def test_encode_auth_token(self): user = User( email='*****@*****.**', password='******', name='joe' ) db.session.add(user) db.session.commit() auth_token = user.encode_auth_token(user.id) self.assertIsInstance(auth_token, bytes)
def setUp(self): super(TestUserResource, self).setUp() user = User(email='*****@*****.**', password='******', name='joe', joined_on=date(2017, 1, 1)) db.session.add(user) db.session.commit() self.user = user self.token = user.encode_auth_token(user.id).decode()
def setUp(self): super(TestEntryResource, self).setUp() user = User(email='*****@*****.**', password='******', name='joe') user2 = User(email='*****@*****.**', password='******', name='moe') db.session.add(user) db.session.add(user2) db.session.commit() self.user = user self.user2 = user2 self.auth_token = user.encode_auth_token(user.id).decode()
def test_auth_token_data(self): user = User( email='*****@*****.**', password='******', name='joe', joined_on=date(2017, 1, 1) ) db.session.add(user) db.session.commit() auth_token = user.encode_auth_token(user.id) self.assertIsInstance(auth_token, bytes) data = jwt.decode(auth_token, 'test_secret_key') self.assertEqual(data['id'], user.id) self.assertEqual(data['email'], user.email) self.assertNotIn('password', data) self.assertEqual(data['joined_on'], '2017-01-01') self.assertEqual(data['name'], 'joe')
def test_logout_blacklist_token(self): ''' Test that logging out blacklists current token ''' user = User(email='*****@*****.**', password='******', name='joe') db.session.add(user) db.session.commit() auth_token = user.encode_auth_token(user.id).decode() response = self.client.post( '/logout', headers={'Authorization': 'Bearer ' + auth_token}) data = json.loads(response.data.decode()) self.assertEqual(data['status'], 'success') self.assertEqual(data['message'], 'Successfully logged out') self.assertEqual(response.content_type, 'application/json') self.assertEqual(response.status_code, 200) blacklist = BlacklistToken.query.filter_by(token=auth_token).first() self.assertTrue(blacklist is not None)
def test_joined_on(self): user = User( email='*****@*****.**', password='******', name='joe', joined_on=date(2017, 1, 1) ) db.session.add(user) db.session.commit() self.assertEqual(user.joined_on, date(2017, 1, 1))
def test_expired_token_rejection(self): ''' Test that using an expired token gives correct error ''' with freeze_time(datetime.utcnow()) as frozen_datetime: user = User(email='*****@*****.**', password='******', name='joe') db.session.add(user) db.session.commit() auth_token = user.encode_auth_token(user.id).decode() # Jump time to just after token has expired td = timedelta(days=1, seconds=1) frozen_datetime.move_to(datetime.utcnow() + td) response = self.client.get( '/user', headers={'Authorization': 'Bearer ' + auth_token}) data = json.loads(response.data.decode()) self.assertEqual(data['status'], 'error') self.assertEqual(data['error'], 'Signature expired. Please log in again.') self.assertEqual(response.content_type, 'application/json') self.assertEqual(response.status_code, 401)
def test_blacklist_token_rejection(self): ''' Test that blacklisted auth tokens are rejected ''' # Create user / auth_token user = User(email='*****@*****.**', password='******', name='joe') db.session.add(user) db.session.commit() auth_token = user.encode_auth_token(user.id).decode() # Blacklist auth_token blacklist_token = BlacklistToken(token=auth_token) db.session.add(blacklist_token) db.session.commit() # Check to make sure that the blacklisted token cannot be used response = self.client.get( '/user', headers={'Authorization': 'Bearer ' + auth_token}) data = json.loads(response.data.decode()) self.assertEqual(data['status'], 'error') self.assertEqual(data['error'], 'Token blacklisted. Please log in again.') self.assertEqual(response.content_type, 'application/json') self.assertEqual(response.status_code, 401)
def test_registered_with_already_registered_user(self): ''' Test registration with already registered email''' user = User(email='*****@*****.**', password='******', name='joe') db.session.add(user) db.session.commit() response = self.client.post('/register', data=json.dumps( dict(email='*****@*****.**', password='******', name='moe')), content_type='application/json') data = json.loads(response.data.decode()) self.assertEqual(data['status'], 'error') self.assertEqual(data['error'], 'User already exists.') self.assertEqual(response.content_type, 'application/json') self.assertEqual(response.status_code, 400)