def test_token_with_timestamp(self): with override_settings(SESAME_MAX_AGE=300): token = create_token(self.user) self.assertFalse(detect_token(token)) user = parse_token(token, self.get_user) self.assertIsNone(user) self.assertLogsContain("Valid signature but unexpected token")
def test_unknown_user(self): token = create_token(self.user) self.user.delete() self.assertTrue(detect_token(token)) user = parse_token(token, self.get_user) self.assertIsNone(user) self.assertLogsContain("Unknown or inactive user")
def test_extended_max_age_token(self): token = create_token(self.user) with override_settings(SESAME_MAX_AGE=300): self.assertTrue(detect_token(token)) user = parse_token(token, self.get_user) self.assertEqual(user, self.user) self.assertLogsContain("Valid token for user john")
def test_random_token(self): token = "!@#$%" * 11 self.assertEqual(len(token), len(create_token(self.user))) self.assertFalse(detect_token(token)) user = parse_token(token, self.get_user) self.assertIsNone(user) self.assertLogsContain("Bad token")
def test_invalid_signature(self): token = create_token(self.user) # Alter signature, which is is in bytes 28 - 55 token = token[:28] + token[28:].lower() self.assertTrue(detect_token(token)) user = parse_token(token, self.get_user) self.assertIsNone(user) self.assertLogsContain("Bad token")
def test_expired_max_age_token(self): token = create_token(self.user) self.assertTrue(detect_token(token)) user = parse_token(token, self.get_user) self.assertIsNone(user) self.assertLogsContain("Expired token")
def test_valid_max_age_token(self): token = create_token(self.user) self.assertTrue(detect_token(token)) user = parse_token(token, self.get_user) self.assertEqual(user, self.user) self.assertLogsContain("Valid token for user john")
def test_custom_packer_is_used(self): user = self.create_user(username="******") token = create_token(user) # base64.b64encode(bytes.fromhex(username)).decode() == "q83vASNFq83vVniQ" self.assertEqual(token[:16], "q83vASNFq83vVniQ") self.assertTrue(detect_token(token))
def test_create_token_use_first_choice(self): token = create_token(self.user) self.assertTrue(tokens_v1.detect_token(token)) self.assertFalse(tokens_v2.detect_token(token))
def test_create_token_force_v1(self): token = create_token(self.user) self.assertTrue(tokens_v1.detect_token(token)) self.assertFalse(tokens_v2.detect_token(token))