")
    assert response.status_code == int(HTTPStatus.OK)
    # Get lxml handles of the document.
@ -497,7 +505,8 @@ def test_tu_index_sorting(client, tu_user):
    # Make another request; one that sorts the current votes
    # in ascending order instead of the default descending order.
    with client as request:
-        response = request.get("/tu", cookies=cookies, params={"cby": "asc"})
+        request.cookies = cookies
        response = request.get("/tu", params={"cby": "asc"})
    assert response.status_code == int(HTTPStatus.OK)
    # Get lxml handles of the document.
@ -548,7 +557,8 @@ def test_tu_index_last_votes(
    # Now, check that tu_user got populated in the .last-votes table.
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
-        response = request.get("/tu", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/tu")
    assert response.status_code == int(HTTPStatus.OK)
    root = parse_root(response.text)
@ -581,12 +591,14 @@ def test_tu_proposal_unauthorized(
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    endpoint = f"/tu/{proposal[2].ID}"
    with client as request:
-        response = request.get(endpoint, cookies=cookies)
+        request.cookies = cookies
        response = request.get(endpoint)
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    assert response.headers.get("location") == "/tu"
    with client as request:
-        response = request.post(endpoint, cookies=cookies, data={"decision": False})
+        request.cookies = cookies
        response = request.post(endpoint, data={"decision": False})
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    assert response.headers.get("location") == "/tu"
@ -602,9 +614,8 @@ def test_tu_running_proposal(
    proposal_id = voteinfo.ID
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
-        response = request.get(
+        request.cookies = cookies
-            f"/tu/{proposal_id}", cookies=cookies, follow_redirects=True
+        response = request.get(f"/tu/{proposal_id}")
        )
    assert response.status_code == int(HTTPStatus.OK)
    # Alright, now let's continue on to verifying some markup.
@ -674,9 +685,8 @@ def test_tu_running_proposal(
    # Make another request now that we've voted.
    with client as request:
-        response = request.get(
+        request.cookies = cookies
-            "/tu", params={"id": voteinfo.ID}, cookies=cookies, follow_redirects=True
+        response = request.get("/tu", params={"id": voteinfo.ID}, follow_redirects=True)
        )
    assert response.status_code == int(HTTPStatus.OK)
    # Parse our new root.
@ -702,7 +712,8 @@ def test_tu_ended_proposal(client, proposal):
    proposal_id = voteinfo.ID
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
-        response = request.get(f"/tu/{proposal_id}", cookies=cookies)
+        request.cookies = cookies
        response = request.get(f"/tu/{proposal_id}")
    assert response.status_code == int(HTTPStatus.OK)
    # Alright, now let's continue on to verifying some markup.
@ -734,7 +745,8 @@ def test_tu_proposal_vote_not_found(client, tu_user):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
        data = {"decision": "Yes"}
-        response = request.post("/tu/1", cookies=cookies, data=data)
+        request.cookies = cookies
        response = request.post("/tu/1", data=data)
    assert response.status_code == int(HTTPStatus.NOT_FOUND)
@ -747,7 +759,8 @@ def test_tu_proposal_vote(client, proposal):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
        data = {"decision": "Yes"}
-        response = request.post(f"/tu/{voteinfo.ID}", cookies=cookies, data=data)
+        request.cookies = cookies
        response = request.post(f"/tu/{voteinfo.ID}", data=data)
    assert response.status_code == int(HTTPStatus.OK)
    # Check that the proposal record got updated.
@ -775,7 +788,8 @@ def test_tu_proposal_vote_unauthorized(
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
        data = {"decision": "Yes"}
-        response = request.post(f"/tu/{voteinfo.ID}", cookies=cookies, data=data)
+        request.cookies = cookies
        response = request.post(f"/tu/{voteinfo.ID}", data=data)
    assert response.status_code == int(HTTPStatus.UNAUTHORIZED)
    root = parse_root(response.text)
@ -784,7 +798,8 @@ def test_tu_proposal_vote_unauthorized(
    with client as request:
        data = {"decision": "Yes"}
-        response = request.get(f"/tu/{voteinfo.ID}", cookies=cookies, params=data)
+        request.cookies = cookies
        response = request.get(f"/tu/{voteinfo.ID}", params=data)
    assert response.status_code == int(HTTPStatus.OK)
    root = parse_root(response.text)
@ -802,7 +817,8 @@ def test_tu_proposal_vote_cant_self_vote(client, proposal):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
        data = {"decision": "Yes"}
-        response = request.post(f"/tu/{voteinfo.ID}", cookies=cookies, data=data)
+        request.cookies = cookies
        response = request.post(f"/tu/{voteinfo.ID}", data=data)
    assert response.status_code == int(HTTPStatus.BAD_REQUEST)
    root = parse_root(response.text)
@ -811,7 +827,8 @@ def test_tu_proposal_vote_cant_self_vote(client, proposal):
    with client as request:
        data = {"decision": "Yes"}
-        response = request.get(f"/tu/{voteinfo.ID}", cookies=cookies, params=data)
+        request.cookies = cookies
        response = request.get(f"/tu/{voteinfo.ID}", params=data)
    assert response.status_code == int(HTTPStatus.OK)
    root = parse_root(response.text)
@ -830,7 +847,8 @@ def test_tu_proposal_vote_already_voted(client, proposal):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
        data = {"decision": "Yes"}
-        response = request.post(f"/tu/{voteinfo.ID}", cookies=cookies, data=data)
+        request.cookies = cookies
        response = request.post(f"/tu/{voteinfo.ID}", data=data)
    assert response.status_code == int(HTTPStatus.BAD_REQUEST)
    root = parse_root(response.text)
@ -839,7 +857,8 @@ def test_tu_proposal_vote_already_voted(client, proposal):
    with client as request:
        data = {"decision": "Yes"}
-        response = request.get(f"/tu/{voteinfo.ID}", cookies=cookies, params=data)
+        request.cookies = cookies
        response = request.get(f"/tu/{voteinfo.ID}", params=data)
    assert response.status_code == int(HTTPStatus.OK)
    root = parse_root(response.text)
@ -853,7 +872,8 @@ def test_tu_proposal_vote_invalid_decision(client, proposal):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
        data = {"decision": "EVIL"}
-        response = request.post(f"/tu/{voteinfo.ID}", cookies=cookies, data=data)
+        request.cookies = cookies
        response = request.post(f"/tu/{voteinfo.ID}", data=data)
    assert response.status_code == int(HTTPStatus.BAD_REQUEST)
    assert response.text == "Invalid 'decision' value."
@ -861,7 +881,8 @@ def test_tu_proposal_vote_invalid_decision(client, proposal):
 def test_tu_addvote(client: TestClient, tu_user: User):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
-        response = request.get("/addvote", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/addvote")
    assert response.status_code == int(HTTPStatus.OK)
@ -870,12 +891,14 @@ def test_tu_addvote_unauthorized(
 ):
    cookies = {"AURSID": user.login(Request(), "testPassword")}
    with client as request:
-        response = request.get("/addvote", cookies=cookies)
+        request.cookies = cookies
        response = request.get("/addvote")
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    assert response.headers.get("location") == "/tu"
    with client as request:
-        response = request.post("/addvote", cookies=cookies)
+        request.cookies = cookies
        response = request.post("/addvote")
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    assert response.headers.get("location") == "/tu"
@ -883,7 +906,8 @@ def test_tu_addvote_unauthorized(
 def test_tu_addvote_invalid_type(client: TestClient, tu_user: User):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    with client as request:
-        response = request.get("/addvote", params={"type": "faketype"}, cookies=cookies)
+        request.cookies = cookies
        response = request.get("/addvote", params={"type": "faketype"})
    assert response.status_code == int(HTTPStatus.OK)
    root = parse_root(response.text)
@ -897,7 +921,8 @@ def test_tu_addvote_post(client: TestClient, tu_user: User, user: User):
    data = {"user": user.Username, "type": "add_tu", "agenda": "Blah"}
    with client as request:
-        response = request.post("/addvote", cookies=cookies, data=data)
+        request.cookies = cookies
        response = request.post("/addvote", data=data)
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    voteinfo = db.query(TUVoteInfo, TUVoteInfo.Agenda == "Blah").first()
@ -912,14 +937,16 @@ def test_tu_addvote_post_cant_duplicate_username(
    data = {"user": user.Username, "type": "add_tu", "agenda": "Blah"}
    with client as request:
-        response = request.post("/addvote", cookies=cookies, data=data)
+        request.cookies = cookies
        response = request.post("/addvote", data=data)
    assert response.status_code == int(HTTPStatus.SEE_OTHER)
    voteinfo = db.query(TUVoteInfo, TUVoteInfo.Agenda == "Blah").first()
    assert voteinfo is not None
    with client as request:
-        response = request.post("/addvote", cookies=cookies, data=data)
+        request.cookies = cookies
        response = request.post("/addvote", data=data)
    assert response.status_code == int(HTTPStatus.BAD_REQUEST)
@ -927,7 +954,8 @@ def test_tu_addvote_post_invalid_username(client: TestClient, tu_user: User):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    data = {"user": "fakeusername"}
    with client as request:
-        response = request.post("/addvote", cookies=cookies, data=data)
+        request.cookies = cookies
        response = request.post("/addvote", data=data)
    assert response.status_code == int(HTTPStatus.NOT_FOUND)
@ -935,7 +963,8 @@ def test_tu_addvote_post_invalid_type(client: TestClient, tu_user: User, user: U
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    data = {"user": user.Username}
    with client as request:
-        response = request.post("/addvote", cookies=cookies, data=data)
+        request.cookies = cookies
        response = request.post("/addvote", data=data)
    assert response.status_code == int(HTTPStatus.BAD_REQUEST)
@ -943,7 +972,8 @@ def test_tu_addvote_post_invalid_agenda(client: TestClient, tu_user: User, user:
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    data = {"user": user.Username, "type": "add_tu"}
    with client as request:
-        response = request.post("/addvote", cookies=cookies, data=data)
+        request.cookies = cookies
        response = request.post("/addvote", data=data)
    assert response.status_code == int(HTTPStatus.BAD_REQUEST)
@ -952,5 +982,6 @@ def test_tu_addvote_post_bylaws(client: TestClient, tu_user: User):
    cookies = {"AURSID": tu_user.login(Request(), "testPassword")}
    data = {"type": "bylaws", "agenda": "Blah blah!"}
    with client as request:
-        response = request.post("/addvote", cookies=cookies, data=data)
+        request.cookies = cookies
        response = request.post("/addvote", data=data)
    assert response.status_code == int(HTTPStatus.SEE_OTHER)