def test_returns_an_403_when_using_old_user_uuid(self, current_user, client): """Returns an access denied when old uuid is used in token""" token = authentication.encode_token(current_user.email, "password-reset") client.delete("/account/token") res = client.get(f"/account/confirm/{token}") assert res.status_code == 403
def test_generate_url(self): # Ensure generate_url behaves as expected. token = authentication.encode_token("*****@*****.**") url = url_for("account.confirm", token=token, _external=True) url_token = url.split("/")[-1] # the last one assert token == url_token email = authentication.decode_token(url_token) assert email == "*****@*****.**"
def test_correct_status_code_when_confirming_a_email_confirm_token( self, unauthenticated_client, session): """Returns a redirect to /login when confirming an email-confirm token""" user = UnconfirmedUserFactory(email="*****@*****.**") session.add(user) session.flush() token = authentication.encode_token(user.uuid, "email-confirm-salt") res = unauthenticated_client.get(f"/account/confirm/{token}") assert res.status_code == 204
def test_returns_an_access_token_when_confirming_a_password_reset_token( self, app, unauthenticated_client): """Returns an access_token JWT when confirms a password_reset token """ token = authentication.encode_token("*****@*****.**", "password-reset-salt") res = unauthenticated_client.get(f"/account/confirm/{token}") assert res.status_code == 200 json_response = res.get_json() assert "access_token" in json_response assert "refresh_token" not in json_response assert jwt.decode( json_response["access_token"], app.config["JWT_SECRET_KEY"])["user_claims"]["scopes"] == [ "update:user:new_password" ]
def generate_confirmation_url(self, salt): token = encode_token(self.user.uuid, salt) return current_app.config["CONFIRM_URL"].format(token)
def test_verify_token(self): # Ensure encode and decode behave correctly. token = authentication.encode_token("*****@*****.**") email = authentication.decode_token(token) assert email == "*****@*****.**"
def test_token_is_unique(self): # Ensure tokens are unique. token1 = authentication.encode_token("*****@*****.**") token2 = authentication.encode_token("*****@*****.**") assert token1 != token2
def test_verify_expired_token(self): # Ensure encode and decode behave correctly when token has expired. token = authentication.encode_token("*****@*****.**") time.sleep(1) email = authentication.decode_token(token, expiration=0) assert email is False