async def test_app_no_token_subject():
""" raise an error if no subject is specified in login token """
from datetime import timedelta
from fastapi import HTTPException
from fastapi_permissions.example import (
create_access_token,
get_current_user,
)
token = create_access_token(data={}, expires_delta=timedelta(minutes=5))
with pytest.raises(HTTPException):
await get_current_user(token)
async def test_app_modified_token():
""" raise an error if login token was modified """
from datetime import timedelta
from fastapi import HTTPException
from fastapi_permissions.example import (
create_access_token,
get_current_user,
)
token = create_access_token(data={}, expires_delta=timedelta(minutes=5))
with pytest.raises(HTTPException):
await get_current_user(token[:-1])
async def test_app_token_with_fake_user():
""" raise an error if an invalid subject is specified in login token """
from datetime import timedelta
from fastapi import HTTPException
from fastapi_permissions.example import (
get_current_user,
create_access_token,
)
token = create_access_token(data={"sub": "unknown"},
expires_delta=timedelta(minutes=5))
with pytest.raises(HTTPException):
await get_current_user(token)
