def test_remove_expired_token_method(_db):
"""Test remove_expired method for valid and expired tokens."""
valid_token = create_access_token(identity=1)
expired_token = create_access_token(
identity=1, expires_delta=timedelta(microseconds=1))
add_token_to_database(valid_token)
add_token_to_database(expired_token)
tokens_db = _db.session.query(JWTToken).all()
expired = [token.expired() for token in tokens_db]
assert True in expired and False in expired
JWTToken.remove_expired()
assert len(_db.session.query(JWTToken).all()) == 1
def add_token_to_database(encoded_token, identity_claim):
"""
Adds a new token to the database. It is not revoked when it is added.
:param identity_claim:
"""
decoded_token = decode_token(encoded_token)
jti = decoded_token['jti']
token_type = decoded_token['type']
user_identity = decoded_token[identity_claim]
expires = datetime.fromtimestamp(decoded_token['exp'])
revoked = False
db_token = JWTToken(
jti=jti,
token_type=token_type,
user_identity=user_identity,
expires=expires,
revoked=revoked,
)
db.session.add(db_token)
db.session.commit()
def check_if_token_in_blacklist(decrypted_token):
"""Checking if token is blacklisted"""
jti = decrypted_token["jti"]
return JWTToken.is_jti_blacklisted(jti)
def remove_expired_tokens():
"""Remove expired tokens from database."""
click.echo("Removing expired tokens")
JWTToken.remove_expired()
click.echo("Done!")