def test_auth_token(self): # Save the orginal timeout setting orig_ttl = float(app.config['TOKEN_AUTH_TTL_HOURS']) self.load_example_data() # Set the timeout to something else new_ttl = 4.0 app.config['TOKEN_AUTH_TTL_HOURS'] = new_ttl user_1 = UserModel(uid="dhf8r") expected_exp_1 = timegm( (datetime.utcnow() + timedelta(hours=new_ttl)).utctimetuple()) auth_token_1 = user_1.encode_auth_token() self.assertTrue(isinstance(auth_token_1, bytes)) self.assertEqual("dhf8r", user_1.decode_auth_token(auth_token_1).get("sub")) actual_exp_1 = user_1.decode_auth_token(auth_token_1).get("exp") self.assertTrue( expected_exp_1 - 1000 <= actual_exp_1 <= expected_exp_1 + 1000) # Set the timeout to something else neg_ttl = -0.01 app.config['TOKEN_AUTH_TTL_HOURS'] = neg_ttl user_2 = UserModel(uid="dhf8r") expected_exp_2 = timegm( (datetime.utcnow() + timedelta(hours=neg_ttl)).utctimetuple()) auth_token_2 = user_2.encode_auth_token() self.assertTrue(isinstance(auth_token_2, bytes)) with self.assertRaises(ApiError) as api_error: with self.assertRaises(jwt.exceptions.ExpiredSignatureError): user_2.decode_auth_token(auth_token_2) self.assertEqual(api_error.exception.status_code, 400, 'Should raise an API Error if token is expired') # Set the timeout back to where it was app.config['TOKEN_AUTH_TTL_HOURS'] = orig_ttl user_3 = UserModel(uid="dhf8r") expected_exp_3 = timegm( (datetime.utcnow() + timedelta(hours=new_ttl)).utctimetuple()) auth_token_3 = user_3.encode_auth_token() self.assertTrue(isinstance(auth_token_3, bytes)) actual_exp_3 = user_3.decode_auth_token(auth_token_1).get("exp") self.assertTrue( expected_exp_3 - 1000 <= actual_exp_3 <= expected_exp_3 + 1000)
def test_auth_token(self): # Save the orginal timeout setting orig_ttl = float(app.config['TOKEN_AUTH_TTL_HOURS']) self.load_example_data() # Set the timeout to something else new_ttl = 4.0 app.config['TOKEN_AUTH_TTL_HOURS'] = new_ttl user_1 = UserModel(uid="dhf8r") expected_exp_1 = timegm( (datetime.utcnow() + timedelta(hours=new_ttl)).utctimetuple()) auth_token_1 = user_1.encode_auth_token() self.assertTrue(isinstance(auth_token_1, str)) self.assertEqual("dhf8r", user_1.decode_auth_token(auth_token_1).get("sub"))