def _validate_token(self):
auth_token = AuthenticationToken(self.config['RESET_SECRET'],
duration=0)
auth_token.jwt = self.request.json['token']
auth_token.validate()
return dict(account_id=auth_token.account_id,
token_expired=auth_token.is_expired,
token_invalid=not auth_token.is_valid)
def check_for_new_cookies(context):
validate_token_cookies(context)
assert_that(context.refresh_token,
is_not(equal_to(context.old_refresh_token)))
refresh_token = AuthenticationToken(
context.client_config["REFRESH_SECRET"], 0)
refresh_token.jwt = context.refresh_token
refresh_token.validate()
assert_that(refresh_token.is_valid, equal_to(True), "refresh token valid")
assert_that(refresh_token.is_expired, equal_to(False),
"refresh token expired")
assert_that(refresh_token.account_id, equal_to(context.accounts["foo"].id))