def test_auth(self, flask_app, flask_app_client, regular_user):
user_hash = encrypt_str(regular_user.email)
query_string = "user_id=" + user_hash
access_token = create_access_token(identity=regular_user.email)
flask_app_client.connect("/auth", query_string=query_string)
assert flask_app_client.is_connected("/auth")
flask_app_client.emit("authenticate", {"token": access_token},
namespace="/auth")
assert flask_app_client.is_connected("/auth") is False
add_token_to_database(access_token,
flask_app.config["JWT_IDENTITY_CLAIM"])
flask_app_client.connect("/auth", query_string=query_string)
flask_app_client.emit("authenticate", {"token": access_token},
namespace="/auth")
assert flask_app_client.is_connected("/auth")
flask_app_client.emit("test", namespace="/auth")
data = flask_app_client.get_received("/auth")
assert data[0]["name"]["data"] == "Hello, World"
flask_app_client.disconnect("/auth")
flask_app_client.connect("/auth", query_string=query_string)
flask_app_client.emit("test", namespace="/auth")
assert flask_app_client.is_connected("/auth") is False
flask_app_client.connect("/auth", query_string="121212")
flask_app_client.emit("test", namespace="/auth")
assert flask_app_client.is_connected("/auth") is False
def test_jwt_manager(self, app, db, monkeypatch, jwt):
from app.extensions.jwt.uitls import add_token_to_database
from flask_jwt_extended import create_access_token, jwt_required, current_user
from app.extensions.jwt.models import TokenBlackList
token = create_access_token("test")
add_token_to_database(token, "identity")
@app.route("/protected", methods=["GET"])
@jwt_required
def protected():
assert current_user == {"user": "******"}
return jsonify({"code": 1})
test_client = app.test_client()
headers = {"Authorization": "Bearer {}".format(token)}
resp = test_client.get("/protected")
assert resp.status_code == 401
resp = test_client.get("/protected", headers=headers)
resp.status_code == 200
TokenBlackList.query.delete()
db.session.commit()
resp = test_client.get("/protected", headers=headers)
resp.status_code == 401
def generate_confirm_token(user, token_type):
confirm_token = create_access_token(identity=user.email,
expires_delta=timedelta(days=1))
add_token_to_database(confirm_token, app.config["JWT_IDENTITY_CLAIM"],
token_type)
return confirm_token
def create_token(db, regular_user):
access_token = create_access_token(identity=regular_user.email)
add_token_to_database(access_token,
current_app.config["JWT_IDENTITY_CLAIM"])
db.session.commit()
return access_token
def post(self):
"""
用户刷新Token
用户用refresh_token获取新的token
"""
current_user = get_jwt_identity()
access_token = create_access_token(identity=current_user)
logger.info(f"{current_user} 刷新了token")
add_token_to_database(access_token, app.config["JWT_IDENTITY_CLAIM"])
return {"code": 0, "msg": "success", "data": {"access_token": access_token}}
def test_jwt_expired(self, app, db, jwt):
from app.extensions.jwt.models import TokenBlackList
from app.extensions.jwt.uitls import add_token_to_database
from flask_jwt_extended import create_access_token
from datetime import timedelta
token = create_access_token("test",
expires_delta=-timedelta(seconds=1))
add_token_to_database(token, "identity", allow_expired=True)
headers = {"Authorization": "Bearer {}".format(token)}
test_client = app.test_client()
resp = test_client.get("/protected", headers=headers)
assert resp.status_code == 402
TokenBlackList.query.delete()
db.session.commit()
def post(self, args):
"""
用户登录
用户名密码登录后,返回基本信息以及token,
登录方式为token方式
"""
store = CaptchaStore(args["token"])
code_lst = store.get_captcha()
if args["captcha"] not in code_lst:
abort(403, message="验证码错误")
user = models.User.get_by_email(args["email"])
if user is None:
logger.warning(f"{args['email']} 不存在")
abort(404, message="用户不存在")
if user.active is not True:
logger.warning(f"{args['email']} 未激活,尝试登录")
abort(403, message="用户未激活")
if user.verify_and_update_password(args["password"]) is True:
# 生成jwt
access_token = create_access_token(identity=args["email"])
refresh_token = create_refresh_token(identity=args["email"])
# 将token加入数据库
add_token_to_database(access_token, app.config["JWT_IDENTITY_CLAIM"])
add_token_to_database(refresh_token, app.config["JWT_IDENTITY_CLAIM"])
logger.info(f"{args['email']} 登录成功")
# 组装data
data = {
"tokens": {"refresh_token": refresh_token, "access_token": access_token}
}
return {"code": 0, "msg": "success", "data": data}
else:
logger.error(f"{args['email']} 登录密码错误")
abort(403, message="密码错误")
def test_jwt_revoke(self, app, db, jwt):
from app.extensions.jwt.uitls import add_token_to_database, revoke_token
from flask_jwt_extended import create_access_token, decode_token
from app.extensions.jwt.models import TokenBlackList
token = create_access_token("test", )
add_token_to_database(token, "identity", allow_expired=True)
_jwt = decode_token(token)
revoke_token(_jwt)
headers = {"Authorization": "Bearer {}".format(token)}
test_client = app.test_client()
resp = test_client.get("/protected", headers=headers)
assert resp.status_code == 401
TokenBlackList.query.delete()
db.session.commit()
revoke_token(_jwt)
