def test_logout_user(self):
token = create_token()
response = self.client.get(
'/api/auth/logout', headers={'Authorization': f'Bearer {token}'})
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 200)
self.assertIn('logged out', data.get('message'))
def test_decode_token_expired(self):
""" Token decoder returns None when it's been tampered with. """
current_app.config['TOKEN_EXPIRATION_SECONDS'] = -1
token = create_token()
payload = User.decode_auth_token(token)
self.assertFalse(isinstance(payload, User))
self.assertIn('Signature expired', payload)
def test_delete_profile(self):
token = create_token()
response = self.client.delete(
'/api/profile',
headers={'Authorization': f'Bearer {token}'}
)
self.assertEqual(response.status_code, 200)
def test_decode_token_invalid(self):
""" Token decoder returns 'Invalid token' when
it's been tampered with."""
token = create_token()
payload = User.decode_auth_token(f'{token}1337')
self.assertFalse(isinstance(payload, User))
self.assertIn('Invalid token', payload)
def test_decode_token(self):
""" Token decoder decodes a JWT correctly. """
token = create_token()
payload = User.decode_auth_token(token)
user = User.find_by_id(payload.get('id'))
self.assertTrue(isinstance(user, User))
self.assertEqual(user.email, '*****@*****.**')
def test_get_profile(self):
token = create_token()
response = self.client.get(
'/api/profile',
headers={'Authorization': f'Bearer {token}'}
)
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 200)
self.assertTrue(data.get('user') is not None)
self.assertTrue(data.get('profile') is not None)
def test_check_username_does_not_exist(self):
token = create_token()
response = self.client.post(
'/api/profile/check-username',
headers={'Authorization': f'Bearer {token}'},
data=json.dumps({'username': '******'}),
content_type='application/json'
)
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 200)
self.assertTrue(data.get('res'))
def test_get_user(self):
"""
GIVEN a Flask application
WHEN a user requests the get_user() route (GET)
THEN ensure that the response is valid.
"""
token = create_token()
response = self.client.get(
'/api/auth/user', headers={'Authorization': f'Bearer {token}'})
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 200)
self.assertFalse(data.get('user') is None)
self.assertFalse(data.get('profile') is None)
def test_check_username_do_exist(self):
user = add_user(firstname='test', lastname='user6',
username='******', email='*****@*****.**')
token = create_token()
response = self.client.post(
'/api/profile/check-username',
data=json.dumps({'username': '******'}),
content_type='application/json',
headers={'Authorization': f'Bearer {token}'},
)
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 200)
self.assertFalse(data.get('res'))
def test_update_profile_invalid_data(self):
token = create_token()
response = self.client.put(
'/api/profile',
headers={'Authorization': f'Bearer {token}'},
data=json.dumps({
'firstname': 'u',
'bio': 'I am the admin'
}),
content_type='application/json'
)
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 422)
self.assertFalse(data.get('error') is None)
def test_update_profile(self):
token = create_token()
response = self.client.put(
'/api/profile',
data=json.dumps({
'firstname': 'user',
'lastname': 'admin',
'username': '******',
'bio': 'I am the admin'
}),
content_type='application/json',
headers={'Authorization': f'Bearer {token}'}
)
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 200)
self.assertIn('updated your profile', data.get('message'))
def test_update_profile_username_exists(self):
add_user(firstname='test', lastname='user2',
username='******', email='*****@*****.**')
token = create_token()
response = self.client.put(
'/api/profile',
headers={'Authorization': f'Bearer {token}'},
data=json.dumps({
'firstname': 'user',
'lastname': 'test',
'username': '******',
'bio': 'I am the admin'
}),
content_type='application/json'
)
data = json.loads(response.data.decode())
self.assertEqual(response.status_code, 400)
self.assertIn("already taken", data.get('message'))
def test_encode_token(self):
""" Token serializer encodes a JWT correctly. """
token = create_token()
self.assertEqual(token.count('.'), 2)