def test_auth(self, flask_app, flask_app_client, regular_user): user_hash = encrypt_str(regular_user.email) query_string = "user_id=" + user_hash access_token = create_access_token(identity=regular_user.email) flask_app_client.connect("/auth", query_string=query_string) assert flask_app_client.is_connected("/auth") flask_app_client.emit("authenticate", {"token": access_token}, namespace="/auth") assert flask_app_client.is_connected("/auth") is False add_token_to_database(access_token, flask_app.config["JWT_IDENTITY_CLAIM"]) flask_app_client.connect("/auth", query_string=query_string) flask_app_client.emit("authenticate", {"token": access_token}, namespace="/auth") assert flask_app_client.is_connected("/auth") flask_app_client.emit("test", namespace="/auth") data = flask_app_client.get_received("/auth") assert data[0]["name"]["data"] == "Hello, World" flask_app_client.disconnect("/auth") flask_app_client.connect("/auth", query_string=query_string) flask_app_client.emit("test", namespace="/auth") assert flask_app_client.is_connected("/auth") is False flask_app_client.connect("/auth", query_string="121212") flask_app_client.emit("test", namespace="/auth") assert flask_app_client.is_connected("/auth") is False
def test_jwt_manager(self, app, db, monkeypatch, jwt): from app.extensions.jwt.uitls import add_token_to_database from flask_jwt_extended import create_access_token, jwt_required, current_user from app.extensions.jwt.models import TokenBlackList token = create_access_token("test") add_token_to_database(token, "identity") @app.route("/protected", methods=["GET"]) @jwt_required def protected(): assert current_user == {"user": "******"} return jsonify({"code": 1}) test_client = app.test_client() headers = {"Authorization": "Bearer {}".format(token)} resp = test_client.get("/protected") assert resp.status_code == 401 resp = test_client.get("/protected", headers=headers) resp.status_code == 200 TokenBlackList.query.delete() db.session.commit() resp = test_client.get("/protected", headers=headers) resp.status_code == 401
def generate_confirm_token(user, token_type): confirm_token = create_access_token(identity=user.email, expires_delta=timedelta(days=1)) add_token_to_database(confirm_token, app.config["JWT_IDENTITY_CLAIM"], token_type) return confirm_token
def create_token(db, regular_user): access_token = create_access_token(identity=regular_user.email) add_token_to_database(access_token, current_app.config["JWT_IDENTITY_CLAIM"]) db.session.commit() return access_token
def post(self): """ 用户刷新Token 用户用refresh_token获取新的token """ current_user = get_jwt_identity() access_token = create_access_token(identity=current_user) logger.info(f"{current_user} 刷新了token") add_token_to_database(access_token, app.config["JWT_IDENTITY_CLAIM"]) return {"code": 0, "msg": "success", "data": {"access_token": access_token}}
def test_jwt_expired(self, app, db, jwt): from app.extensions.jwt.models import TokenBlackList from app.extensions.jwt.uitls import add_token_to_database from flask_jwt_extended import create_access_token from datetime import timedelta token = create_access_token("test", expires_delta=-timedelta(seconds=1)) add_token_to_database(token, "identity", allow_expired=True) headers = {"Authorization": "Bearer {}".format(token)} test_client = app.test_client() resp = test_client.get("/protected", headers=headers) assert resp.status_code == 402 TokenBlackList.query.delete() db.session.commit()
def post(self, args): """ 用户登录 用户名密码登录后,返回基本信息以及token, 登录方式为token方式 """ store = CaptchaStore(args["token"]) code_lst = store.get_captcha() if args["captcha"] not in code_lst: abort(403, message="验证码错误") user = models.User.get_by_email(args["email"]) if user is None: logger.warning(f"{args['email']} 不存在") abort(404, message="用户不存在") if user.active is not True: logger.warning(f"{args['email']} 未激活,尝试登录") abort(403, message="用户未激活") if user.verify_and_update_password(args["password"]) is True: # 生成jwt access_token = create_access_token(identity=args["email"]) refresh_token = create_refresh_token(identity=args["email"]) # 将token加入数据库 add_token_to_database(access_token, app.config["JWT_IDENTITY_CLAIM"]) add_token_to_database(refresh_token, app.config["JWT_IDENTITY_CLAIM"]) logger.info(f"{args['email']} 登录成功") # 组装data data = { "tokens": {"refresh_token": refresh_token, "access_token": access_token} } return {"code": 0, "msg": "success", "data": data} else: logger.error(f"{args['email']} 登录密码错误") abort(403, message="密码错误")
def test_jwt_revoke(self, app, db, jwt): from app.extensions.jwt.uitls import add_token_to_database, revoke_token from flask_jwt_extended import create_access_token, decode_token from app.extensions.jwt.models import TokenBlackList token = create_access_token("test", ) add_token_to_database(token, "identity", allow_expired=True) _jwt = decode_token(token) revoke_token(_jwt) headers = {"Authorization": "Bearer {}".format(token)} test_client = app.test_client() resp = test_client.get("/protected", headers=headers) assert resp.status_code == 401 TokenBlackList.query.delete() db.session.commit() revoke_token(_jwt)