def test_token_with_timestamp(self):
with override_settings(SESAME_MAX_AGE=300):
token = create_token(self.user)
self.assertFalse(detect_token(token))
user = parse_token(token, self.get_user)
self.assertIsNone(user)
self.assertLogsContain("Valid signature but unexpected token")
def test_unknown_user(self):
token = create_token(self.user)
self.user.delete()
self.assertTrue(detect_token(token))
user = parse_token(token, self.get_user)
self.assertIsNone(user)
self.assertLogsContain("Unknown or inactive user")
def test_extended_max_age_token(self):
token = create_token(self.user)
with override_settings(SESAME_MAX_AGE=300):
self.assertTrue(detect_token(token))
user = parse_token(token, self.get_user)
self.assertEqual(user, self.user)
self.assertLogsContain("Valid token for user john")
def test_random_token(self):
token = "!@#$%" * 11
self.assertEqual(len(token), len(create_token(self.user)))
self.assertFalse(detect_token(token))
user = parse_token(token, self.get_user)
self.assertIsNone(user)
self.assertLogsContain("Bad token")
def test_invalid_signature(self):
token = create_token(self.user)
# Alter signature, which is is in bytes 28 - 55
token = token[:28] + token[28:].lower()
self.assertTrue(detect_token(token))
user = parse_token(token, self.get_user)
self.assertIsNone(user)
self.assertLogsContain("Bad token")
def test_expired_max_age_token(self):
token = create_token(self.user)
self.assertTrue(detect_token(token))
user = parse_token(token, self.get_user)
self.assertIsNone(user)
self.assertLogsContain("Expired token")
def test_valid_max_age_token(self):
token = create_token(self.user)
self.assertTrue(detect_token(token))
user = parse_token(token, self.get_user)
self.assertEqual(user, self.user)
self.assertLogsContain("Valid token for user john")
def test_custom_packer_is_used(self):
user = self.create_user(username="******")
token = create_token(user)
# base64.b64encode(bytes.fromhex(username)).decode() == "q83vASNFq83vVniQ"
self.assertEqual(token[:16], "q83vASNFq83vVniQ")
self.assertTrue(detect_token(token))
def test_create_token_use_first_choice(self):
token = create_token(self.user)
self.assertTrue(tokens_v1.detect_token(token))
self.assertFalse(tokens_v2.detect_token(token))
def test_create_token_force_v1(self):
token = create_token(self.user)
self.assertTrue(tokens_v1.detect_token(token))
self.assertFalse(tokens_v2.detect_token(token))
