def test_asymmetric_backend(self, account):
""" Test jwt authentication backend with asymmetric alg"""
# Update the config settings
active_config.JWT_ALGORITHM = 'RS256'
active_config.JWT_PRIVATE_KEY = os.path.join(
base_dir, 'support/jwt_private_key.pem')
active_config.JWT_PUBLIC_KEY = os.path.join(
base_dir, 'support/jwt_public_key.pub')
# Run the login callback usecase
payload = {'account': Account.get(account.id)}
response = Tasklet.perform(Account, jwt.LoginCallbackUseCase,
LoginCallbackRequestObject, payload.copy())
assert response is not None
assert response.success is True
access_token = response.value.get('access_token')
assert access_token is not None
# Use the token for authentication
payload = {
'auth_scheme': 'Bearer',
'credentials': access_token,
}
response = Tasklet.perform(Account, jwt.AuthenticationUseCase,
jwt.AuthenticationRequestObject,
payload.copy())
assert response is not None
assert response.success is True
def test_logout_callback(self, account):
""" Test logout mechanism for the JWT Backend """
# Run the login callback usecase
payload = {'account': Account.get(account.id)}
response = Tasklet.perform(Account, jwt.LoginCallbackUseCase,
LoginCallbackRequestObject, payload.copy())
assert response is not None
assert response.success is True
access_token = response.value.get('access_token')
# Run the logout usecase
response = Tasklet.perform(Account, jwt.LogoutCallbackUseCase,
LogoutRequestObject, payload.copy())
assert response is not None
assert response.success is True
# Authentication must fail
# Use the token for authentication
payload = {
'auth_scheme': 'Bearer',
'credentials': access_token,
}
response = Tasklet.perform(Account, jwt.AuthenticationUseCase,
jwt.AuthenticationRequestObject,
payload.copy())
assert response is not None
assert response.success is False
assert response.value == {
'code': 401,
'message': {
'token': 'Invalid Token'
}
}
def account(self):
"""Setup account to use in test cases"""
account = Account.create({
'email': '*****@*****.**',
'username': '******',
'name': 'john doe',
'password': pbkdf2_sha256.hash('duMmy@123'),
'phone': '90080000800',
'roles': ['ADMIN']
})
yield account
def test_password_reset_usecase(self, account):
""" Test resetting a password using an email link """
payload = {
'email': '*****@*****.**',
}
response = Tasklet.perform(Account, SendResetPasswordEmailUsecase,
SendResetPasswordEmailRequestObject,
payload.copy())
assert response is not None
assert response.success is True
# Make sure that the verification token is set
account = Account.get(account.id)
assert account.verification_token is not None
# Make sure that the reset email was sent
assert email.outbox[-1].message() == (
"[email protected]\n"
"['*****@*****.**']\n"
"Password Reset Request\n"
f"Your reset secret token is {account.verification_token}")
# Now reset the password with this token
payload = {
'token': account.verification_token,
'data': {
'new_password': '******',
'confirm_password': '******',
}
}
response = Tasklet.perform(Account, ResetPasswordUsecase,
ResetPasswordRequestObject, payload.copy())
assert response is not None
assert response.success is True
# Make sure that the password has been updated
account = Account.get(account.id)
assert len(account.password_history) == 1
def test_backend(self, account):
""" Test jwt authentication backend """
# Run the login callback usecase
payload = {'account': Account.get(account.id)}
response = Tasklet.perform(Account, jwt.LoginCallbackUseCase,
LoginCallbackRequestObject, payload.copy())
assert response is not None
assert response.success is True
access_token = response.value.get('access_token')
assert access_token is not None
# Use the token for authentication
payload = {
'auth_scheme': 'Bearer',
'credentials': 'xxxxxxxxxxxxxxxxx',
}
response = Tasklet.perform(Account, jwt.AuthenticationUseCase,
jwt.AuthenticationRequestObject,
payload.copy())
assert response is not None
assert response.success is False
assert response.value == {
'code': 401,
'message': {
'credentials': 'Invalid JWT Token. Not enough segments'
}
}
# Try again with the correct token
payload['credentials'] = access_token
response = Tasklet.perform(Account, jwt.AuthenticationUseCase,
jwt.AuthenticationRequestObject,
payload.copy())
assert response is not None
assert response.success is True