def test_decode_token_expired(self): """ Token decoder returns None when it's been tampered with. """ current_app.config['TOKEN_EXPIRATION_SECONDS'] = -1 token = create_token() payload = User.decode_auth_token(token) self.assertFalse(isinstance(payload, User)) self.assertIn('Signature expired', payload)
def test_decode_token_invalid(self): """ Token decoder returns 'Invalid token' when it's been tampered with.""" token = create_token() payload = User.decode_auth_token(f'{token}1337') self.assertFalse(isinstance(payload, User)) self.assertIn('Invalid token', payload)
def test_decode_token(self): """ Token decoder decodes a JWT correctly. """ token = create_token() payload = User.decode_auth_token(token) user = User.find_by_id(payload.get('id')) self.assertTrue(isinstance(user, User)) self.assertEqual(user.email, '*****@*****.**')
def wrapper(*args, **kwargs): auth_header = request.headers.get('Authorization') if not auth_header: return error_response(403, message='No authorization.') token = auth_header.split(" ")[1] payload = User.decode_auth_token(token) if not isinstance(payload, dict): return error_response(401, message=payload) user = User.find_by_id(payload.get('id')) if user is None or user.is_active is not True: return error_response(401, message='Invalid token.') return func(payload.get('id'), *args, **kwargs)
def test_decode_token_invalid(token): """ Token decoder returns 'Invalid token' when it's been tampered with.""" payload = User.decode_auth_token(f'{token}1337') assert isinstance(payload, User) is False assert 'Invalid token' in payload
def test_decode_token(token): """ Token decoder decodes a JWT correctly. """ payload = User.decode_auth_token(token) user = User.find_by_id(payload.get('id')) assert isinstance(user, User) is True assert user.email == '*****@*****.**'