Exemplo n.º 1
0
    def test_require_jwt_decorator(self):
        mock = Mock(return_value="success")
        mock.__name__ = 'test_mock'
        mock_fn = jwt.require_jwt(mock)
        bad_header = {
            "Authorization": "Bearer this-is-not-a-token"
        }
        nobearer_header = {
            "Authorization": "this-is-not-a-token"
        }
        token = jwt.create_token_for_user(self.default_user)
        with self.app.test_request_context(headers=bad_header):
            res = mock_fn()
            self.assertEqual(401, res.status_code)

        with self.app.test_request_context(headers=nobearer_header):
            res = mock_fn()
            self.assertEqual(401, res.status_code)

        with self.app.test_request_context():
            res = mock_fn()
            self.assertEqual(401, res.status_code)
        good_header = {
            "Authorization": "Bearer %s" % token
        }
        with self.app.test_request_context(headers=good_header):
            res = mock_fn()
            self.assertEqual("success", res)
Exemplo n.º 2
0
    def setUp(self):
        super(BaseTestCase, self).setUp()
        self.app = create_app(config.Testing)
        self.app_context = self.app.app_context()
        self.client = self.app.test_client()
        self.app_context.push()
        self.db = db
        self.db.drop_all()
        self.db.create_all()
        self.user = dict(
            username="******",
            password="******",
            first_name="Test",
            last_name="User",
            _admin=True
        )
        self.document = dict(
            title="This is a Test Title",
            body="Body Body Body, likeasomebody"
        )
        self.tag = {"title": "TAGGY"}

        self.default_user = User.create(self.user)
        self.default_document = Document.create(self.document)
        self.default_document.user = self.default_user
        self.tag = Tag.create(self.tag)
        self.tag.user = self.default_user
        self.default_document.tags.append(self.tag)
        self.db.session.commit()
        self.redis_store = RedisStore(store=FakeStrictRedis, name='test')
        token = jwt.create_token_for_user(self.default_user)
        self.headers = [
            ('Content-Type', 'application/json'),
            ('Authorization', 'Bearer %s' % token)
        ]
Exemplo n.º 3
0
    def setUp(self):
        super(BaseTestCase, self).setUp()
        self.app = create_app(config.Testing)
        self.app_context = self.app.app_context()
        self.client = self.app.test_client()
        self.app_context.push()
        self.db = db
        self.db.drop_all()
        self.db.create_all()
        self.user = dict(username="******",
                         password="******",
                         first_name="Test",
                         last_name="User",
                         _admin=True)
        self.document = dict(title="This is a Test Title",
                             body="Body Body Body, likeasomebody")
        self.tag = {"title": "TAGGY"}

        self.default_user = User.create(self.user)
        self.default_document = Document.create(self.document)
        self.default_document.user = self.default_user
        self.tag = Tag.create(self.tag)
        self.tag.user = self.default_user
        self.default_document.tags.append(self.tag)
        self.db.session.commit()
        self.redis_store = RedisStore(store=FakeStrictRedis, name='test')
        token = jwt.create_token_for_user(self.default_user)
        self.headers = [('Content-Type', 'application/json'),
                        ('Authorization', 'Bearer %s' % token)]
Exemplo n.º 4
0
 def test_verify_token(self):
     good_token = jwt.create_token_for_user(self.default_user)
     succ, payload = jwt.verify_token(good_token)
     self.assertTrue(succ)
     self.assertEqual(payload.get('first_name'), 'Test')
     succ, bad_payload = jwt.verify_token("lsdkjfdskjfs")
     self.assertFalse(succ)
     self.assertIn("tampered", bad_payload)
Exemplo n.º 5
0
 def test_verify_token(self):
     good_token = jwt.create_token_for_user(self.default_user)
     succ, payload = jwt.verify_token(good_token)
     self.assertTrue(succ)
     self.assertEqual(payload.get('first_name'), 'Test')
     succ, bad_payload = jwt.verify_token("lsdkjfdskjfs")
     self.assertFalse(succ)
     self.assertIn("tampered", bad_payload)
Exemplo n.º 6
0
def auth_login():
    data = request.get_json()
    username = data.get('username')
    password = data.get('password')
    user = User.query.filter_by(username=username).first()
    xhr = MakeResponse(200)
    if user and user.authenticate(password):
        token = jwt.create_token_for_user(user)
        res = dict(access_token=token)
        xhr.set_body(res)
        return xhr.response

    else:
        xhr.set_error(401, {"error": "Trouble authenticating"})
        return xhr.response
Exemplo n.º 7
0
def auth_login():
    data = request.get_json()
    username = data.get('username')
    password = data.get('password')
    user = User.query.filter_by(username=username).first()
    xhr = MakeResponse(200)
    if user and user.authenticate(password):
        token = jwt.create_token_for_user(user)
        res = dict(access_token=token)
        xhr.set_body(res)
        return xhr.response

    else:
        xhr.set_error(401, {"error": "Trouble authenticating"})
        return xhr.response
Exemplo n.º 8
0
def refresh_auth_token():
    data = request.get_json()
    agent = request.headers.get('User-Agent')
    refresh_token = data.get('refresh_token')
    user = api.helpers.get_user()
    user_id = user.id
    xhr = MakeResponse(200)

    if jwt.verify_refresh_token(refresh_token, user_id, agent):
        token = jwt.create_token_for_user(user)
        xhr.set_body(dict(access_token=token))
        return xhr.response

    xhr.set_error(
        401, "Could not refresh, please try logging out and logging back in.")
    return xhr.response
Exemplo n.º 9
0
def refresh_auth_token():
    data = request.get_json()
    agent = request.headers.get('User-Agent')
    refresh_token = data.get('refresh_token')
    user = api.helpers.get_user()
    user_id = user.id
    xhr = MakeResponse(200)

    if jwt.verify_refresh_token(refresh_token, user_id, agent):
        token = jwt.create_token_for_user(user)
        xhr.set_body(dict(access_token=token))
        return xhr.response

    xhr.set_error(
        401,
        "Could not refresh, please try logging out and logging back in."
    )
    return xhr.response
Exemplo n.º 10
0
    def test_require_jwt_decorator(self):
        mock = Mock(return_value="success")
        mock.__name__ = 'test_mock'
        mock_fn = jwt.require_jwt(mock)
        bad_header = {"Authorization": "Bearer this-is-not-a-token"}
        nobearer_header = {"Authorization": "this-is-not-a-token"}
        token = jwt.create_token_for_user(self.default_user)
        with self.app.test_request_context(headers=bad_header):
            res = mock_fn()
            self.assertEqual(401, res.status_code)

        with self.app.test_request_context(headers=nobearer_header):
            res = mock_fn()
            self.assertEqual(401, res.status_code)

        with self.app.test_request_context():
            res = mock_fn()
            self.assertEqual(401, res.status_code)
        good_header = {"Authorization": "Bearer %s" % token}
        with self.app.test_request_context(headers=good_header):
            res = mock_fn()
            self.assertEqual("success", res)
Exemplo n.º 11
0
 def test_create_token_for_user(self):
     token = jwt.create_token_for_user(self.default_user)
     self.assertGreater(len(token), 20)
Exemplo n.º 12
0
 def test_create_token_for_user(self):
     token = jwt.create_token_for_user(self.default_user)
     self.assertGreater(len(token), 20)