def test_jwt_authenticate(self): with app.test_request_context(): user = UserFactory() db.session.add(user) db.session.commit() # Valid Authentication authenticated_user = jwt_authenticate(user.email, 'password') self.assertEqual(authenticated_user.email, user.email) # Invalid Authentication wrong_credential_user = jwt_authenticate(user.email, 'wrong_password') self.assertIsNone(wrong_credential_user)
def test_jwt_authenticate(self): """Check JWTHelper: authenticate""" with app.test_request_context(): mixer.init_app(app) user = mixer.blend(User) # Valid Authentication authenticated_user = jwt_authenticate(user.name, user.password) self.assertEqual(authenticated_user.name, user.name) # Invalid Authentication wrong_credential_user = jwt_authenticate(user.name, 'wrong_password') self.assertIsNone(wrong_credential_user)
def test_jwt_authenticate(self): """Method to test jwt authentication""" with self.app.test_request_context(): user = UserFactory() save_to_db(user) # Valid Authentication authenticated_user = jwt_authenticate(user.email, 'password') self.assertEqual(authenticated_user.email, user.email) # Invalid Authentication wrong_credential_user = jwt_authenticate(user.email, 'wrong_password') self.assertIsNone(wrong_credential_user)
def authenticate(allow_refresh_token=False, existing_identity=None): data = request.get_json() username = data.get('email', data.get('username')) password = data.get('password') criterion = [username, password] if not all(criterion): return jsonify(error='username or password missing'), 400 identity = jwt_authenticate(username, password) if not identity or (existing_identity and identity != existing_identity): # For fresh login, credentials should match existing user return jsonify(error='Invalid Credentials'), 401 remember_me = data.get('remember-me') include_in_response = data.get('include-in-response') add_refresh_token = allow_refresh_token and remember_me expiry_time = timedelta(minutes=90) if add_refresh_token else None access_token = create_access_token(identity.id, fresh=True, expires_delta=expiry_time) response_data = {'access_token': access_token} if add_refresh_token: refresh_token = create_refresh_token(identity.id) if include_in_response: response_data['refresh_token'] = refresh_token response = jsonify(response_data) if add_refresh_token and not include_in_response: set_refresh_cookies(response, refresh_token) return response
def login(): data = request.get_json() username = data.get('email', data.get('username')) password = data.get('password') criterion = [username, password] if not all(criterion): return jsonify(error='username or password missing'), 400 identity = jwt_authenticate(username, password) if identity: access_token = create_access_token(identity.id, fresh=True) return jsonify(access_token=access_token) else: return jsonify(error='Invalid Credentials'), 401