Example #1
0
def test_principal():
    __configuration__ = '''
    jwt:
      secret: JWT-SECRET
      algorithm: HS256
      max_age: 86400  # 24 Hours
      refresh_token:
        secret: JWT-REFRESH-SECRET
        algorithm: HS256
        max_age: 2678400  # 30 Days
    '''
    configure(force=True)
    settings.merge(__configuration__)

    principal = JwtPrincipal(
        dict(email='*****@*****.**', id=1, sessionId=1, roles=['admin']))

    assert principal.email == '*****@*****.**'
    assert principal.id == 1
    assert principal.session_id == 1
    assert principal.roles == ['admin']
    assert principal.is_in_roles('admin') is True
    assert principal.is_in_roles('admin', 'god') is True

    encoded = principal.dump()

    principal = JwtPrincipal.load(encoded.decode())
    assert principal.email == '*****@*****.**'
    assert principal.id == 1
    assert principal.session_id == 1
    assert principal.roles == ['admin']
    assert principal.is_in_roles('admin') is True
    assert principal.is_in_roles('admin', 'god') is True

    principal = JwtPrincipal.load(encoded.decode(), force=True)
    assert principal.email == '*****@*****.**'
    assert principal.id == 1
    assert principal.session_id == 1
    assert principal.roles == ['admin']
    assert principal.is_in_roles('admin') is True
    assert principal.is_in_roles('admin', 'god') is True

    principal =\
        JwtPrincipal.load((b'Bearer %s' % encoded).decode(), force=True)
    assert principal.email == '*****@*****.**'
    assert principal.id == 1
    assert principal.session_id == 1
    assert principal.roles == ['admin']
    assert principal.is_in_roles('admin') is True
    assert principal.is_in_roles('admin', 'god') is True
Example #2
0
    def test_login(self):
        call = dict(
            title='Login',
            description='Login to system as god',
            url='/apiv1/members',
            verb='LOGIN',
            form={
                'email': '*****@*****.**',
                'password': '******',
            }
        )
        with self.given(**call):
            then(response.status_code == 200)
            and_('token' in response.json)
            principal = JwtPrincipal.load(response.json['token'])
            and_('sessionId' in principal.payload)

            when(
                'Trying to login with invalid email and_ password',
                form={
                    'email': '*****@*****.**',
                    'password': '******',
                }
            )
            then(response.status_code == 400)

            when(
                'Trying to login with invalid password',
                form={
                    'email': '*****@*****.**',
                    'password': '******',
                }
            )
            then(response.status_code == 400)
Example #3
0
    def test_principal(self):
        principal = JwtPrincipal(
            dict(email='*****@*****.**', id=1, sessionId=1, roles=['admin']))

        self.assertEqual(principal.email, '*****@*****.**')
        self.assertEqual(principal.id, 1)
        self.assertEqual(principal.session_id, 1)
        self.assertEqual(principal.roles, ['admin'])
        self.assertTrue(principal.is_in_roles('admin'))
        self.assertTrue(principal.is_in_roles('admin', 'god'))

        encoded = principal.dump()

        principal = JwtPrincipal.load(encoded.decode())
        self.assertEqual(principal.email, '*****@*****.**')
        self.assertEqual(principal.id, 1)
        self.assertEqual(principal.session_id, 1)
        self.assertEqual(principal.roles, ['admin'])
        self.assertTrue(principal.is_in_roles('admin'))
        self.assertTrue(principal.is_in_roles('admin', 'god'))

        principal = JwtPrincipal.load(encoded.decode(), force=True)
        self.assertEqual(principal.email, '*****@*****.**')
        self.assertEqual(principal.id, 1)
        self.assertEqual(principal.session_id, 1)
        self.assertEqual(principal.roles, ['admin'])
        self.assertTrue(principal.is_in_roles('admin'))
        self.assertTrue(principal.is_in_roles('admin', 'god'))

        principal = JwtPrincipal.load((b'Bearer %s' % encoded).decode(),
                                      force=True)
        self.assertEqual(principal.email, '*****@*****.**')
        self.assertEqual(principal.id, 1)
        self.assertEqual(principal.session_id, 1)
        self.assertEqual(principal.roles, ['admin'])
        self.assertTrue(principal.is_in_roles('admin'))
        self.assertTrue(principal.is_in_roles('admin', 'god'))
Example #4
0
    async def test_websocket(self, websocket_session, asyncpg):
        self.login('*****@*****.**')

        async with websocket_session(token=self._authentication_token) as ws:
            token = JwtPrincipal.load(self._authentication_token)
            member_id = self.member.id
            session_id = token.session_id.encode()

            member_sessions = await sessions.get_sessions(member_id)
            assert len(member_sessions) == 1
            assert member_sessions == {
                session_id: b'jaguar_websocket_server_1'
            }
            await ws.send_str('close')
            assert await ws.receive_str() == 'closing'

            active_sessions = await sessions.get_sessions(member_id)
            assert len(active_sessions) == 0
 def verify_token(self, encoded_token):
     return JwtPrincipal.load(encoded_token)