def test_deserialize_token_tampered(self, token):
"""
User.deserialize_token returns None if a token has been tampered with
"""
tampered_token = 'hacked!!{0}'.format(token)
user = User.deserialize_token(tampered_token)
assert user is None
def activate_account(self, activation_token):
user = User.deserialize_token(activation_token)
if user is None:
err = 'Your activation token has expired or was tampered with.'
return {'error': err}, 400
user.active = True
user.save()
response = {
'data': {
'activated': True,
'message': 'Your account has been activated.'
}
}
headers = {'Location': url_for('AuthView:post')}
return response, 200, headers
def test_deserialize_token(self, token):
"""User.deserialize_token de-serializes a JWS correctly"""
user = User.deserialize_token(token)
assert user.email == '*****@*****.**'