def test_default_token_user_loader_can_load_user(self):
""" Load user by token using default loader"""
with user_events.disconnect_receivers():
user = self.create_user()
token = user_service.default_token_implementation(user.id)
loaded = user_service.default_token_user_loader(token)
self.assertEquals(loaded, user)
def test_default_token_loader_fails_if_email_not_confirmed(self):
""" Default token user loader fails if email unconfirmed"""
with user_events.disconnect_receivers():
user = self.create_user(confirm_email=False)
token = user_service.default_token_implementation(user.id)
with self.assertRaises(x.EmailNotConfirmed):
user_service.default_token_user_loader(token)
def test_default_token_loader_fails_if_tokens_mismatch(self):
""" Fail to load user if token doesn't match the one on file"""
with user_events.disconnect_receivers():
user = self.create_user()
token = user_service.default_token_implementation(user.id)
user_service.revoke_user_token(user.id)
with self.assertRaises(x.JwtTokenMismatch):
user_service.default_token_user_loader(token)
def test_default_token_user_loader_fails_if_expired(self):
""" Default token user loader fails if expired """
with user_events.disconnect_receivers():
user = self.create_user()
user_service.jwt_lifetime = -1
token = user_service.default_token_implementation(user.id)
with self.assertRaises(x.JwtExpired):
user_service.default_token_user_loader(token)
def test_default_token_user_loader_fails_if_tampered_with(self):
""" Default token user loader fails if tampered with """
with user_events.disconnect_receivers():
user = self.create_user()
token = user_service.default_token_implementation(user.id)
token = 'xxx' + token
with self.assertRaises(x.JwtDecodeError):
user_service.default_token_user_loader(token)
def test_default_token_user_loader_fails_if_account_locked(self):
""" Default token user loader fails if account locked """
with user_events.disconnect_receivers():
user = self.create_user()
user.lock_account(minutes=1)
user_service.save(user)
token = user_service.default_token_implementation(user.id)
with self.assertRaises(x.AccountLocked):
user_service.default_token_user_loader(token)
def test_default_token_user_loader_fails_if_no_user(self):
""" Default token user loader fails if user not found """
with user_events.disconnect_receivers():
user_service.jwt_lifetime = 86400
user = self.create_user(confirm_email=True)
token = user_service.default_token_implementation(user.id)
user_service.delete(user)
with self.assertRaises(x.JwtNoUser):
user_service.default_token_user_loader(token)
def test_default_tokens_fail_if_tampered_with(self):
""" Default tokens fail if tampered with"""
with user_events.disconnect_receivers():
user = self.create_user(confirm_email=True)
token = user_service.default_token_implementation(user.id)
with self.assertRaises(jwt.exceptions.DecodeError):
jwt.decode(token + 'x',
user_service.jwt_secret,
algorithms=[user_service.jwt_algo])
def test_default_token_implementation(self):
""" Generating token using default implementation"""
user = self.create_user(confirm_email=True)
token = user_service.default_token_implementation(user.id)
self.assertEquals(str, type(token))
decoded = jwt.decode(token,
user_service.jwt_secret,
algorithms=[user_service.jwt_algo])
self.assertEquals(user.id, decoded['user_id'])
def test_default_tokens_fail_if_expired(self):
""" Default tokens will fail to decode upon expiration"""
with user_events.disconnect_receivers():
user = self.create_user(confirm_email=True)
user_service.jwt_lifetime = -1
token = user_service.default_token_implementation(user.id)
with self.assertRaises(jwt.exceptions.ExpiredSignatureError):
jwt.decode(token,
user_service.jwt_secret,
algorithms=[user_service.jwt_algo])
# cleanup
user_service.jwt_lifetime = 86400