def decode_auth_token(auth_token, token_type='Auth'):
"""
Validates the auth token
:param auth_token:
:return: integer|string
"""
try:
payload = jwt.decode(auth_token,
current_app.config['SECRET_KEY'],
algorithms='HS256',
options={
'verify_exp':
current_app.config['VERIFY_JWT_EXPIRY']
})
is_blacklisted_token = BlacklistToken.check_blacklist(auth_token)
if is_blacklisted_token:
return 'Token blacklisted. Please log in again.'
else:
return bytes(payload, 'utf-8') if isinstance(payload,
str) else payload
except jwt.ExpiredSignatureError:
return '{} Token Signature expired.'.format(token_type)
except jwt.InvalidTokenError:
return 'Invalid {} Token.'.format(token_type)
def test_logout_api(test_client, authed_sempo_admin_user):
"""
GIVEN a Flask application
WHEN the '/api/auth/logout/' api is posted to (POST)
THEN check response is 200 and auth_token is added to blacklist
"""
from server.models.blacklist_token import BlacklistToken
authed_sempo_admin_user.is_activated = True
auth_token = authed_sempo_admin_user.encode_auth_token().decode()
response = test_client.post('/api/v1/auth/logout/',
headers=dict(Authorization=auth_token, Accept='application/json'),
content_type='application/json', follow_redirects=True)
assert response.status_code == 200
assert BlacklistToken.check_blacklist(auth_token) is True
@pytest.mark.parametrize("email, tier, status_code", [
("*****@*****.**","admin",201),
("*****@*****.**","admin", 403),
])
def test_add_user_to_whitelist(test_client, authed_sempo_admin_user, email, tier, status_code):
"""
GIVEN a Flask application
WHEN the '/api/auth/permissions/' api is posted to (POST)
THEN check the response
"""
auth_token = authed_sempo_admin_user.encode_auth_token().decode()
register_response = test_client.post('/api/v1/auth/permissions/',
headers=dict(Authorization=auth_token, Accept='application/json'),
data=json.dumps(dict(email=email, tier=tier)),
content_type='application/json', follow_redirects=True)
assert register_response.status_code == status_code
def test_logout_api(test_client, authed_sempo_admin_user):
"""
GIVEN a Flask application
WHEN the '/api/auth/logout/' api is posted to (POST)
THEN check response is 200 and auth_token is added to blacklist
"""
from server.models.blacklist_token import BlacklistToken
authed_sempo_admin_user.is_activated = True
auth_token = authed_sempo_admin_user.encode_auth_token().decode()
response = test_client.post('/api/v1/auth/logout/',
headers=dict(Authorization=auth_token, Accept='application/json'),
content_type='application/json', follow_redirects=True)
assert response.status_code == 200
assert BlacklistToken.check_blacklist(auth_token) is True
def decode_auth_token(auth_token, token_type='Auth'):
"""
Validates the auth token
:param auth_token:
:return: integer|string
"""
try:
payload = jwt.decode(auth_token, current_app.config.get(
'SECRET_KEY'), algorithms='HS256')
is_blacklisted_token = BlacklistToken.check_blacklist(auth_token)
if is_blacklisted_token:
return 'Token blacklisted. Please log in again.'
else:
return payload
except jwt.ExpiredSignatureError:
return '{} Token Signature expired.'.format(token_type)
except jwt.InvalidTokenError:
return 'Invalid {} Token.'.format(token_type)