def test_valid_access_token_returns_user(self, user):
token = GreenbudgetSlidingToken.for_user(user)
with mock.patch.object(User.objects, 'get',
return_value=user) as mock_fn:
returned_user = get_user_from_token(str(token))
assert returned_user.pk == user.pk
assert mock_fn.mock_calls == [mock.call(pk=user.pk)]
def test_validate_token(api_client, settings, user):
api_client.force_login(user)
token = GreenbudgetSlidingToken.for_user(user)
api_client.cookies = SimpleCookie({
settings.JWT_TOKEN_COOKIE_NAME: str(token),
})
response = api_client.post("/v1/jwt/validate/")
assert response.status_code == 201
assert 'greenbudgetjwt' in response.cookies
assert response.json() == {
'user': {
'id': user.pk,
'first_name': user.first_name,
'last_name': user.last_name,
'full_name': user.full_name,
'email': user.email,
'username': user.username,
'is_active': user.is_active,
'is_admin': user.is_admin,
'is_superuser': user.is_superuser,
'is_staff': user.is_staff,
'date_joined': api_datetime_string(user.date_joined),
'updated_at': api_datetime_string(user.updated_at),
'created_at': api_datetime_string(user.created_at),
'last_login': '******',
'timezone': str(user.timezone),
"profile_image": None,
}
}
def test_expired_access_token_auto_refreshes(self, user):
token = GreenbudgetSlidingToken.for_user(user)
token.set_exp(from_time=datetime(2010, 1, 1))
with mock.patch.object(User.objects, 'get',
return_value=user) as mock_fn:
returned_user = get_user_from_token(str(token))
assert returned_user.pk == user.pk
assert mock_fn.mock_calls == [mock.call(pk=user.pk)]
def test_expired_access_token_missing_refresh_token_raises(self, user):
token = GreenbudgetSlidingToken.for_user(user)
token.set_exp(claim='refresh_exp', from_time=datetime(2010, 1, 1))
with mock.patch.object(User.objects, 'get',
return_value=user) as mock_fn:
with pytest.raises(TokenExpiredError):
get_user_from_token(str(token))
assert mock_fn.call_count == 0
def test_middleware_doesnt_update_cookie_for_read_only_methods(
method, middleware_patch, user, settings, rf):
middleware = TokenCookieMiddleware()
rf.cookies = SimpleCookie({
settings.JWT_TOKEN_COOKIE_NAME:
GreenbudgetSlidingToken.for_user(user),
})
request = getattr(rf, method)('/')
response = HttpResponse()
with mock.patch.object(response, 'set_cookie') as set_cookie:
with middleware_patch('get_cookie_user', return_value=user):
middleware.process_request(request)
response = middleware.process_response(request, response)
assert set_cookie.called is False
def test_middleware_updates_cookie_at_refresh_endpoint(middleware_patch, user,
settings, rf):
middleware = TokenCookieMiddleware()
rf.cookies = SimpleCookie({
settings.JWT_TOKEN_COOKIE_NAME:
GreenbudgetSlidingToken.for_user(user),
})
request = rf.get(reverse('jwt:refresh'))
response = HttpResponse()
with mock.patch.object(response, 'set_cookie') as set_cookie:
with middleware_patch('get_cookie_user', return_value=user):
middleware.process_request(request)
response = middleware.process_response(request, response)
assert set_cookie.called is True
def test_process_response_sets_cookies(settings, rf, user):
token = GreenbudgetSlidingToken.for_user(user)
expire_date = datetime.now() + \
settings.SIMPLE_JWT['SLIDING_TOKEN_REFRESH_LIFETIME']
http_expire_date = http_date(expire_date.timestamp())
request = rf.get('/')
request.cookie_user = user
response = HttpResponse()
middleware = TokenCookieMiddleware()
with mock.patch.object(GreenbudgetSlidingToken,
'for_user',
return_value=token) as mock_for_user:
response = middleware.process_response(request, response)
jwt_cookie = response.cookies[settings.JWT_TOKEN_COOKIE_NAME]
assert jwt_cookie.value == str(token)
assert jwt_cookie['expires'] == http_expire_date
assert mock_for_user.mock_calls == [mock.call(user)]