def test_remove_expired_tokens(self, monkeypatch: MonkeyPatch) -> None: auth_settings = get_auth_settings() def real_get_epoch() -> int: return timegm( datetime.utcnow().utctimetuple()) # seconds since epoch assert abs(get_epoch() - real_get_epoch()) <= 1 def refresh_not_expired_epoch() -> int: return real_get_epoch( ) + auth_settings.refresh_token_expire_seconds - 100 def refresh_expired_epoch() -> int: return real_get_epoch( ) + auth_settings.refresh_token_expire_seconds + 100 with context_session() as session: assert len(session.query(RefreshToken).all()) == 3 assert remove_expired_tokens(db=session) == 0 assert len(session.query(RefreshToken).all()) == 3 monkeypatch.setattr(fastapi_auth.auth_app, "get_epoch", refresh_not_expired_epoch) assert remove_expired_tokens(db=session) == 0 assert len(session.query(RefreshToken).all()) == 3 monkeypatch.setattr(fastapi_auth.auth_app, "get_epoch", refresh_expired_epoch) assert remove_expired_tokens(db=session) == 3 assert len(session.query(RefreshToken).all()) == 0
def test_session_rollback(debug_auth_app: FastAPI) -> None: debug_client = TestClient(debug_auth_app) rollback_endpoint = "/session_rollback" non_rollback_endpoint = "/non_session_rollback" class Sentinel(Exception): pass @debug_auth_app.get(rollback_endpoint) def session_rollback(db: Session = Depends(get_db)) -> NoReturn: user = User(username="******", hashed_password="******") db.add(user) raise Sentinel @debug_auth_app.get(non_rollback_endpoint) def session_non_rollback(db: Session = Depends(get_db)) -> None: user = User(username="******", hashed_password="******", is_superuser=False) db.add(user) db.commit() with context_session() as sess: original_n_users = len(sess.query(User).all()) with pytest.raises(Sentinel): debug_client.get(rollback_endpoint) assert len(sess.query(User).all()) == original_n_users debug_client.get(non_rollback_endpoint) assert len(sess.query(User).all()) == original_n_users + 1
def test_sqlalchemy_logging(json_model: "Type[JsonModel]", caplog: LogCaptureFixture) -> None: with context_session() as db: json_value = {"hello": "world"} instance = json_model(json=json_value) db.add(instance) assert len(caplog.record_tuples) == 0 db.commit() assert len(caplog.record_tuples) == 4 db.refresh(instance) assert len(caplog.record_tuples) == 7 for name, level, _message in caplog.record_tuples: assert name == "sqlalchemy.engine.base.Engine" assert level == logging.INFO id1_str = "".join(str(instance.id1).split("-")) id2_str = "".join(str(instance.id2).split("-")) assert [x[2] for x in caplog.record_tuples] == [ "BEGIN (implicit)", "INSERT INTO json_model (id1, id2, json) VALUES (?, ?, ?)", "('" + f"{id1_str}', '{id2_str}" + '\', \'{"hello": "world"}\')', "COMMIT", "BEGIN (implicit)", "SELECT json_model.id1 AS json_model_id1, json_model.id2 AS json_model_id2, " "json_model.json AS json_model_json, json_model.created_at AS " "json_model_created_at, json_model.updated_at AS json_model_updated_at \n" "FROM json_model \nWHERE json_model.id1 = ? AND json_model.id2 = ?", f"('{id1_str}', '{id2_str}')", ]
def test_raise_integrity_error_rollback(json_model: "Type[JsonModel]", raise_error: bool, n_created: int) -> None: with context_session() as db: json_value = {"hello": "world"} n_instances = len(db.query(json_model).all()) instance = json_model(json=json_value) db.add(instance) if raise_error: with pytest.raises(HTTPException) as exc_info: raise_integrity_error(db) assert exc_info.value.status_code == HTTP_409_CONFLICT db.commit() assert len(db.query(json_model).all()) == n_instances + n_created
def test_create_user(self, admin_access_headers: Dict[str, str], non_admin_access_headers: Dict[str, str], registered_user: AuthUser) -> None: user_create_request_1 = UserCreateRequest(username=username1, password=password1) create_user_url = self.debug_auth_app.url_path_for( AdminAuthEndpointName.create_user) body_json = jsonable_encoder(user_create_request_1) message = self.request("POST", create_user_url, APIMessage, HTTP_401_UNAUTHORIZED, json=body_json) assert message.detail == "Not authenticated" message = self.request("POST", create_user_url, APIMessage, HTTP_403_FORBIDDEN, json=body_json, headers=non_admin_access_headers) assert message.detail == "Insufficient permissions" user_create_request_2 = UserCreateRequest(username=username3, password=password3, email=email3) body_json = jsonable_encoder(user_create_request_2) created_user_model = self.request("POST", create_user_url, AuthUser, json=body_json, headers=admin_access_headers) assert created_user_model.username == username3 assert created_user_model.email == email3 with context_session() as session: created_user: User = session.query(User).get( created_user_model.user_id) assert created_user is not None assert not created_user.is_superuser assert created_user.email == email3
def setup_first_superuser(self, engine: sa.engine.Engine, **extra_create_kwargs: Any) -> None: settings = self.settings username = settings.first_superuser password = RawPassword(settings.first_superuser_password ) if settings.first_superuser_password else None assert username, f"Invalid superuser username: {username}" assert password, f"Invalid superuser password: {password}" user_create = self.create_request_type(username=username, password=password, **extra_create_kwargs) with context_session(engine) as session: try: self.create_user(db=session, user_create_request=user_create, is_superuser=True) logger.info("First superuser created.") except IntegrityError: session.rollback() logger.info("First superuser already exists.")
def remove_expired_tokens_task() -> None: # pragma: no cover with context_session() as db: remove_expired_tokens(db=db)