def test_encode_auth_tokens(self): user = UserModel(username='******', password='******') db.session.add(user) db.session.commit() access_token, refresh_token, refresh_token_id = user.encode_auth_tokens( user.username) self.assertTrue(isinstance(access_token, bytes)) self.assertTrue(isinstance(refresh_token, bytes)) self.assertTrue(isinstance(refresh_token_id, str))
def test_encode_access_token(self): username = '******' user = UserModel(username='******', password='******') db.session.add(user) db.session.commit() access_token = user.encode_access_token(username) self.assertTrue(isinstance(access_token, bytes)) payload = jwt.decode(access_token, key) self.assertTrue(payload.get('sub') == username)
def test_decode_refresh_token(self): user = UserModel(username='******', password='******') db.session.add(user) db.session.commit() access_token, refresh_token, refresh_token_id = user.encode_auth_tokens( user.username) self.assertTrue(isinstance(access_token, bytes)) self.assertTrue(isinstance(refresh_token, bytes)) self.assertTrue(isinstance(refresh_token_id, str)) response = UserModel.decode_refresh_token(refresh_token) self.assertTrue(isinstance(response, str))
def test_validate_token(self): user = UserModel(username='******', password='******') db.session.add(user) db.session.commit() _, refresh_token, _ = user.encode_auth_tokens(user.username) with mock.patch('authApi.api.utils.tokenutils.request') as mocked_request: mocked_request.headers = dict(Authorization='Bearer ' + refresh_token.decode()) @validate_token def a(): return 'test_function' result = a() self.assertTrue(result == 'test_function')
def test_change_password(self): user = UserModel(username='******', password='******') db.session.add(user) db.session.commit() self.assertTrue(user.check_password('Password2')) user.change_password('Password3') self.assertTrue(user.check_password('Password3')) self.assertTrue(user.updated_by == user.public_id) user.change_password('Password4', principal='SYSTEM') self.assertTrue(user.check_password('Password4')) self.assertTrue(user.updated_by == 'SYSTEM')
def post(self): token = get_token() try: payload = UserModel.decode_refresh_token(token) payload_dict = json.loads(payload) user = UserModel.query.filter_by( public_id=payload_dict.get('name')).first() access_token = user.encode_access_token(user.username) response_obj = dict(status='Success', message='Generated new access token', refresh_token_renewed=False, access_token=access_token.decode()) return make_response(jsonify(response_obj), 200) except ExpiredToken as e: payload = UserModel.decode_expired_token(token) payload_dict = json.loads(payload) user = UserModel.query.filter_by( public_id=payload_dict.get('name')).first() access_token, refresh_token, refresh_token_id = user.encode_auth_tokens( user.username) blacklisted_token = BlackListTokenModel( token_id=payload_dict.get('token_id')) user.token_id = refresh_token_id db.session.add(blacklisted_token) db.session.commit() response_obj = dict( status='Success', message='Generated new refresh and access tokens', refresh_token_renewed=True, access_token=access_token.decode(), refresh_token=refresh_token.decode()) return make_response(jsonify(response_obj), 200) except InvalidToken as err: blacklisted_token = create_blacklisted_token(err, token) db.session.add(blacklisted_token) db.session.commit() response_obj = dict(status='Fail', message=str(UnauthorizedAccess()), error=UnauthorizedAccess.__name__) return make_response(jsonify(response_obj), 403) except (BlacklistedToken, Exception) as err: error = None if isinstance(err, BlacklistedToken): error = BlacklistedToken.__name__ else: error = OtherError.__name__ response_obj = dict(status='Fail', message=str(err), error=error) return make_response(jsonify(response_obj), 500)
def test_decode_expired_token(self): user = UserModel(username='******', password='******') db.session.add(user) db.session.commit() _, refresh_token, refresh_token_id = user.encode_auth_tokens( user.username) self.assertTrue(isinstance(refresh_token, bytes)) payload = jwt.decode(refresh_token, key) payload['exp'] = datetime.datetime.utcnow() - datetime.timedelta( minutes=32) token = jwt.encode(payload, key, algorithm='HS256') response = UserModel.decode_expired_token(token) resp = json.loads(response) self.assertTrue(resp.get('name') == payload.get('sub')) self.assertTrue(resp.get('token_id') == payload.get('jti'))
def create_blacklisted_token(e, token): blacklisted_token = None if isinstance(e, ExpiredToken): payload = UserModel.decode_expired_token(token) payload_dict = json.loads(payload) blacklisted_token = BlackListTokenModel( token_id=payload_dict.get('token_id')) elif isinstance(e, InvalidToken): blacklisted_token = BlackListTokenModel(token=token) return blacklisted_token
def get(self): token = get_token() payload = UserModel.decode_refresh_token(token) payload_dict = json.loads(payload) user = UserModel.query.filter_by( public_id=payload_dict.get('name')).first() response_obj = dict(status='Success', data=dict(username=user.username, registered_on=user.registered_on, admin=user.admin, anonymous=user.anonymous)) return make_response(jsonify(response_obj), 200)
def post(self): json_object = request.get_json() user = UserModel.query.filter_by( username=json_object.get('username')).first() if user: response_obj = dict(status='Fail', message=str(UserAlreadyExist()), error=UserAlreadyExist.__name__) return make_response(jsonify(response_obj), 500) user = UserModel(username=json_object.get('username'), password=json_object.get('password')) if json_object.get('admin'): user.admin = json_object.get('admin') if json_object.get('anonymous'): user.anonymous = json_object.get('anonymous') access_token, refresh_token, refresh_token_id = user.encode_auth_tokens( user.username) user.token_id = refresh_token_id db.session.add(user) db.session.commit() response_obj = dict(status='Success', message='Successfully registered', access_token=access_token.decode(), refresh_token=refresh_token.decode()) return make_response(jsonify(response_obj), 201)
def test_registration_with_already_registered_user(self): user = UserModel( username='******', password='******' ) db.session.add(user) db.session.commit() with self.client: response = register_user(self, 'fmaketouser', '123456') data = json.loads(response.data.decode()) self.assertTrue(data.get('status') == 'Fail') self.assertTrue(data.get('message') == str(UserAlreadyExist())) self.assertTrue(data.get('error') == UserAlreadyExist.__name__) self.assertEqual(response.status_code, 500)
def post(self): token = get_token() payload = UserModel.decode_refresh_token(token) payload_dict = json.loads(payload) user = UserModel.query.filter_by( public_id=payload_dict.get('name')).first() blacklisted_token = BlackListTokenModel(token_id=user.token_id) user.token_id = '' if user.anonymous: db.session.delete(user) db.session.commit() response_obj = dict(status='Success', message='Successfully logged out') return make_response(jsonify(response_obj), 200)
def get(self): token = get_token() payload = UserModel.decode_refresh_token(token) payload_dict = json.loads(payload) if payload_dict.get('admin'): users = UserModel.query.all() users[:] = [(user.username, user.registered_on) for user in users] response_obj = dict(status='Success', message=users) return make_response(jsonify(response_obj), 200) else: response_obj = dict(status='Fail', message=str(UnauthorizedAccess()), error=UnauthorizedAccess.__name__) return make_response(jsonify(response_obj), 403)
def post(self): token = get_token() post_data = request.get_json() if any([ 'typeOfChange' not in post_data.keys(), 'message' not in post_data.keys() ]): response_obj = dict( status='Fail', message= 'You are missing either "typeOfChange" or "message" or both', error=OtherError.__name__) return make_response(jsonify(response_obj), 500) payload = UserModel.decode_refresh_token(token) payload_dict = json.loads(payload) user = UserModel.query.filter_by( public_id=payload_dict.get('name')).first() if post_data.get('typeOfChange') == 'password': user.change_password(post_data.get('message')) if post_data.get('typeOfChange') == 'username': user.change_username(post_data.get('message')) if post_data.get('typeOfChange') == 'both': user.change_password(post_data.get('message').get('password')) user.change_username(post_data.get('message').get('username')) blacklisted_token = BlackListTokenModel(token_id=user.token_id) user.token_id = '' db.session.add(blacklisted_token) db.session.commit() message = '' if post_data.get('typeOfChange') == 'password': message = 'Changed your password' if post_data.get('typeOfChange') == 'username': message = 'Changed your username' if post_data.get('typeOfChange') == 'both': message = 'Changed your username and password' response_obj = dict(status='Success', message=message) return make_response(jsonify(response_obj), 200)
def decorated(*args, **kwargs): token = get_token() try: payload = UserModel.decode_refresh_token(token) return func(*args, **kwargs) except (InvalidToken, ExpiredToken) as e: blacklisted_token = create_blacklisted_token(e, token) db.session.add(blacklisted_token) db.session.commit() response_obj = dict(status='Fail', message=str(UnauthorizedAccess()), error=UnauthorizedAccess.__name__) return make_response(jsonify(response_obj), 403) except (BlacklistedToken, Exception) as err: if isinstance(err, BlacklistedToken): response_obj = dict(status='Fail', message=str(BlacklistedToken()), error=BlacklistedToken.__name__) return make_response(jsonify(response_obj), 403) response_obj = dict(status='Fail', message=str(err), error=OtherError.__name__) return make_response(jsonify(response_obj), 500)
def test_check_password(self): user = UserModel(username='******', password='******') db.session.add(user) db.session.commit() self.assertTrue(user.check_password('Password2')) self.assertFalse(user.check_password('Pass23word'))