def test_decode_item_token(self): item = Item(name='Test') db.session.add(item) db.session.commit() token = item.generate_item_token('Tester') self.assertTrue(isinstance(token, bytes)) self.assertFalse(Item.decode_item_token(token) == None, None)
def receive_object(): #extract request data or none data = request.get_json() or {} #check if required fields exist (auth_token, and item_token) if 'auth_token' not in data or 'item_token' not in data: return bad_request('Auth token and item token must be included') #authorise user from token user = User.check_auth_token(data['auth_token']) #check if user is authorised and is ssame as item's recipient if not user: return error_response(401, 'User not authorised.') #get required item recipient, item = Item.decode_item_token(data['item_token']) #check if item and recipient were found if item and recipient: #if user is same as item's recipient if recipient is user: item.owner = user db.session.commit() #create response response = jsonify( {'message': "Object was succesfully transfered."}) response.status_code = 200 return response else: return error_response(403, 'Resource is forbidden.') else: return error_response(404, 'Item not found.')