def test_logout_token_blacklisted(client, db):
    register_user(client)
    response = login_user(client)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    response = logout_user(client, access_token)
    assert response.status_code == HTTPStatus.OK
    response = logout_user(client, access_token)
    assert response.status_code == HTTPStatus.UNAUTHORIZED
    assert "message" in response.json and response.json["message"] == TOKEN_BLACKLISTED
    assert "WWW-Authenticate" in response.headers
    assert response.headers["WWW-Authenticate"] == WWW_AUTH_BLACKLISTED_TOKEN
def test_logout_auth_token_expired(client, db):
    register_user(client)
    response = login_user(client)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    time.sleep(6)
    response = logout_user(client, access_token)
    assert response.status_code == HTTPStatus.UNAUTHORIZED
    assert "message" in response.json and response.json["message"] == TOKEN_EXPIRED
    assert "WWW-Authenticate" in response.headers
    assert response.headers["WWW-Authenticate"] == WWW_AUTH_EXPIRED_TOKEN
def test_logout(client, db):
    register_user(client)
    response = login_user(client)
    assert "access_token" in response.json
    access_token = response.json["access_token"]
    blacklist = BlacklistedToken.query.all()
    assert len(blacklist) == 0
    response = logout_user(client, access_token)
    assert response.status_code == HTTPStatus.OK
    assert "status" in response.json and response.json["status"] == "success"
    assert "message" in response.json and response.json["message"] == SUCCESS
    blacklist = BlacklistedToken.query.all()
    assert len(blacklist) == 1
    assert access_token == blacklist[0].token
Пример #4
0
    def test_authlogout_valid_user_expired_token(self, client, db):
        """ AuthLogout endpoint should return 200 and message for user with valid token.  """
        user = dict(user_name="great_user",
                    email="*****@*****.**",
                    password="******")
        register_user(client, **user)
        response = login_user(client, **user)

        assert "access_token" in response.json
        access_token = response.json["access_token"]

        sleep(6)

        response = logout_user(client, access_token, **user)

        assert response.status_code == 401
Пример #5
0
    def test_authlogout_valid_user(self, client, db):
        """ AuthLogout endpoint should return 200 and message for user with valid token.  """
        user = dict(user_name="great_user",
                    email="*****@*****.**",
                    password="******")
        register_user(client, **user)
        response = login_user(client, **user)

        assert "access_token" in response.json
        access_token = response.json["access_token"]

        response = logout_user(client, access_token, **user)

        assert response.status_code == 200
        blacklist = BlacklistedTokens.query.all()
        assert len(blacklist) == 1
        assert access_token == blacklist[0].token