def test_users_immortal_tokens_stay_immortal_when_OVERWRITE_NONE_TTL_setting_is_False(
            self):
        hash = TOKENS_CACHE.get(self.user.pk)[0]
        MultiToken.reset_tokens_ttl(self.user.pk)

        self.assertIsNone(TOKENS_CACHE.ttl(self.user.pk))
        self.assertIsNone(TOKENS_CACHE.ttl(hash))
    def test_other_users_tokens_are_not_affected(self):
        second_user = create_test_user('tester2')
        second_token, _ = MultiToken.create_token(second_user)
        MultiToken.expire_token(self.token)

        self.assertIsNotNone(TOKENS_CACHE.get(second_user.pk))
        self.assertIsNotNone(
            TOKENS_CACHE.get(parse_full_token(second_token.key)[1]))
    def test_immortal_tokens_stay_immortal_when_user_provided_timeout_is_None(
            self):
        hash = TOKENS_CACHE.get(self.user.pk)[0]
        self.assertIsNone(TOKENS_CACHE.ttl(self.user.pk))
        self.assertIsNone(TOKENS_CACHE.ttl(hash))
        MultiToken.reset_tokens_ttl(self.user.pk)

        self.assertIsNone(TOKENS_CACHE.ttl(self.user.pk))
        self.assertIsNone(TOKENS_CACHE.ttl(hash))
    def test_users_immortal_tokens_get_limited_ttl_when_OVERWRITE_NONE_TTL_setting_is_True(
            self):
        hash = TOKENS_CACHE.get(self.user.pk)[0]
        self.assertIsNone(TOKENS_CACHE.ttl(self.user.pk))
        self.assertIsNone(TOKENS_CACHE.ttl(hash))

        MultiToken.reset_tokens_ttl(self.user.pk)
        self.assertIsNotNone(TOKENS_CACHE.ttl(self.user.pk))
        self.assertIsNotNone(TOKENS_CACHE.ttl(hash))
    def test_other_users_tokens_are_not_affected(self):
        second_user = create_test_user('tester2')
        second_token, _ = MultiToken.create_token(second_user)
        import time
        time.sleep(1)
        MultiToken.reset_tokens_ttl(self.user.pk)

        self.assertEqual(TOKENS_CACHE.ttl(self.user.pk), 1000)
        self.assertNotEqual(TOKENS_CACHE.ttl(second_user.pk), 1000)
        hash = TOKENS_CACHE.get(second_user.pk)[0]
        self.assertNotEqual(hash, 1000)
    def test_token_with_ttl_becomes_immortal_when_user_changes_timeout_to_None(
            self, mocked_settings):
        hash = TOKENS_CACHE.get(self.user.pk)[0]
        TOKENS_CACHE.expire(self.user.pk, 1000)
        TOKENS_CACHE.expire(TOKENS_CACHE.ttl(hash), 1000)

        settings = MockedSettings(timeout=None)
        mocked_settings.CACHES.__getitem__.return_value = settings.CACHES[
            'default']
        MultiToken.reset_tokens_ttl(self.user.pk)

        self.assertIsNone(TOKENS_CACHE.ttl(self.user.pk))
        self.assertIsNone(TOKENS_CACHE.ttl(hash))
    def test_token_is_removed_from_redis_when_user_has_multiple_tokens(self):
        second_token, first_device = MultiToken.create_token(self.user)
        MultiToken.expire_token(self.token)

        self.assertEqual(len(TOKENS_CACHE.get(self.user.pk)), 1)
        _, hash = parse_full_token(self.token.key)
        self.assertIsNone(TOKENS_CACHE.get(hash))

        self.assertEqual(
            TOKENS_CACHE.get(self.user.pk)[0],
            parse_full_token(second_token.key)[1])
        self.assertIsNotNone(
            TOKENS_CACHE.get(parse_full_token(second_token.key)[1]))
    def test_token_with_ttl_gets_new_ttl_when_user_changes_timeout_to_2000(
            self, mocked_settings):
        hash = TOKENS_CACHE.get(self.user.pk)[0]
        TOKENS_CACHE.expire(self.user.pk, 1000)
        TOKENS_CACHE.expire(TOKENS_CACHE.ttl(hash), 1000)

        settings = MockedSettings(timeout=2000)
        mocked_settings.CACHES.__getitem__.return_value = settings.CACHES[
            'default']
        MultiToken.reset_tokens_ttl(self.user.pk)

        self.assertEqual(TOKENS_CACHE.ttl(self.user.pk), 2000)
        self.assertEqual(TOKENS_CACHE.ttl(hash), 2000)
示例#9
0
 def post(self, request):
     try:
         _username = request._json_body['phoneNo']
         _password = request._json_body['password']
     except KeyError as e:
         raise Response(str(e) + ' is required in request body.', 400)
     _user = User.objects.get(phoneNo=_username)
     if not _user:
         raise Response('username or password seems incorrect.')
     if not _user.check_password(_password):
         locked_response = Response(
             {
                 "error": {
                     "message": "Account Locked.",
                     "code": -1
                 },
                 "statusCode": 400,
             },
             400,
         )
         return locked_response
     token, _ = MultiToken.create_token(_user)
     response_data = {
         'loggedInAlready': _,
         'token': token.key,
     }
     return Response(response_data)
示例#10
0
    def authenticate_credentials(self, key):
        try:
            user = MultiToken.get_user_from_token(key)
            if user._type == 'DOC':
                user.lastseen = time.time()
                user.save()
            if settings.DJFORGE_REDIS_MULTITOKENS.get(
                    'RESET_TOKEN_TTL_ON_USER_LOG_IN'):
                MultiToken.reset_tokens_ttl(user.pk)

        except get_user_model().DoesNotExist:
            raise exceptions.AuthenticationFailed('Invalid token.')

        if not user.is_active:
            raise exceptions.AuthenticationFailed('User inactive or deleted.')

        return (user, MultiToken(key, user))
示例#11
0
 def post(self, request):
     body = request._json_body
     u = User.objects.get(phoneNo=body['phoneNo'])
     if str(u.otp) != str(body['otp']):
         return Response({'error': 'otp not valid'}, 400)
     u.status = 2
     u.save()
     token, _ = MultiToken.create_token(u)
     return Response({'token': token.key})
    def test_second_hash_is_saved_in_redis_alongside_the_first_one(self):
        first_hash = TOKENS_CACHE.get(self.user.pk)[0]
        second_token, first_device = MultiToken.create_token(self.user)
        second_hash = TOKENS_CACHE.get(self.user.pk)[1]

        self.assertEqual(len(TOKENS_CACHE.get(self.user.pk)), 2)
        self.assertIn(first_hash, TOKENS_CACHE.get(self.user.pk))
        self.assertIn(second_hash, TOKENS_CACHE.get(self.user.pk))
        self.assertIsNotNone(TOKENS_CACHE.get(first_hash))
        self.assertIsNotNone(TOKENS_CACHE.get(second_hash))
    def test_correct_ttl_is_set_for_renewed_tokens(self):
        hash = TOKENS_CACHE.get(self.user.pk)[0]
        MultiToken.reset_tokens_ttl(self.user.pk)

        self.assertAlmostEquals(TOKENS_CACHE.ttl(self.user.pk), 1000)
        self.assertAlmostEquals(TOKENS_CACHE.ttl(hash), 1000)
 def setUp(self):
     TOKENS_CACHE.clear()
     self.user = create_test_user()
     self.token, self.first_device = MultiToken.create_token(self.user)
 def test_token_ttl_is_correct_when_user_provides_cache_db_timeout_parameter(
         self):
     MultiToken._set_key_value('key', 'value')
     self.assertIsNotNone(TOKENS_CACHE.ttl('key'))
     self.assertAlmostEquals(TOKENS_CACHE.ttl('key'), 1000)
 def test_token_is_removed_from_redis_when_user_has_only_one_token(self):
     self.assertIsNone(MultiToken.expire_token(self.token))
     self.assertEqual(len(TOKENS_CACHE.get(self.user.pk)), 0)
     _, hash = parse_full_token(self.token.key)
     self.assertIsNone(TOKENS_CACHE.get(hash))
 def test_correct_user_is_found_for_correct_token(self):
     user = MultiToken.get_user_from_token(self.token.key)
     self.assertEqual(user.pk, self.user.pk)
 def test_second_token_for_user_is_flagged_correctly_as_not_the_first_device_getting_a_token(
         self):
     second_token, first_device = MultiToken.create_token(self.user)
     self.assertFalse(first_device)
 def test_default_timeout_for_cache_db_is_used_when_timeout_is_not_provided_provided(
         self):
     MultiToken._set_key_value('key', 'value')
     self.assertIsNone(TOKENS_CACHE.ttl('key'))