def test_detokenize_with_expired_token_fails(self):
"""Test token decoding with no token"""
with pytest.raises(CustomError) as e_info:
token = Encryption.tokenize(USER_DATA,
subject='Testing',
minutes=-10)
Encryption.detokenize(token)
def patch(self):
"""patch request to reset the user's password"""
# instantiate the user schema
user_schema = UserSchema()
# get the verification_token from the request params
reset_token = request.args.get('token')
# get the request data in json format
request_json = request.get_json()
# check if the token is valid
# serialize the request data and
# look for the token in the database
Encryption.detokenize(reset_token)
user_details = user_schema.load_into_schema(request_json, partial=True)
found_token = User.query_(password_reset=reset_token).first()
# throw an error if not found
if not found_token:
return {
'status': 'error',
'message': MESSAGES['RESET_LINK_RESEND']
}, 404
else:
# set the password reset column to none
user_details['password_reset'] = None
# hash the new password and update the password
user_details['password'] = Encryption.hash(
user_details['password'])
found_token.update_(**user_details)
return {
'status':
'success',
'message':
MESSAGES['PROCEED_TO_LOGIN'].format(
'Your password has been changed')
}, 200
def test_generate_link_for_password_reset_succeeds(self):
"""Test the generate link method"""
data = {'email': USER_DATA['email']}
actual_behaviour = generate_link(Request, data, type='password_reset')
decoded_token = Encryption.detokenize(actual_behaviour[1])
assert isinstance(actual_behaviour, tuple)
assert len(actual_behaviour) == 2
assert decoded_token['sub'] == 'password_reset'
def test_detokenize_succeeds(self):
"""Test token decoding"""
token = Encryption.tokenize(USER_DATA, subject='Testing', minutes=10)
decoded_token = Encryption.detokenize(token)
assert decoded_token['data'] == DECODED_TOKEN['data']
assert decoded_token['aud'] == DECODED_TOKEN['aud']
assert decoded_token['iss'] == DECODED_TOKEN['iss']
assert decoded_token['sub'] == DECODED_TOKEN['sub']
def get(self):
"""Get request to verify the user's emails"""
# get the verification_token from the request params
verification_token = request.args.get('token')
# check if the token is valid and look for the token in the database
Encryption.detokenize(verification_token)
found_token = User.query_(token=verification_token).first()
# throw an error if not found else update and return a success message
if not found_token:
return {'status': 'error', 'message': MESSAGES['VERIFIED']}, 409
else:
found_token.update_(token=None, verified=True)
return {
'status':
'success',
'message':
MESSAGES['PROCEED_TO_LOGIN'].format(
'Your account has been successfully verified'),
}, 200
def test_detokenize_with_no_token_fails(self):
"""Test token decoding with no token"""
with pytest.raises(CustomError) as e_info:
Encryption.detokenize(None)