def test_dumps_loads(self): "dumps and loads be reversible for any JSON serializable object" objects = [ ['a', 'list'], 'a unicode string \u2019', {'a': 'dictionary'}, ] if six.PY2: objects.append(b'a byte string') for o in objects: self.assertNotEqual(o, signing.dumps(o)) self.assertEqual(o, signing.loads(signing.dumps(o))) self.assertNotEqual(o, signing.dumps(o, compress=True)) self.assertEqual(o, signing.loads(signing.dumps(o, compress=True)))
def test_dumps_loads(self): """dumps and loads be reversible for any JSON serializable object""" objects = [ ['a', 'list'], 'a unicode string \u2019', { 'a': 'dictionary' }, ] for o in objects: self.assertNotEqual(o, signing.dumps(o)) self.assertEqual(o, signing.loads(signing.dumps(o))) self.assertNotEqual(o, signing.dumps(o, compress=True)) self.assertEqual(o, signing.loads(signing.dumps(o, compress=True)))
def test_decode_detects_tampering(self): """loads should raise exception for tampered objects""" transforms = ( lambda s: s.upper(), lambda s: s + 'a', lambda s: 'a' + s[1:], lambda s: s.replace(':', ''), ) value = { 'foo': 'bar', 'baz': 1, } encoded = signing.dumps(value) self.assertEqual(value, signing.loads(encoded)) for transform in transforms: with self.assertRaises(signing.BadSignature): signing.loads(transform(encoded))
def test_decode_detects_tampering(self): """loads should raise exception for tampered objects""" transforms = ( lambda s: s.upper(), lambda s: s + 'a', lambda s: 'a' + s[1:], lambda s: s.replace(':', ''), ) value = { 'foo': 'bar', 'baz': 1, } encoded = signing.dumps(value) self.assertEqual(value, signing.loads(encoded)) for transform in transforms: with self.assertRaises(signing.BadSignature): signing.loads(transform(encoded))
def get_by_sign(self, token: str): if token is None: return None encoded_sign = token.encode('utf-8') try: decoded: dict = jwt.decode(encoded_sign, settings.SECRET_KEY, 'HS256') sign = decoded.get('sign', None) user_id = signing.loads(sign) if user_id: user = self.get(pk=user_id) return user except jwt.ExpiredSignatureError: return None # Signature expired. Please log in again. except jwt.InvalidTokenError: return None # Invalid token. Please log in again. except self.model.DoesNotExist: return None # User does not exist