def test_change_user_email_missing_argument_in_token(self):
# Given
users_factories.UserFactory(email="*****@*****.**",
firstName="UniqueNameForEmailChangeTest")
expiration_date = datetime.now() + timedelta(hours=1)
missing_current_email_token_payload = dict(
new_email="*****@*****.**")
missing_current_email_token = encode_jwt_payload(
missing_current_email_token_payload, expiration_date)
missing_new_email_token_payload = dict(
current_email="*****@*****.**")
missing_new_email_token = encode_jwt_payload(
missing_new_email_token_payload, expiration_date)
missing_exp_token_payload = dict(new_email="*****@*****.**")
missing_exp_token = encode_jwt_payload(missing_exp_token_payload)
# When
with pytest.raises(jwt.exceptions.InvalidTokenError):
users_api.change_user_email(missing_current_email_token)
users_api.change_user_email(missing_new_email_token)
users_api.change_user_email(missing_exp_token)
# Then
old_user = User.query.filter_by(email="*****@*****.**").first()
assert old_user is not None
new_user = User.query.filter_by(email="*****@*****.**").first()
assert new_user is None
def _build_link_for_email_change(current_email: str, new_email: str) -> str:
expiration_date = datetime.now() + constants.EMAIL_CHANGE_TOKEN_LIFE_TIME
token = encode_jwt_payload(
dict(current_email=current_email, new_email=new_email),
expiration_date)
return f"{settings.WEBAPP_URL}/email-change?token={token}&expiration_timestamp={int(expiration_date.timestamp())}"
def test_encode_jwt_payload_without_expiration_date(self):
payload = dict(data="value")
jwt_token = encode_jwt_payload(payload)
decoded = jwt.decode(jwt_token, settings.JWT_SECRET_KEY, algorithms=ALGORITHM_HS_256)
assert decoded["data"] == "value"
assert "exp" not in decoded
def test_encode_jwt_payload(self):
payload = dict(data="value")
expiration_date = datetime.now()
jwt_token = encode_jwt_payload(payload, expiration_date)
decoded = jwt.decode(jwt_token, settings.JWT_SECRET_KEY, algorithms=ALGORITHM_HS_256)
assert decoded == {"data": "value", "exp": int(expiration_date.timestamp())}
def test_change_user_email_current_email_not_existing_anymore(self):
# Given
expiration_date = datetime.now() + timedelta(hours=1)
token_payload = dict(current_email="*****@*****.**", new_email="*****@*****.**")
token = encode_jwt_payload(token_payload, expiration_date)
# When
users_api.change_user_email(token)
# Then
old_user = User.query.filter_by(email="*****@*****.**").first()
assert old_user is None
new_user = User.query.filter_by(email="*****@*****.**").first()
assert new_user is None
def test_change_user_email_new_email_already_existing(self):
# Given
users_factories.UserFactory(email="*****@*****.**", firstName="UniqueNameForEmailChangeTest")
expiration_date = datetime.now() + timedelta(hours=1)
token_payload = dict(current_email="*****@*****.**", new_email="*****@*****.**")
token = encode_jwt_payload(token_payload, expiration_date)
# When
users_api.change_user_email(token)
# Then
old_user = User.query.filter_by(email="*****@*****.**").first()
assert old_user is None
new_user = User.query.filter_by(email="*****@*****.**").first()
assert new_user is not None
def test_change_user_email(self):
# Given
user = users_factories.UserFactory(email="*****@*****.**", firstName="UniqueNameForEmailChangeTest")
users_factories.UserSessionFactory(user=user)
expiration_date = datetime.now() + timedelta(hours=1)
token_payload = dict(current_email="*****@*****.**", new_email="*****@*****.**")
token = encode_jwt_payload(token_payload, expiration_date)
# When
users_api.change_user_email(token)
# Then
assert user.email == "*****@*****.**"
new_user = User.query.filter_by(email="*****@*****.**").first()
assert new_user is not None
assert new_user.firstName == "UniqueNameForEmailChangeTest"
old_user = User.query.filter_by(email="*****@*****.**").first()
assert old_user is None
assert UserSession.query.filter_by(userId=user.id).first() is None
class ValidateJwtTokenTest:
token_value = encode_jwt_payload({"pay": "load"})
def test_get_user_with_valid_token(self):
user = users_factories.UserFactory()
token_type = TokenType.RESET_PASSWORD
expiration_date = datetime.now() + timedelta(hours=24)
saved_token = Token(
from_dict={
"userId": user.id,
"value": self.token_value,
"type": token_type,
"expirationDate": expiration_date,
}
)
repository.save(saved_token)
associated_user = get_user_with_valid_token(self.token_value, [token_type, "other-allowed-type"])
assert associated_user.id == user.id
def test_get_user_with_valid_token_without_expiration_date(self):
user = users_factories.UserFactory()
token_type = TokenType.RESET_PASSWORD
saved_token = Token(from_dict={"userId": user.id, "value": self.token_value, "type": token_type})
repository.save(saved_token)
associated_user = get_user_with_valid_token(self.token_value, [token_type])
assert associated_user.id == user.id
def test_get_user_with_valid_token_wrong_token(self):
user = users_factories.UserFactory()
token_type = TokenType.RESET_PASSWORD
saved_token = Token(from_dict={"userId": user.id, "value": self.token_value, "type": token_type})
repository.save(saved_token)
associated_user = get_user_with_valid_token("wrong-token-value", [token_type])
assert associated_user is None
def test_get_user_with_valid_token_wrong_type(self):
user = users_factories.UserFactory()
token_type = TokenType.RESET_PASSWORD
saved_token = Token(from_dict={"userId": user.id, "value": self.token_value, "type": token_type})
repository.save(saved_token)
assert Token.query.filter_by(value=self.token_value).first() is not None
associated_user = get_user_with_valid_token(self.token_value, ["other_type"])
assert associated_user is None
def test_get_user_with_valid_token_with_expired_date(self):
user = users_factories.UserFactory()
token_type = TokenType.RESET_PASSWORD
saved_token = Token(
from_dict={
"userId": user.id,
"value": self.token_value,
"type": token_type,
"expirationDate": datetime.now() - timedelta(hours=24),
}
)
repository.save(saved_token)
assert Token.query.filter_by(value=self.token_value).first() is not None
associated_user = get_user_with_valid_token(self.token_value, [token_type])
assert associated_user is None
def _build_link_for_email_change(current_email: str, new_email: str) -> str:
expiration_date = datetime.now() + constants.EMAIL_CHANGE_TOKEN_LIFE_TIME
token = encode_jwt_payload(dict(current_email=current_email, new_email=new_email), expiration_date)
return f"{get_webapp_url()}/changement-email?token={token}&expiration_timestamp={int(expiration_date.timestamp())}"
