async def test_refresh_token_success(app, database, get_user_data): app_authenticate = app['authenticate'] app_authorized = app[JWT_AUTH_APP] user_data = get_user_data() async with app['db'].acquire() as conn: # type: SAConnection user_data = get_user_data() await create_user(conn=conn, user_data=user_data) token = await login(db=app['db'], credentials_data={ 'username': user_data['username'], 'password': user_data['password'] }, living_time=app_authenticate['living_time'], private_key=app_authenticate['private_key']) token_encoded = validate_token(token=token, public_key=app_authorized[JWT_PUBLIC_KEY]) time_1 = token_encoded.exp import time time.sleep(1) token_refreshed = await refresh_token( db=app['db'], user_data_token=token_encoded, living_time=app_authenticate['living_time'], private_key=app_authenticate['private_key']) token_refreshed_encoded = validate_token( token=token_refreshed, public_key=app_authorized[JWT_PUBLIC_KEY]) time_2 = token_refreshed_encoded.exp assert time_1 < time_2
async def test_login_few_users(app, database, get_user_data): app_authenticate = app['authenticate'] app_authorized = app[JWT_AUTH_APP] _user_count = 10 user_list = list() async with app['db'].acquire() as conn: # type: SAConnection for i in range(_user_count): user_data = get_user_data() await create_user(conn=conn, user_data=user_data) user_list.append(user_data) # authenticate one user several times token_1 = await login(db=app['db'], credentials_data={ 'username': user_list[0]['username'], 'password': user_list[0]['password'] }, living_time=app_authenticate['living_time'], private_key=app_authenticate['private_key']) token_2 = await login(db=app['db'], credentials_data={ 'username': user_list[0]['username'], 'password': user_list[0]['password'] }, living_time=app_authenticate['living_time'], private_key=app_authenticate['private_key']) user_data_token_1 = validate_token( token=token_1, public_key=app_authorized[JWT_PUBLIC_KEY]) user_data_token_2 = validate_token( token=token_2, public_key=app_authorized[JWT_PUBLIC_KEY]) assert user_data_token_1.sub == user_data_token_2.sub assert user_data_token_1.jti != user_data_token_2.jti
async def test_logout_success(app, database, get_user_data): app_authenticate = app['authenticate'] app_authorized = app[JWT_AUTH_APP] user_data = get_user_data() async with app['db'].acquire() as conn: # type: SAConnection user_data = get_user_data() await create_user(conn=conn, user_data=user_data) token = await login(db=app['db'], credentials_data={ 'username': user_data['username'], 'password': user_data['password'] }, living_time=app_authenticate['living_time'], private_key=app_authenticate['private_key']) token_encoded = validate_token(token=token, public_key=app_authorized[JWT_PUBLIC_KEY]) await logout(db=app['db'], user_data_token=token_encoded) async with app['db'].acquire() as conn: # type: SAConnection query = sa.select([refresh_tokens]) \ .where(refresh_tokens.c.id == token_encoded.jti) cursor: ResultProxy = await conn.execute(query) refresh_token_from_db = await cursor.fetchone() assert refresh_token_from_db is None
async def test_create_access_token(app: web.Application, database, get_user_data): user_data = get_user_data() app_authenticate = app['authenticate'] app_authorized = app[JWT_AUTH_APP] async with app['db'].acquire() as conn: # type: SAConnection user = await create_user(conn=conn, user_data=user_data) refresh_token = await create_refresh_token(conn=conn, user=user) user_data_token = to_user_data_token(user) token = await create_access_token( user_data_token=user_data_token, refresh_token=refresh_token, living_time=app_authenticate['living_time'], private_key=app_authenticate['private_key']) user_data_token_parsed = validate_token( token=token, public_key=app_authorized[JWT_PUBLIC_KEY], verify_exp=False) assert user_data_token_parsed.sub == user['id'] assert user_data_token_parsed.jti == refresh_token['id'] assert get_current_timestamp( ) + app_authenticate['living_time'] - user_data_token_parsed.exp < 2
def test_encode_token(private_key, public_key, faker): user_data_token = UserDataToken({ 'sub': faker.random_int(), 'jti': faker.word(), 'exp': faker.random_int() }) token = encode_token(user_data_token=user_data_token, private_key=private_key) encoded = validate_token(token=token, public_key=public_key, verify_exp=False) assert user_data_token.sub == encoded.sub assert user_data_token.jti == encoded.jti assert user_data_token.exp == encoded.exp