def test_decode_access_token_success(user):
access_token = user.encode_access_token()
result = User.decode_access_token(access_token)
assert result.success
user_dict = result.value
assert user.public_id == user_dict["public_id"]
assert user.admin == user_dict["admin"]
def _check_access_token(admin_only):
token = request.headers.get("Authorization")
if not token:
raise ApiUnauthorized(description="Unauthorized",
admin_only=admin_only)
result = User.decode_access_token(token)
if result.failure:
raise ApiUnauthorized(
description=result.error,
admin_only=admin_only,
error="invalid_token",
error_description=result.error,
)
return result.value
def test_login(client, db):
register_user(client)
response = login_user(client)
assert response.status_code == HTTPStatus.OK
assert "status" in response.json and response.json["status"] == "success"
assert "message" in response.json and response.json["message"] == SUCCESS
assert "access_token" in response.json
access_token = response.json["access_token"]
result = User.decode_access_token(access_token)
assert result.success
user_dict = result.value
assert not user_dict["admin"]
user = User.find_by_public_id(user_dict["public_id"])
assert user and user.email == EMAIL
def test_auth_register(client, db):
response = register_user(client)
assert response.status_code == HTTPStatus.CREATED
assert "status" in response.json and response.json["status"] == "success"
assert "message" in response.json and response.json["message"] == SUCCESS
assert "token_type" in response.json and response.json["token_type"] == "bearer"
assert "expires_in" in response.json and response.json["expires_in"] == 5
assert "access_token" in response.json
access_token = response.json["access_token"]
result = User.decode_access_token(access_token)
assert result.success
user_dict = result.value
assert not user_dict["admin"]
user = User.find_by_public_id(user_dict["public_id"])
assert user and user.email == EMAIL
def test_decode_access_token_invalid(user):
access_token = user.encode_access_token()
split = access_token.split(b".")
payload_base64 = split[1]
pad_len = 4 - (len(payload_base64) % 4)
payload_base64 += pad_len * b"="
payload_str = urlsafe_b64decode(payload_base64)
payload = json.loads(payload_str)
assert not payload["admin"]
payload["admin"] = True
payload_mod = json.dumps(payload)
payload_mod_base64 = urlsafe_b64encode(payload_mod.encode())
split[1] = payload_mod_base64.strip(b"=")
access_token_mod = b".".join(split)
assert not access_token == access_token_mod
result = User.decode_access_token(access_token_mod)
assert not result.success
assert result.error == "Invalid token. Please log in again."
def test_decode_access_token_expired(user):
access_token = user.encode_access_token()
time.sleep(6)
result = User.decode_access_token(access_token)
assert not result.success
assert result.error == "Access token expired. Please log in again."