def test_insecure_cookie(principal):
dummy_request = Request.blank("/")
policy = JWTCookieAuthenticationPolicy("secret", https_only=False)
token = policy.create_token(principal)
_, cookie = policy.remember(dummy_request, token).pop()
assert "; secure;" not in cookie
assert "; HttpOnly" in cookie
def test_secure_cookie():
policy = JWTCookieAuthenticationPolicy("secret", https_only=True)
dummy_request = Request.blank("/")
token = policy.create_token(str(uuid.uuid4()))
_, cookie = policy.remember(dummy_request, token).pop()
assert "; secure;" in cookie
assert "; HttpOnly" in cookie
def test_cookie_name(principal):
dummy_request = Request.blank("/")
policy = JWTCookieAuthenticationPolicy("secret", cookie_name="auth")
token = policy.create_token(principal)
_, cookie = policy.remember(dummy_request, token).pop()
name, value = cookie.split("=", 1)
assert name == "auth"
def test_cookie(principal):
dummy_request = Request.blank("/")
policy = JWTCookieAuthenticationPolicy("secret")
token = policy.create_token(principal)
cookie = policy.remember(dummy_request, token).pop()
assert len(cookie) == 2
header, cookie = cookie
assert header == "Set-Cookie"
assert len(cookie) > 0
def test_cookie_decode(principal):
dummy_request = Request.blank("/")
policy = JWTCookieAuthenticationPolicy("secret", https_only=False)
token = policy.create_token(principal)
header, cookie = policy.remember(dummy_request, token).pop()
name, value = cookie.split("=", 1)
value, _ = value.split(";", 1)
dummy_request.cookies = {name: value}
claims = policy.get_claims(dummy_request)
assert claims["sub"] == principal
def test_expired_token(principal, freezer):
dummy_request = Request.blank("/")
policy = JWTCookieAuthenticationPolicy("secret", cookie_name="auth", expiration=1)
token = policy.create_token(principal)
_, cookie = policy.remember(dummy_request, token).pop()
name, value = cookie.split("=", 1)
freezer.tick(delta=2)
value, _ = value.split(";", 1)
dummy_request.cookies = {name: value}
claims = policy.get_claims(dummy_request)
assert claims == {}
