def test_cookie_decode(dummy_request, principal): policy = JWTCookieAuthenticationPolicy("secret", https_only=False) header, cookie = policy.remember(dummy_request, principal).pop() name, value = cookie.split("=", 1) value, _ = value.split(";", 1) dummy_request.cookies = {name: value} claims = policy.get_claims(dummy_request) assert claims["sub"] == principal
def test_invalid_cookie_reissue(principal): dummy_request = Request.blank("/") policy = JWTCookieAuthenticationPolicy("secret", https_only=False, reissue_time=10) token = "invalid value" header, cookie = policy.remember(dummy_request, token).pop() name, value = cookie.split("=", 1) value, _ = value.split(";", 1) dummy_request.cookies = {name: value} claims = policy.get_claims(dummy_request) assert not claims
def test_expired_token(dummy_request, principal, freezer): policy = JWTCookieAuthenticationPolicy("secret", cookie_name="auth", expiration=1) _, cookie = policy.remember(dummy_request, principal).pop() name, value = cookie.split("=", 1) freezer.tick(delta=2) value, _ = value.split(";", 1) dummy_request.cookies = {name: value} claims = policy.get_claims(dummy_request) assert claims == {}