def test_generate_url(self):
# Ensure generate_url behaves as expected.
token = authentication.encode_token("*****@*****.**")
url = url_for("account.confirm", token=token, _external=True)
url_token = url.split("/")[-1] # the last one
assert token == url_token
email = authentication.decode_token(url_token)
assert email == "*****@*****.**"
def confirm(token):
for salt in token_types:
uuid = authentication.decode_token(token, salt=salt)
if salt == "password-reset-salt" and uuid:
task_token = UserToken(uuid).issue_task_token("update:user:new_password")
return (
jsonify(
{
"access_token": task_token,
"token_type": "Bearer",
"expires-in": 3600,
}
),
200,
)
elif salt == "email-confirm-salt" and uuid:
uuid = authentication.decode_token(token, salt=salt)
if not UserToken(uuid).confirm():
return json_api(AccessDenied, ErrorSchema), 403
return "", 204
return json_api(AccessDenied, ErrorSchema), 403
def test_verify_token(self):
# Ensure encode and decode behave correctly.
token = authentication.encode_token("*****@*****.**")
email = authentication.decode_token(token)
assert email == "*****@*****.**"
def test_verify_expired_token(self):
# Ensure encode and decode behave correctly when token has expired.
token = authentication.encode_token("*****@*****.**")
time.sleep(1)
email = authentication.decode_token(token, expiration=0)
assert email is False
def test_verify_invalid_token(self):
# Ensure encode and decode behave correctly when token is invalid.
token = "invalid"
email = authentication.decode_token(token)
assert email is False