def test_05_invalid_confirmation_token(self): u1 = User(username='******', password='******') u2 = User(username='******', password='******') u1.save() u2.save() token = u1.generate_confirmation_token('something_need_confirm') self.assertFalse(u2.confirm(token, 'something_need_confirm'))
def test_01_post_method(self): kwargs = self.data["kwargs"] user = self.data["user"] kwargs_fake = dict(username=self.person.username(), password=self.person.password(16)) response = self.client.post("/api/auth", data=json.dumps(kwargs_fake), content_type="application/json") self.assertEqual(response.status_code, 400) data = json.loads(response.data) self.assertEqual(data["message"]["username"], "valid username is required for authentication") response = self.client.post("/api/auth", data=json.dumps(kwargs), content_type="application/json") self.assertEqual(response.status_code, 200) data = json.loads(response.data) self.assertEqual(User.confirm("login", data["token"]).id, user.id) kwargs["password"] = self.person.password(16) response = self.client.post("/api/auth", data=json.dumps(kwargs), content_type="application/json") self.assertEqual(response.status_code, 401) data = json.loads(response.data) self.assertEqual(data["message"], "invalid username or password")
def test_03_token(self): kwargs = {"username": self.person.name(), "email": self.person.email()} key_1, key_2 = self.text.words(2) user = User(**kwargs) user.save() token_1 = user.generate_token(key_1) sleep(1) token_1_delay = user.generate_token(key_1) self.assertNotEqual(token_1, token_1_delay) token_2 = user.generate_token(key_2) self.assertEquals((User.confirm(key_1, token_1), user), (User.confirm(key_2, token_2), user)) self.assertIsNone(User.confirm(key_2, token_1)) token = user.generate_token(key_1, expiration=2) self.assertEqual(User.confirm(key_1, token), user) sleep(3) self.assertIsNone(User.confirm(key_1, token))
def test_02_refresh_token(self): kwargs = self.data["kwargs"] user = self.data["user"] token_fake = json.dumps(dict(token=json.dumps(kwargs))) response = self.client.get("/api/auth", query_string=dict(token=token_fake)) self.assertEqual(response.status_code, 401) response = self.client.post("/api/auth", data=json.dumps(kwargs), content_type="application/json") token_1 = parse_cookie( response.headers.getlist('Set-Cookie')[0])["token"] sleep(1) response = self.client.get("/api/auth", query_string=dict(token=token_1)) token_2 = parse_cookie( response.headers.getlist("Set-Cookie")[0])["token"] self.assertNotEqual(token_1, token_2) self.assertEqual(User.confirm("login", token_1).id, user.id) self.assertEqual(User.confirm("login", token_2).id, user.id)
def test_06_expired_confirmation_token(self): u = User(username='******', password='******') u.save() token = u.generate_confirmation_token('something_need_confirm', 1) time.sleep(2) self.assertFalse(u.confirm(token, 'something_need_confirm'))
def test_04_valid_confirmation_token(self): u = User(username='******', password='******') u.save() token = u.generate_confirmation_token('something_need_confirm') self.assertTrue(u.confirm(token, 'something_need_confirm'))