Exemple #1
0
 def test_look_up_nonexistent_sessions(self):
   for user in self.users:
     token = generate_user_auth_token(user, 'password hash')
     auth_token = lookup_user_auth_token('*****@*****.**',
                                         'password hash')
     self.assertEqual(None, auth_token)
     auth_token = lookup_user_auth_token(user, 'some other password hash')
     self.assertEqual(None, auth_token)
Exemple #2
0
  def test_purge_expired_tokens(self):
    """ Generate tokens with current time as expiration date/time.
    That is, tokens are expired as soon as they are generated.

    """
    for user in self.users:
      token = generate_user_auth_token(user,
                                       'password hash',
                                       timeout=0)
      auth_token = lookup_user_auth_token(user, token)
      self.assertEqual(None, auth_token)

    # As expired tokens are purged from the DB just before
    # they are generated, the above should leave us with one
    # expired token in the DB
    query = Session.gql("WHERE expire_date <= :1", api.utcnow())
    expired_tokens = query.count()
    self.assertEqual(1, expired_tokens)

    # Generate another token to trigger cache purging which
    # should leave us with no expired sessions in the DB (as
    # this token is generated with a future expiration date.)
    token = generate_user_auth_token('fake user', 'password hash')

    query = Session.gql("WHERE expire_date <= :1", api.utcnow())
    expired_tokens = query.count()
    self.assertEqual(0, expired_tokens)
Exemple #3
0
 def test_sessions_should_be_cached(self):
   for user in self.users:
     token = generate_user_auth_token(user, 'password hash')
     auth_token = lookup_user_auth_token(user, token)
     self.assertEqual('password hash', auth_token)