async def test_refresh_token_success(app, database, get_user_data):
app_authenticate = app['authenticate']
app_authorized = app[JWT_AUTH_APP]
user_data = get_user_data()
async with app['db'].acquire() as conn: # type: SAConnection
user_data = get_user_data()
await create_user(conn=conn, user_data=user_data)
token = await login(db=app['db'],
credentials_data={
'username': user_data['username'],
'password': user_data['password']
},
living_time=app_authenticate['living_time'],
private_key=app_authenticate['private_key'])
token_encoded = validate_token(token=token,
public_key=app_authorized[JWT_PUBLIC_KEY])
time_1 = token_encoded.exp
import time
time.sleep(1)
token_refreshed = await refresh_token(
db=app['db'],
user_data_token=token_encoded,
living_time=app_authenticate['living_time'],
private_key=app_authenticate['private_key'])
token_refreshed_encoded = validate_token(
token=token_refreshed, public_key=app_authorized[JWT_PUBLIC_KEY])
time_2 = token_refreshed_encoded.exp
assert time_1 < time_2
async def test_login_few_users(app, database, get_user_data):
app_authenticate = app['authenticate']
app_authorized = app[JWT_AUTH_APP]
_user_count = 10
user_list = list()
async with app['db'].acquire() as conn: # type: SAConnection
for i in range(_user_count):
user_data = get_user_data()
await create_user(conn=conn, user_data=user_data)
user_list.append(user_data)
# authenticate one user several times
token_1 = await login(db=app['db'],
credentials_data={
'username': user_list[0]['username'],
'password': user_list[0]['password']
},
living_time=app_authenticate['living_time'],
private_key=app_authenticate['private_key'])
token_2 = await login(db=app['db'],
credentials_data={
'username': user_list[0]['username'],
'password': user_list[0]['password']
},
living_time=app_authenticate['living_time'],
private_key=app_authenticate['private_key'])
user_data_token_1 = validate_token(
token=token_1, public_key=app_authorized[JWT_PUBLIC_KEY])
user_data_token_2 = validate_token(
token=token_2, public_key=app_authorized[JWT_PUBLIC_KEY])
assert user_data_token_1.sub == user_data_token_2.sub
assert user_data_token_1.jti != user_data_token_2.jti
async def test_logout_success(app, database, get_user_data):
app_authenticate = app['authenticate']
app_authorized = app[JWT_AUTH_APP]
user_data = get_user_data()
async with app['db'].acquire() as conn: # type: SAConnection
user_data = get_user_data()
await create_user(conn=conn, user_data=user_data)
token = await login(db=app['db'],
credentials_data={
'username': user_data['username'],
'password': user_data['password']
},
living_time=app_authenticate['living_time'],
private_key=app_authenticate['private_key'])
token_encoded = validate_token(token=token,
public_key=app_authorized[JWT_PUBLIC_KEY])
await logout(db=app['db'], user_data_token=token_encoded)
async with app['db'].acquire() as conn: # type: SAConnection
query = sa.select([refresh_tokens]) \
.where(refresh_tokens.c.id == token_encoded.jti)
cursor: ResultProxy = await conn.execute(query)
refresh_token_from_db = await cursor.fetchone()
assert refresh_token_from_db is None
async def test_create_access_token(app: web.Application, database,
get_user_data):
user_data = get_user_data()
app_authenticate = app['authenticate']
app_authorized = app[JWT_AUTH_APP]
async with app['db'].acquire() as conn: # type: SAConnection
user = await create_user(conn=conn, user_data=user_data)
refresh_token = await create_refresh_token(conn=conn, user=user)
user_data_token = to_user_data_token(user)
token = await create_access_token(
user_data_token=user_data_token,
refresh_token=refresh_token,
living_time=app_authenticate['living_time'],
private_key=app_authenticate['private_key'])
user_data_token_parsed = validate_token(
token=token,
public_key=app_authorized[JWT_PUBLIC_KEY],
verify_exp=False)
assert user_data_token_parsed.sub == user['id']
assert user_data_token_parsed.jti == refresh_token['id']
assert get_current_timestamp(
) + app_authenticate['living_time'] - user_data_token_parsed.exp < 2
def test_encode_token(private_key, public_key, faker):
user_data_token = UserDataToken({
'sub': faker.random_int(),
'jti': faker.word(),
'exp': faker.random_int()
})
token = encode_token(user_data_token=user_data_token,
private_key=private_key)
encoded = validate_token(token=token,
public_key=public_key,
verify_exp=False)
assert user_data_token.sub == encoded.sub
assert user_data_token.jti == encoded.jti
assert user_data_token.exp == encoded.exp