def test_auth_verify__valid_token__returns_same_token(self): auth_response = call_auth_endpoint(self.client, "foobar", "foo") auth_token = auth_response.json()['token'] verify_response = call_auth_verify_endpoint(self.client, auth_token) verify_token = verify_response.json()['token'] self.assertEqual(verify_token, auth_token)
def test_auth__valid_credentials__returns_jwt_token(self): response = call_auth_endpoint(self.client, "foobar", "foo") token = response.json()['token'] payload = JSONWebTokenAuthentication.jwt_decode_token(token) self.assertEqual(response.status_code, HTTP_200_OK) self.assertEqual(payload['user_id'], self.active_user.id) self.assertEqual(payload['username'], self.active_user.get_username())
def test_auth__empty_credentials__returns_validation_error(self): expected_output = { 'password': [_('This field may not be blank.')], 'username': [_('This field may not be blank.')] } response = call_auth_endpoint(self.client, "", "") self.assertEqual(response.json(), expected_output)
def test_view__authenticated(self): auth_response = call_auth_endpoint(self.client, "foobar", "foo") token = auth_response.json()["token"] self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + token) url = reverse('test-view') response = self.client.get(url) self.assertEqual(response.status_code, HTTP_200_OK)
def test_auth__invalid_credentials__returns_validation_error(self): expected_output = { 'non_field_errors': [_('Unable to log in with provided credentials.')] } response = call_auth_endpoint(self.client, "invalid_username", "invalid_password") self.assertEqual(response.json(), expected_output)
def test_auth__valid_credentials_with_auth_cookie_settings__returns_jwt_token_and_cookie( self, mock_settings): auth_cookie = 'jwt-auth' # Use default settings and override JWT_AUTH_COOKIE setting mock_settings = setup_default_mocked_api_settings(mock_settings) mock_settings.JWT_AUTH_COOKIE = auth_cookie response = call_auth_endpoint(self.client, "foobar", "foo") self.assertEqual(response.status_code, HTTP_200_OK) self.assertIn('token', force_text(response.content)) self.assertIn(auth_cookie, response.client.cookies)
def test_auth__valid_credentials_with_no_user_id_setting__returns_jwt_token( self, mock_settings): mock_settings = setup_default_mocked_api_settings(mock_settings) mock_settings.JWT_PAYLOAD_INCLUDE_USER_ID = False response = call_auth_endpoint(self.client, "foobar", "foo") token = response.json()['token'] payload = JSONWebTokenAuthentication.jwt_decode_token(token) self.assertEqual(response.status_code, HTTP_200_OK) self.assertNotIn('user_id', payload) self.assertEqual(payload['username'], self.active_user.get_username())
def test_auth__valid_credentials_with_JWT_GET_USER_SECRET_KEY_handler_set__returns_jwt_token( self, mock_settings): # Use default settings and override JWT_GET_USER_SECRET_KEY setting mock_settings = setup_default_mocked_api_settings(mock_settings) mock_settings.JWT_GET_USER_SECRET_KEY = jwt_get_user_secret_key response = call_auth_endpoint(self.client, "foobar", "foo") token = response.json()['token'] payload = JSONWebTokenAuthentication.jwt_decode_token(token) self.assertEqual(response.status_code, HTTP_200_OK) self.assertEqual(payload['user_id'], self.active_user.id) self.assertEqual(payload['username'], self.active_user.get_username())
def test_view__auth_cookie(self, auth_mock_settings, views_mock_settings): auth_cookie = 'jwt-auth' # Use default settings and override JWT_AUTH_COOKIE setting auth_mock_settings = \ setup_default_mocked_api_settings(auth_mock_settings) views_mock_settings = \ setup_default_mocked_api_settings(views_mock_settings) auth_mock_settings.JWT_AUTH_COOKIE = auth_cookie views_mock_settings.JWT_AUTH_COOKIE = auth_cookie response = call_auth_endpoint(self.client, "foobar", "foo") url = reverse('test-view') response = response.client.get(url) self.assertEqual(response.status_code, HTTP_200_OK)
def test_auth__valid_credentials_with_aud_and_iss_settings__returns_jwt_token( self, mock_settings): # Use default settings and override JWT_AUDIENCE and JWT_ISSUER settings mock_settings = setup_default_mocked_api_settings(mock_settings) mock_settings.JWT_AUDIENCE = 'test-aud' mock_settings.JWT_ISSUER = 'test-iss' response = call_auth_endpoint(self.client, "foobar", "foo") token = response.json()['token'] payload = JSONWebTokenAuthentication.jwt_decode_token(token) self.assertEqual(response.status_code, HTTP_200_OK) self.assertEqual(payload['aud'], mock_settings.JWT_AUDIENCE) self.assertEqual(payload['iss'], mock_settings.JWT_ISSUER) self.assertEqual(payload['user_id'], self.active_user.id) self.assertEqual(payload['username'], self.active_user.get_username())