def test_invalidate(self, monkeypatch):
session_ids = iter(["123456", "7890"])
monkeypatch.setattr(crypto, "random_token", lambda: next(session_ids))
session = Session({"foo": "bar"}, "original id", False)
assert session == {"foo": "bar"}
assert session.sid == "original id"
assert not session.new
assert not session.invalidated
session.invalidate()
assert session == {}
assert session.sid == "123456"
assert session.new
assert session.invalidated == {"original id"}
session.invalidate()
assert session == {}
assert session.sid == "7890"
assert session.new
assert session.invalidated == {"original id", "123456"}
def test_methods_call_changed(self, data, method, args):
session = Session(data)
session.changed = pretend.call_recorder(lambda: None)
getattr(session, method)(*args)
assert session.changed.calls == [pretend.call()]
def test_should_save(self):
session = Session()
assert not session.should_save()
session.changed()
assert session.should_save()
def test_invalidate_empty(self):
session = Session({"foo": "bar"})
session.invalidate()
assert session == {}
assert session.invalidated == set()
def test_changed_marks_as_changed(self):
session = Session()
assert not session._changed
session.changed()
assert session._changed
def test_get_totp_secret(self, monkeypatch):
session = Session()
session[session._totp_secret_key] = b"foobar"
assert session.get_totp_secret() == b"foobar"
def test_delete(self):
session = Session({}, "123456", False)
assert not session.deleted
session.delete()
assert session.deleted
def test_reauth_needed_no_value(self):
session = Session()
assert session.needs_reauthentication(666)
def test_get_webauthn_challenge(self):
session = Session()
session[session._webauthn_challenge_key] = "not_a_real_challenge"
assert session.get_webauthn_challenge() == "not_a_real_challenge"
def test_reauth_unneeded(self):
session = Session()
session.record_auth_timestamp()
assert not session.needs_reauthentication(666)
def test_reauth_needed(self):
session = Session()
session[session._reauth_timestamp_key] = 0
assert session.needs_reauthentication(666)
def test_reauth_record(self, pyramid_request):
session = Session()
assert not session.should_save()
session.record_auth_timestamp()
assert session.should_save()
def get(self, sid):
return Session({}, sid, False)
def new(self):
return Session({}, "123456", True)
def test_generate_flash_key(self, queue, expected):
session = Session()
assert session._get_flash_queue_key(queue) == expected
def test_clear_webauthn_challenge(self):
session = Session()
session[session._webauthn_challenge_key] = "not_a_real_challenge"
session.clear_webauthn_challenge()
assert not session[session._webauthn_challenge_key]
def test_get_csrf_token_empty(self):
session = Session()
session.new_csrf_token = pretend.call_recorder(lambda: "123456")
assert session.get_csrf_token() == "123456"
assert session.new_csrf_token.calls == [pretend.call()]
def test_password_outdated(self, stored, current, expected):
session = Session()
session.record_password_timestamp(stored)
assert session.password_outdated(current) == expected
def test_clear_totp_secret(self):
session = Session()
session[session._totp_secret_key] = b"foobar"
session.clear_totp_secret()
assert not session[session._totp_secret_key]
def test_cycle(self):
session = Session({}, "123456", False)
assert not session.cycled
session.cycle()
assert session.cycled
