def test_jwt_middleware(admin_user): def get_response(request): return HttpResponse() rf = RequestFactory() middleware = jwt_middleware(get_response) # test setting AnonymousUser on unauthorized request to API request = rf.get(reverse("api")) assert not hasattr(request, "user") middleware(request) assert isinstance(request.user, AnonymousUser) # test request with proper JWT token authorizes the request to API token = get_token(admin_user) request = rf.get(reverse("api"), **{"HTTP_AUTHORIZATION": "JWT %s" % token}) assert not hasattr(request, "user") middleware(request) assert request.user == admin_user