def test_valid_blacklisted_token_logout(self):
"""Test for logout after a valid token gets blacklisted."""
with self.client:
# user registration
resp_register = register_account(self, '*****@*****.**', '123456')
assert resp_register.content_type == 'application/json'
assert resp_register.status_code == 201
data_register = json.loads(resp_register.data.decode())
assert data_register['status'] == 'success'
assert data_register['message'] == 'Successfully registered.'
assert data_register['auth_token']
# user login
resp_login = login_account(self, '*****@*****.**', '123456')
assert resp_login.content_type == 'application/json'
assert resp_login.status_code == 200
data_login = json.loads(resp_login.data.decode())
assert data_login['status'] == 'success'
assert data_login['message'] == 'Successfully logged in.'
assert data_login['auth_token']
# blacklist a valid token
blacklist_token = BlacklistToken(
token=json.loads(resp_login.data.decode())['auth_token'])
blacklist_token.save()
response = logout_account(self, resp_login)
data = json.loads(response.data.decode())
assert response.status_code == 401
assert data['status'] == 'fail'
assert data['message'] == 'Token blacklisted. Please log in again.'
def test_invalid_logout(self):
with self.client:
# user registration
resp_register = register_account(self, '*****@*****.**', '123456')
assert resp_register.content_type == 'application/json'
assert resp_register.status_code == 201
data_register = json.loads(resp_register.data.decode())
assert data_register['status'] == 'success'
assert data_register['message'] == 'Successfully registered.'
assert data_register['auth_token']
# user login
resp_login = login_account(self, '*****@*****.**', '123456')
assert resp_login.content_type == 'application/json'
assert resp_login.status_code == 200
data_login = json.loads(resp_login.data.decode())
assert data_login['status'] == 'success'
assert data_login['message'] == 'Successfully logged in.'
assert data_login['auth_token']
# invalid token logout
time.sleep(6)
response = logout_account(self, resp_login)
assert response.status_code == 401
data = json.loads(response.data.decode())
assert data['status'] == 'fail'
assert data['message'] == 'Signature expired. Please log in again.'
def test_valid_logout(self):
"""Test for logout before token expires."""
with self.client:
# user registration
resp_register = register_account(self, '*****@*****.**', '123456')
assert resp_register.content_type == 'application/json'
assert resp_register.status_code == 201
data_register = json.loads(resp_register.data.decode())
assert data_register['status'] == 'success'
assert data_register['message'] == 'Successfully registered.'
assert data_register['auth_token']
# user login
resp_login = login_account(self, '*****@*****.**', '123456')
assert resp_login.content_type == 'application/json'
assert resp_login.status_code == 200
data_login = json.loads(resp_login.data.decode())
assert data_login['status'] == 'success'
assert data_login['message'] == 'Successfully logged in.'
assert data_login['auth_token']
# valid logout
response = logout_account(self, resp_login)
assert response.status_code == 200
data = json.loads(response.data.decode())
assert data['status'] == 'success'
assert data['message'] == 'Successfully logged out.'
def test_registration(self):
"""Test for account registration."""
with self.client:
response = register_account(self, '*****@*****.**', '123456')
assert response.content_type == 'application/json'
assert response.status_code == 201
data = json.loads(response.data.decode())
assert data['status'] == 'success'
assert data['message'] == 'Successfully registered.'
assert data['auth_token']
def test_valid_blacklisted_token(self):
"""Test for user status with a blacklisted token."""
with self.client:
resp_register = register_account(self, '*****@*****.**', '123456')
blacklist_token = BlacklistToken(
token=json.loads(resp_register.data.decode())['auth_token'])
blacklist_token.save()
response = account_status(self, resp_register)
data = json.loads(response.data.decode())
assert response.status_code == 401
assert data['status'] == 'fail'
assert data['message'] == 'Token blacklisted. Please log in again.'
def test_account_status(self):
with self.client:
resp_register = register_account(self, "*****@*****.**",
"password")
response = account_status(self, resp_register)
assert response.status_code == 200
data = json.loads(response.data.decode())
assert data['status'] == 'success'
assert data['data'] is not None
assert data['data']['email'] == '*****@*****.**'
# must be True or False by identity
assert any(data['data']['admin'] is x for x in [True, False])
def test_account_status_malformed_bearer_token(self):
"""Test for user status with malformed bearer token."""
with self.client:
resp_register = register_account(self, '*****@*****.**', '123456')
response = self.client.get(
'/auth/status',
headers=dict( # note lack of space after "Bearer"
Authorization='Bearer' +
json.loads(resp_register.data.decode())['auth_token']))
data = json.loads(response.data.decode())
assert response.status_code == 401
assert data['status'] == 'fail'
assert data['message'] == 'Bearer token malformed.'
def test_register_with_already_registered_account(self):
"""Test registration with already registered email."""
account = Account(
email='*****@*****.**',
password='******'
)
account.save()
with self.client:
response = register_account(self, '*****@*****.**', '123456')
assert response.content_type == 'application/json'
assert response.status_code == 202
data = json.loads(response.data.decode())
assert data['status'] == 'fail'
assert data['message'] == 'User already exists. Please log in.'
def test_correct_email_incorrect_password(self):
with self.client:
resp_register = register_account(self, '*****@*****.**', '123456')
assert resp_register.content_type == 'application/json'
assert resp_register.status_code == 201
data_register = json.loads(resp_register.data.decode())
assert data_register['status'] == 'success'
assert data_register['message'] == 'Successfully registered.'
assert data_register['auth_token']
response = login_account(self, '*****@*****.**', 'wrong_password')
assert response.content_type == 'application/json'
assert response.status_code == 401
data = json.loads(response.data.decode())
assert data['status'] == 'fail'
assert data['message'] == 'Password is incorrect.'
def test_registered_account_login(self):
"""Test for login of registered-account login."""
with self.client:
# user registration
resp_register = register_account(self, '*****@*****.**', '123456')
assert resp_register.content_type == 'application/json'
assert resp_register.status_code == 201
data_register = json.loads(resp_register.data.decode())
assert data_register['status'] == 'success'
assert data_register['message'] == 'Successfully registered.'
assert data_register['auth_token']
# registered user login
response = login_account(self, '*****@*****.**', '123456')
assert response.content_type == 'application/json'
assert response.status_code == 200
data = json.loads(response.data.decode())
assert data['status'] == 'success'
assert data['message'] == 'Successfully logged in.'
assert data['auth_token']