def test_users_immortal_tokens_stay_immortal_when_OVERWRITE_NONE_TTL_setting_is_False(
self):
hash = TOKENS_CACHE.get(self.user.pk)[0]
MultiToken.reset_tokens_ttl(self.user.pk)
self.assertIsNone(TOKENS_CACHE.ttl(self.user.pk))
self.assertIsNone(TOKENS_CACHE.ttl(hash))
def test_other_users_tokens_are_not_affected(self):
second_user = create_test_user('tester2')
second_token, _ = MultiToken.create_token(second_user)
MultiToken.expire_token(self.token)
self.assertIsNotNone(TOKENS_CACHE.get(second_user.pk))
self.assertIsNotNone(
TOKENS_CACHE.get(parse_full_token(second_token.key)[1]))
def test_immortal_tokens_stay_immortal_when_user_provided_timeout_is_None(
self):
hash = TOKENS_CACHE.get(self.user.pk)[0]
self.assertIsNone(TOKENS_CACHE.ttl(self.user.pk))
self.assertIsNone(TOKENS_CACHE.ttl(hash))
MultiToken.reset_tokens_ttl(self.user.pk)
self.assertIsNone(TOKENS_CACHE.ttl(self.user.pk))
self.assertIsNone(TOKENS_CACHE.ttl(hash))
def test_users_immortal_tokens_get_limited_ttl_when_OVERWRITE_NONE_TTL_setting_is_True(
self):
hash = TOKENS_CACHE.get(self.user.pk)[0]
self.assertIsNone(TOKENS_CACHE.ttl(self.user.pk))
self.assertIsNone(TOKENS_CACHE.ttl(hash))
MultiToken.reset_tokens_ttl(self.user.pk)
self.assertIsNotNone(TOKENS_CACHE.ttl(self.user.pk))
self.assertIsNotNone(TOKENS_CACHE.ttl(hash))
def test_other_users_tokens_are_not_affected(self):
second_user = create_test_user('tester2')
second_token, _ = MultiToken.create_token(second_user)
import time
time.sleep(1)
MultiToken.reset_tokens_ttl(self.user.pk)
self.assertEqual(TOKENS_CACHE.ttl(self.user.pk), 1000)
self.assertNotEqual(TOKENS_CACHE.ttl(second_user.pk), 1000)
hash = TOKENS_CACHE.get(second_user.pk)[0]
self.assertNotEqual(hash, 1000)
def test_token_is_removed_from_redis_when_user_has_multiple_tokens(self):
second_token, first_device = MultiToken.create_token(self.user)
MultiToken.expire_token(self.token)
self.assertEqual(len(TOKENS_CACHE.get(self.user.pk)), 1)
_, hash = parse_full_token(self.token.key)
self.assertIsNone(TOKENS_CACHE.get(hash))
self.assertEqual(
TOKENS_CACHE.get(self.user.pk)[0],
parse_full_token(second_token.key)[1])
self.assertIsNotNone(
TOKENS_CACHE.get(parse_full_token(second_token.key)[1]))
def test_token_with_ttl_gets_new_ttl_when_user_changes_timeout_to_2000(
self, mocked_settings):
hash = TOKENS_CACHE.get(self.user.pk)[0]
TOKENS_CACHE.expire(self.user.pk, 1000)
TOKENS_CACHE.expire(TOKENS_CACHE.ttl(hash), 1000)
settings = MockedSettings(timeout=2000)
mocked_settings.CACHES.__getitem__.return_value = settings.CACHES[
'default']
MultiToken.reset_tokens_ttl(self.user.pk)
self.assertEqual(TOKENS_CACHE.ttl(self.user.pk), 2000)
self.assertEqual(TOKENS_CACHE.ttl(hash), 2000)
def test_token_with_ttl_becomes_immortal_when_user_changes_timeout_to_None(
self, mocked_settings):
hash = TOKENS_CACHE.get(self.user.pk)[0]
TOKENS_CACHE.expire(self.user.pk, 1000)
TOKENS_CACHE.expire(TOKENS_CACHE.ttl(hash), 1000)
settings = MockedSettings(timeout=None)
mocked_settings.CACHES.__getitem__.return_value = settings.CACHES[
'default']
MultiToken.reset_tokens_ttl(self.user.pk)
self.assertIsNone(TOKENS_CACHE.ttl(self.user.pk))
self.assertIsNone(TOKENS_CACHE.ttl(hash))
def test_second_hash_is_saved_in_redis_alongside_the_first_one(self):
first_hash = TOKENS_CACHE.get(self.user.pk)[0]
second_token, first_device = MultiToken.create_token(self.user)
second_hash = TOKENS_CACHE.get(self.user.pk)[1]
self.assertEqual(len(TOKENS_CACHE.get(self.user.pk)), 2)
self.assertIn(first_hash, TOKENS_CACHE.get(self.user.pk))
self.assertIn(second_hash, TOKENS_CACHE.get(self.user.pk))
self.assertIsNotNone(TOKENS_CACHE.get(first_hash))
self.assertIsNotNone(TOKENS_CACHE.get(second_hash))
def test_token_is_removed_from_redis_when_user_has_only_one_token(self):
self.assertIsNone(MultiToken.expire_token(self.token))
self.assertEqual(len(TOKENS_CACHE.get(self.user.pk)), 0)
_, hash = parse_full_token(self.token.key)
self.assertIsNone(TOKENS_CACHE.get(hash))
def test_only_token_hash_is_saved_in_redis(self):
hash = TOKENS_CACHE.get(self.user.pk)[0]
self.assertIsNotNone(TOKENS_CACHE.get(hash))
self.assertIsNone(TOKENS_CACHE.get(self.token.key))
def test_token_is_saved_correctly_in_redis(self):
self.assertIsNotNone(TOKENS_CACHE.get(self.user.pk))
hashes = TOKENS_CACHE.get(self.user.pk)
self.assertEqual(len(hashes), 1)
self.assertIsNotNone(TOKENS_CACHE.get(hashes[0]))
def test_token_ttl_is_correct_when_user_provides_cache_db_timeout_parameter(
self):
MultiToken._set_key_value('key', 'value')
self.assertIsNotNone(TOKENS_CACHE.ttl('key'))
self.assertAlmostEquals(TOKENS_CACHE.ttl('key'), 1000)
def test_correct_ttl_is_set_for_renewed_tokens(self):
hash = TOKENS_CACHE.get(self.user.pk)[0]
MultiToken.reset_tokens_ttl(self.user.pk)
self.assertAlmostEquals(TOKENS_CACHE.ttl(self.user.pk), 1000)
self.assertAlmostEquals(TOKENS_CACHE.ttl(hash), 1000)
def setUp(self):
TOKENS_CACHE.clear()
self.user = create_test_user()
self.token, self.first_device = MultiToken.create_token(self.user)
def test_auth_for_user_without_token_fails(self):
TOKENS_CACHE.clear()
client = APIClient(enforce_csrf_checks=True)
response = client.post('/token/', {'username': self.user.username},
format='json')
self.assertEqual(response.status_code, status.HTTP_401_UNAUTHORIZED)
def tearDown(self):
# cleanup Redis after tests
TOKENS_CACHE.clear()
def test_default_timeout_for_cache_db_is_used_when_timeout_is_not_provided_provided(
self):
MultiToken._set_key_value('key', 'value')
self.assertIsNone(TOKENS_CACHE.ttl('key'))