def test_05_invalid_confirmation_token(self):
u1 = User(username='******', password='******')
u2 = User(username='******', password='******')
u1.save()
u2.save()
token = u1.generate_confirmation_token('something_need_confirm')
self.assertFalse(u2.confirm(token, 'something_need_confirm'))
def test_01_post_method(self):
kwargs = self.data["kwargs"]
user = self.data["user"]
kwargs_fake = dict(username=self.person.username(),
password=self.person.password(16))
response = self.client.post("/api/auth",
data=json.dumps(kwargs_fake),
content_type="application/json")
self.assertEqual(response.status_code, 400)
data = json.loads(response.data)
self.assertEqual(data["message"]["username"],
"valid username is required for authentication")
response = self.client.post("/api/auth",
data=json.dumps(kwargs),
content_type="application/json")
self.assertEqual(response.status_code, 200)
data = json.loads(response.data)
self.assertEqual(User.confirm("login", data["token"]).id, user.id)
kwargs["password"] = self.person.password(16)
response = self.client.post("/api/auth",
data=json.dumps(kwargs),
content_type="application/json")
self.assertEqual(response.status_code, 401)
data = json.loads(response.data)
self.assertEqual(data["message"], "invalid username or password")
def test_03_token(self):
kwargs = {"username": self.person.name(), "email": self.person.email()}
key_1, key_2 = self.text.words(2)
user = User(**kwargs)
user.save()
token_1 = user.generate_token(key_1)
sleep(1)
token_1_delay = user.generate_token(key_1)
self.assertNotEqual(token_1, token_1_delay)
token_2 = user.generate_token(key_2)
self.assertEquals((User.confirm(key_1, token_1), user),
(User.confirm(key_2, token_2), user))
self.assertIsNone(User.confirm(key_2, token_1))
token = user.generate_token(key_1, expiration=2)
self.assertEqual(User.confirm(key_1, token), user)
sleep(3)
self.assertIsNone(User.confirm(key_1, token))
def test_02_refresh_token(self):
kwargs = self.data["kwargs"]
user = self.data["user"]
token_fake = json.dumps(dict(token=json.dumps(kwargs)))
response = self.client.get("/api/auth",
query_string=dict(token=token_fake))
self.assertEqual(response.status_code, 401)
response = self.client.post("/api/auth",
data=json.dumps(kwargs),
content_type="application/json")
token_1 = parse_cookie(
response.headers.getlist('Set-Cookie')[0])["token"]
sleep(1)
response = self.client.get("/api/auth",
query_string=dict(token=token_1))
token_2 = parse_cookie(
response.headers.getlist("Set-Cookie")[0])["token"]
self.assertNotEqual(token_1, token_2)
self.assertEqual(User.confirm("login", token_1).id, user.id)
self.assertEqual(User.confirm("login", token_2).id, user.id)
def test_06_expired_confirmation_token(self):
u = User(username='******', password='******')
u.save()
token = u.generate_confirmation_token('something_need_confirm', 1)
time.sleep(2)
self.assertFalse(u.confirm(token, 'something_need_confirm'))
def test_04_valid_confirmation_token(self):
u = User(username='******', password='******')
u.save()
token = u.generate_confirmation_token('something_need_confirm')
self.assertTrue(u.confirm(token, 'something_need_confirm'))
