def test_change_user_email_missing_argument_in_token(self): # Given users_factories.UserFactory(email="*****@*****.**", firstName="UniqueNameForEmailChangeTest") expiration_date = datetime.now() + timedelta(hours=1) missing_current_email_token_payload = dict( new_email="*****@*****.**") missing_current_email_token = encode_jwt_payload( missing_current_email_token_payload, expiration_date) missing_new_email_token_payload = dict( current_email="*****@*****.**") missing_new_email_token = encode_jwt_payload( missing_new_email_token_payload, expiration_date) missing_exp_token_payload = dict(new_email="*****@*****.**") missing_exp_token = encode_jwt_payload(missing_exp_token_payload) # When with pytest.raises(jwt.exceptions.InvalidTokenError): users_api.change_user_email(missing_current_email_token) users_api.change_user_email(missing_new_email_token) users_api.change_user_email(missing_exp_token) # Then old_user = User.query.filter_by(email="*****@*****.**").first() assert old_user is not None new_user = User.query.filter_by(email="*****@*****.**").first() assert new_user is None
def _build_link_for_email_change(current_email: str, new_email: str) -> str: expiration_date = datetime.now() + constants.EMAIL_CHANGE_TOKEN_LIFE_TIME token = encode_jwt_payload( dict(current_email=current_email, new_email=new_email), expiration_date) return f"{settings.WEBAPP_URL}/email-change?token={token}&expiration_timestamp={int(expiration_date.timestamp())}"
def test_encode_jwt_payload_without_expiration_date(self): payload = dict(data="value") jwt_token = encode_jwt_payload(payload) decoded = jwt.decode(jwt_token, settings.JWT_SECRET_KEY, algorithms=ALGORITHM_HS_256) assert decoded["data"] == "value" assert "exp" not in decoded
def test_encode_jwt_payload(self): payload = dict(data="value") expiration_date = datetime.now() jwt_token = encode_jwt_payload(payload, expiration_date) decoded = jwt.decode(jwt_token, settings.JWT_SECRET_KEY, algorithms=ALGORITHM_HS_256) assert decoded == {"data": "value", "exp": int(expiration_date.timestamp())}
def test_change_user_email_current_email_not_existing_anymore(self): # Given expiration_date = datetime.now() + timedelta(hours=1) token_payload = dict(current_email="*****@*****.**", new_email="*****@*****.**") token = encode_jwt_payload(token_payload, expiration_date) # When users_api.change_user_email(token) # Then old_user = User.query.filter_by(email="*****@*****.**").first() assert old_user is None new_user = User.query.filter_by(email="*****@*****.**").first() assert new_user is None
def test_change_user_email_new_email_already_existing(self): # Given users_factories.UserFactory(email="*****@*****.**", firstName="UniqueNameForEmailChangeTest") expiration_date = datetime.now() + timedelta(hours=1) token_payload = dict(current_email="*****@*****.**", new_email="*****@*****.**") token = encode_jwt_payload(token_payload, expiration_date) # When users_api.change_user_email(token) # Then old_user = User.query.filter_by(email="*****@*****.**").first() assert old_user is None new_user = User.query.filter_by(email="*****@*****.**").first() assert new_user is not None
def test_change_user_email(self): # Given user = users_factories.UserFactory(email="*****@*****.**", firstName="UniqueNameForEmailChangeTest") users_factories.UserSessionFactory(user=user) expiration_date = datetime.now() + timedelta(hours=1) token_payload = dict(current_email="*****@*****.**", new_email="*****@*****.**") token = encode_jwt_payload(token_payload, expiration_date) # When users_api.change_user_email(token) # Then assert user.email == "*****@*****.**" new_user = User.query.filter_by(email="*****@*****.**").first() assert new_user is not None assert new_user.firstName == "UniqueNameForEmailChangeTest" old_user = User.query.filter_by(email="*****@*****.**").first() assert old_user is None assert UserSession.query.filter_by(userId=user.id).first() is None
class ValidateJwtTokenTest: token_value = encode_jwt_payload({"pay": "load"}) def test_get_user_with_valid_token(self): user = users_factories.UserFactory() token_type = TokenType.RESET_PASSWORD expiration_date = datetime.now() + timedelta(hours=24) saved_token = Token( from_dict={ "userId": user.id, "value": self.token_value, "type": token_type, "expirationDate": expiration_date, } ) repository.save(saved_token) associated_user = get_user_with_valid_token(self.token_value, [token_type, "other-allowed-type"]) assert associated_user.id == user.id def test_get_user_with_valid_token_without_expiration_date(self): user = users_factories.UserFactory() token_type = TokenType.RESET_PASSWORD saved_token = Token(from_dict={"userId": user.id, "value": self.token_value, "type": token_type}) repository.save(saved_token) associated_user = get_user_with_valid_token(self.token_value, [token_type]) assert associated_user.id == user.id def test_get_user_with_valid_token_wrong_token(self): user = users_factories.UserFactory() token_type = TokenType.RESET_PASSWORD saved_token = Token(from_dict={"userId": user.id, "value": self.token_value, "type": token_type}) repository.save(saved_token) associated_user = get_user_with_valid_token("wrong-token-value", [token_type]) assert associated_user is None def test_get_user_with_valid_token_wrong_type(self): user = users_factories.UserFactory() token_type = TokenType.RESET_PASSWORD saved_token = Token(from_dict={"userId": user.id, "value": self.token_value, "type": token_type}) repository.save(saved_token) assert Token.query.filter_by(value=self.token_value).first() is not None associated_user = get_user_with_valid_token(self.token_value, ["other_type"]) assert associated_user is None def test_get_user_with_valid_token_with_expired_date(self): user = users_factories.UserFactory() token_type = TokenType.RESET_PASSWORD saved_token = Token( from_dict={ "userId": user.id, "value": self.token_value, "type": token_type, "expirationDate": datetime.now() - timedelta(hours=24), } ) repository.save(saved_token) assert Token.query.filter_by(value=self.token_value).first() is not None associated_user = get_user_with_valid_token(self.token_value, [token_type]) assert associated_user is None
def _build_link_for_email_change(current_email: str, new_email: str) -> str: expiration_date = datetime.now() + constants.EMAIL_CHANGE_TOKEN_LIFE_TIME token = encode_jwt_payload(dict(current_email=current_email, new_email=new_email), expiration_date) return f"{get_webapp_url()}/changement-email?token={token}&expiration_timestamp={int(expiration_date.timestamp())}"