def test_token_auth(self): auth = SubscriberTokenAuth() with self.app.test_request_context(): self.assertFalse(auth.authorized([], None, 'GET')) token = generate_subscriber_token(self.subscriber) with self.app.test_request_context(headers={'Authorization': b'Bearer ' + token}): self.assertTrue(auth.authorized([], None, 'GET')) self.assertEqual(self.subscriber['_id'], g.get('user'))
def test_expired_token_auth(self): auth = SubscriberTokenAuth() with self.app.test_request_context(): token = generate_subscriber_token(self.subscriber, ttl_days=-1) with self.app.test_request_context(headers={'Authorization': b'Bearer ' + token}): self.assertFalse(auth.authorized([], None, 'GET'))