async def test_secret_key(app): auth = NativeAuthenticator(db=app.db) auth.ask_email_on_signup = False auth.allow_self_approval_for = ".*@example.com$" auth.secret_key = "short" with pytest.raises(ValueError): auth.setup_self_approval() auth.secret_key = "very long and kind-of random asdgaisgfjbafksdgasg" auth.setup_self_approval() assert auth.ask_email_on_signup is True
async def test_approval_url(app): auth = NativeAuthenticator(db=app.db) auth.allow_self_approval_for = ".*@example.com$" auth.secret_key = "very long and kind-of random asdgaisgfjbafksdgasg" auth.setup_self_approval() # confirm that a forged slug cannot be used with pytest.raises(ValueError): EmailAuthorizationHandler.validate_slug("foo", auth.secret_key) # confirm that an expired URL cannot be used expiration = datetime.datetime.now(tz.utc) - datetime.timedelta(days=2) url = auth.generate_approval_url("somebody", when=expiration) slug = url.split("/")[-1] with pytest.raises(ValueError): EmailAuthorizationHandler.validate_slug(slug, auth.secret_key) # confirm that a non-expired, correctly signed URL can be used expiration = datetime.datetime.now(tz.utc) + datetime.timedelta(days=2) url = auth.generate_approval_url("somebody", when=expiration) slug = url.split("/")[-1] out = EmailAuthorizationHandler.validate_slug(slug, auth.secret_key) assert out["username"] == "somebody" assert out["expire"] == expiration