def _validate_token(token) -> Optional[User]:
payload = decode_jwt_token(token)
if not payload or not payload.get('user_id'):
return None
refresh_token = db.session.query(RefreshToken) \
.filter_by(user_id=payload['user_id'], token=token, valid=True) \
.one_or_none()
if refresh_token is None:
return None
return refresh_token.user
def test_decode_expired_token(expired_token: str):
result = decode_jwt_token(expired_token)
assert result is None
def test_decode_valid_token(token: str):
result = decode_jwt_token(token)
assert result is not None
assert 'id' in result
assert 'roles' in result