def test(self):
user1 = User.objects.create_user(username='******', password='******')
user2 = User.objects.create_user(username='******', password='******')
token1 = token_generator.make(user1)
token2 = token_generator.make(user2)
self.assertTrue(token_generator.check(user1, token1))
self.assertTrue(token_generator.check(user2, token2))
self.assertFalse(token_generator.check(user1, token2))
self.assertFalse(token_generator.check(user2, token1))
def test_long_base_36_check(self):
user1 = User.objects.create_user(username='******', password='******')
token1 = token_generator.make(user1)
pk, ts_b36, hash = token1.split('-')
token1 = "{0}-{1}{2}{3}-{4}".format(pk, ts_b36, ts_b36, ts_b36, hash)
self.assertFalse(token_generator.check(user1, token1))
def test_password_change(self):
user1 = User.objects.create_user(username='******', password='******')
token1 = token_generator.make(user1)
self.assertTrue(token_generator.check(user1, token1))
user1.set_password('new')
self.assertFalse(token_generator.check(user1, token1))
def test_timeout(self):
user1 = User.objects.create_user(username='******', password='******')
token1 = token_generator.make(user1)
self.assertTrue(token_generator.check(user1, token1))
time.sleep(3)
self.assertFalse(token_generator.check(user1, token1))
def post(self, request):
username = request.data.get('username')
password = request.data.get('password')
if username and password:
user = authenticate(username=username, password=password)
if user:
login(request, user)
token = token_generator.make(user)
data = self.get(request)
data['token'] = token
return data
return self.render(request, {'message': 'Invalid credentials'},
status=codes.unauthorized)
def post(self, request):
username = request.data.get('username')
password = request.data.get('password')
if username and password:
user = authenticate(username=username, password=password)
if user:
login(request, user)
token = token_generator.make(user)
data = self.get(request)
data['token'] = token
return data
return self.render(request, {'message': 'Invalid credentials'},
status=codes.unauthorized)
def test_resource(self):
user = User.objects.create_user(username='******', password='******')
resp = self.client.get(reverse('serrano:root'),
HTTP_ACCEPT='application/json')
self.assertEqual(resp.status_code, 401)
self.assertTrue(self.client.login(username='******', password='******'))
resp = self.client.get(reverse('serrano:root'),
HTTP_ACCEPT='application/json')
self.assertEqual(resp.status_code, 200)
self.client.logout()
resp = self.client.get(reverse('serrano:root'),
HTTP_ACCEPT='application/json')
self.assertEqual(resp.status_code, 401)
token = token_generator.make(user)
resp = self.client.get(reverse('serrano:root'), {'token': token},
HTTP_ACCEPT='application/json')
self.assertEqual(resp.status_code, 200)
def test(self):
user = User.objects.create_user(username='******', password='******')
token = token_generator.make(user)
self.assertEqual(user, authenticate(token=token))
def test_unsplitable_token_check(self):
user1 = User.objects.create_user(username='******', password='******')
token1 = token_generator.make(user1)
token1 = token1.replace('-', '')
self.assertFalse(token_generator.check(user1, token1))