def test_logout_user(self): token = create_token() response = self.client.get( '/api/auth/logout', headers={'Authorization': f'Bearer {token}'}) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 200) self.assertIn('logged out', data.get('message'))
def test_decode_token_expired(self): """ Token decoder returns None when it's been tampered with. """ current_app.config['TOKEN_EXPIRATION_SECONDS'] = -1 token = create_token() payload = User.decode_auth_token(token) self.assertFalse(isinstance(payload, User)) self.assertIn('Signature expired', payload)
def test_delete_profile(self): token = create_token() response = self.client.delete( '/api/profile', headers={'Authorization': f'Bearer {token}'} ) self.assertEqual(response.status_code, 200)
def test_decode_token_invalid(self): """ Token decoder returns 'Invalid token' when it's been tampered with.""" token = create_token() payload = User.decode_auth_token(f'{token}1337') self.assertFalse(isinstance(payload, User)) self.assertIn('Invalid token', payload)
def test_decode_token(self): """ Token decoder decodes a JWT correctly. """ token = create_token() payload = User.decode_auth_token(token) user = User.find_by_id(payload.get('id')) self.assertTrue(isinstance(user, User)) self.assertEqual(user.email, '*****@*****.**')
def test_get_profile(self): token = create_token() response = self.client.get( '/api/profile', headers={'Authorization': f'Bearer {token}'} ) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 200) self.assertTrue(data.get('user') is not None) self.assertTrue(data.get('profile') is not None)
def test_check_username_does_not_exist(self): token = create_token() response = self.client.post( '/api/profile/check-username', headers={'Authorization': f'Bearer {token}'}, data=json.dumps({'username': '******'}), content_type='application/json' ) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 200) self.assertTrue(data.get('res'))
def test_get_user(self): """ GIVEN a Flask application WHEN a user requests the get_user() route (GET) THEN ensure that the response is valid. """ token = create_token() response = self.client.get( '/api/auth/user', headers={'Authorization': f'Bearer {token}'}) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 200) self.assertFalse(data.get('user') is None) self.assertFalse(data.get('profile') is None)
def test_check_username_do_exist(self): user = add_user(firstname='test', lastname='user6', username='******', email='*****@*****.**') token = create_token() response = self.client.post( '/api/profile/check-username', data=json.dumps({'username': '******'}), content_type='application/json', headers={'Authorization': f'Bearer {token}'}, ) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 200) self.assertFalse(data.get('res'))
def test_update_profile_invalid_data(self): token = create_token() response = self.client.put( '/api/profile', headers={'Authorization': f'Bearer {token}'}, data=json.dumps({ 'firstname': 'u', 'bio': 'I am the admin' }), content_type='application/json' ) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 422) self.assertFalse(data.get('error') is None)
def test_update_profile(self): token = create_token() response = self.client.put( '/api/profile', data=json.dumps({ 'firstname': 'user', 'lastname': 'admin', 'username': '******', 'bio': 'I am the admin' }), content_type='application/json', headers={'Authorization': f'Bearer {token}'} ) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 200) self.assertIn('updated your profile', data.get('message'))
def test_update_profile_username_exists(self): add_user(firstname='test', lastname='user2', username='******', email='*****@*****.**') token = create_token() response = self.client.put( '/api/profile', headers={'Authorization': f'Bearer {token}'}, data=json.dumps({ 'firstname': 'user', 'lastname': 'test', 'username': '******', 'bio': 'I am the admin' }), content_type='application/json' ) data = json.loads(response.data.decode()) self.assertEqual(response.status_code, 400) self.assertIn("already taken", data.get('message'))
def test_encode_token(self): """ Token serializer encodes a JWT correctly. """ token = create_token() self.assertEqual(token.count('.'), 2)