def test_encode_auth_token(self):
user = User(
email='*****@*****.**',
password='******',
name='joe'
)
db.session.add(user)
db.session.commit()
auth_token = user.encode_auth_token(user.id)
self.assertIsInstance(auth_token, bytes)
def setUp(self):
super(TestUserResource, self).setUp()
user = User(email='*****@*****.**',
password='******',
name='joe',
joined_on=date(2017, 1, 1))
db.session.add(user)
db.session.commit()
self.user = user
self.token = user.encode_auth_token(user.id).decode()
def setUp(self):
super(TestEntryResource, self).setUp()
user = User(email='*****@*****.**', password='******', name='joe')
user2 = User(email='*****@*****.**', password='******', name='moe')
db.session.add(user)
db.session.add(user2)
db.session.commit()
self.user = user
self.user2 = user2
self.auth_token = user.encode_auth_token(user.id).decode()
def test_auth_token_data(self):
user = User(
email='*****@*****.**',
password='******',
name='joe',
joined_on=date(2017, 1, 1)
)
db.session.add(user)
db.session.commit()
auth_token = user.encode_auth_token(user.id)
self.assertIsInstance(auth_token, bytes)
data = jwt.decode(auth_token, 'test_secret_key')
self.assertEqual(data['id'], user.id)
self.assertEqual(data['email'], user.email)
self.assertNotIn('password', data)
self.assertEqual(data['joined_on'], '2017-01-01')
self.assertEqual(data['name'], 'joe')
def test_logout_blacklist_token(self):
''' Test that logging out blacklists current token '''
user = User(email='*****@*****.**', password='******', name='joe')
db.session.add(user)
db.session.commit()
auth_token = user.encode_auth_token(user.id).decode()
response = self.client.post(
'/logout', headers={'Authorization': 'Bearer ' + auth_token})
data = json.loads(response.data.decode())
self.assertEqual(data['status'], 'success')
self.assertEqual(data['message'], 'Successfully logged out')
self.assertEqual(response.content_type, 'application/json')
self.assertEqual(response.status_code, 200)
blacklist = BlacklistToken.query.filter_by(token=auth_token).first()
self.assertTrue(blacklist is not None)
def test_joined_on(self):
user = User(
email='*****@*****.**',
password='******',
name='joe',
joined_on=date(2017, 1, 1)
)
db.session.add(user)
db.session.commit()
self.assertEqual(user.joined_on, date(2017, 1, 1))
def test_expired_token_rejection(self):
''' Test that using an expired token gives correct error '''
with freeze_time(datetime.utcnow()) as frozen_datetime:
user = User(email='*****@*****.**', password='******', name='joe')
db.session.add(user)
db.session.commit()
auth_token = user.encode_auth_token(user.id).decode()
# Jump time to just after token has expired
td = timedelta(days=1, seconds=1)
frozen_datetime.move_to(datetime.utcnow() + td)
response = self.client.get(
'/user', headers={'Authorization': 'Bearer ' + auth_token})
data = json.loads(response.data.decode())
self.assertEqual(data['status'], 'error')
self.assertEqual(data['error'],
'Signature expired. Please log in again.')
self.assertEqual(response.content_type, 'application/json')
self.assertEqual(response.status_code, 401)
def test_blacklist_token_rejection(self):
''' Test that blacklisted auth tokens are rejected '''
# Create user / auth_token
user = User(email='*****@*****.**', password='******', name='joe')
db.session.add(user)
db.session.commit()
auth_token = user.encode_auth_token(user.id).decode()
# Blacklist auth_token
blacklist_token = BlacklistToken(token=auth_token)
db.session.add(blacklist_token)
db.session.commit()
# Check to make sure that the blacklisted token cannot be used
response = self.client.get(
'/user', headers={'Authorization': 'Bearer ' + auth_token})
data = json.loads(response.data.decode())
self.assertEqual(data['status'], 'error')
self.assertEqual(data['error'],
'Token blacklisted. Please log in again.')
self.assertEqual(response.content_type, 'application/json')
self.assertEqual(response.status_code, 401)
def test_registered_with_already_registered_user(self):
''' Test registration with already registered email'''
user = User(email='*****@*****.**', password='******', name='joe')
db.session.add(user)
db.session.commit()
response = self.client.post('/register',
data=json.dumps(
dict(email='*****@*****.**',
password='******',
name='moe')),
content_type='application/json')
data = json.loads(response.data.decode())
self.assertEqual(data['status'], 'error')
self.assertEqual(data['error'], 'User already exists.')
self.assertEqual(response.content_type, 'application/json')
self.assertEqual(response.status_code, 400)