def test_deprecation_warning(self): graphene_settings.MIDDLEWARE = [] with warnings.catch_warnings(record=True) as warning_list: JSONWebTokenMiddleware() self.assertTrue(warning_list) graphene_settings.MIDDLEWARE = [JSONWebTokenMiddleware]
def jwt_middleware(get_response): """Authenticate user using JSONWebTokenMiddleware ignoring the session-based authentication. This middleware resets authentication made by any previous middlewares and authenticates the user with graphql_jwt.middleware.JSONWebTokenMiddleware. """ jwt_middleware = JSONWebTokenMiddleware(get_response=get_response) def middleware(request): if request.path == reverse('api'): # clear user authenticated by AuthenticationMiddleware request._cached_user = AnonymousUser() request.user = AnonymousUser() # authenticate using JWT middleware jwt_middleware.process_request(request) return get_response(request) return middleware
def jwt_middleware(get_response): """Authenticate a user using JWT and ignore the session-based authentication. This middleware resets authentication made by any previous middlewares and authenticates the user with graphql_jwt.middleware.JSONWebTokenMiddleware. """ # Disable warnings for django-graphene-jwt graphene_settings.MIDDLEWARE.append(JSONWebTokenMiddleware) jwt_middleware_inst = JSONWebTokenMiddleware(get_response=get_response) graphene_settings.MIDDLEWARE.remove(JSONWebTokenMiddleware) def middleware(request): if request.path == reverse("api"): # clear user authenticated by AuthenticationMiddleware request._cached_user = AnonymousUser() request.user = AnonymousUser() # authenticate using JWT middleware jwt_middleware_inst.process_request(request) return get_response(request) return middleware
def setUp(self): super(MiddlewareTests, self).setUp() self.get_response_mock = mock.Mock(return_value=JsonResponse({})) self.middleware = JSONWebTokenMiddleware(self.get_response_mock)
def setUp(self): super().setUp() self.middleware = JSONWebTokenMiddleware()
class AuthenticateByHeaderTests(TestCase): def setUp(self): super().setUp() self.middleware = JSONWebTokenMiddleware() @override_jwt_settings(JWT_ALLOW_ANY_HANDLER=lambda *args: False) def test_authenticate(self): headers = { jwt_settings.JWT_AUTH_HEADER_NAME: '{0} {1}'.format( jwt_settings.JWT_AUTH_HEADER_PREFIX, self.token, ), } next_mock = mock.Mock() info_mock = self.info(AnonymousUser(), **headers) self.middleware.resolve(next_mock, None, info_mock) next_mock.assert_called_with(None, info_mock) self.assertEqual(info_mock.context.user, self.user) @override_jwt_settings(JWT_ALLOW_ANY_HANDLER=lambda *args: False) @mock.patch('graphql_jwt.middleware.authenticate', return_value=None) def test_not_authenticate(self, authenticate_mock): headers = { jwt_settings.JWT_AUTH_HEADER_NAME: '{0} {1}'.format( jwt_settings.JWT_AUTH_HEADER_PREFIX, self.token, ), } next_mock = mock.Mock() info_mock = self.info(AnonymousUser(), **headers) self.middleware.resolve(next_mock, None, info_mock) next_mock.assert_called_with(None, info_mock) authenticate_mock.assert_called_with(request=info_mock.context) self.assertIsInstance(info_mock.context.user, AnonymousUser) @override_jwt_settings(JWT_ALLOW_ANY_HANDLER=lambda *args: False) def test_invalid_token(self): headers = { jwt_settings.JWT_AUTH_HEADER_NAME: '{} invalid'.format( jwt_settings.JWT_AUTH_HEADER_PREFIX, ), } next_mock = mock.Mock() info_mock = self.info(AnonymousUser(), **headers) with self.assertRaises(JSONWebTokenError): self.middleware.resolve(next_mock, None, info_mock) next_mock.assert_not_called() @override_jwt_settings(JWT_ALLOW_ANY_HANDLER=lambda *args: False) @mock.patch('graphql_jwt.middleware.authenticate') def test_already_authenticated(self, authenticate_mock): headers = { jwt_settings.JWT_AUTH_HEADER_NAME: '{0} {1}'.format( jwt_settings.JWT_AUTH_HEADER_PREFIX, self.token, ), } next_mock = mock.Mock() info_mock = self.info(self.user, **headers) self.middleware.resolve(next_mock, None, info_mock) next_mock.assert_called_with(None, info_mock) authenticate_mock.assert_not_called() @override_jwt_settings(JWT_ALLOW_ANY_HANDLER=lambda *args: True) def test_allow_any(self): headers = { jwt_settings.JWT_AUTH_HEADER_NAME: '{0} {1}'.format( jwt_settings.JWT_AUTH_HEADER_PREFIX, self.token, ), } next_mock = mock.Mock() info_mock = self.info(AnonymousUser(), **headers) self.middleware.resolve(next_mock, None, info_mock) next_mock.assert_called_with(None, info_mock) self.assertIsInstance(info_mock.context.user, AnonymousUser) def test_authenticate_context(self): info_mock = self.info() self.middleware.cached_allow_any.add('test') authenticate_context = self.middleware.authenticate_context(info_mock) self.assertFalse(authenticate_context)
class AuthenticateByArgumentTests(TestCase): @override_jwt_settings(JWT_ALLOW_ARGUMENT=True) def setUp(self): super().setUp() self.middleware = JSONWebTokenMiddleware() @override_jwt_settings( JWT_ALLOW_ARGUMENT=True, JWT_ALLOW_ANY_HANDLER=lambda *args, **kwargs: False) def test_authenticate(self): kwargs = { jwt_settings.JWT_ARGUMENT_NAME: self.token, } next_mock = mock.Mock() info_mock = self.info(AnonymousUser()) self.middleware.resolve(next_mock, None, info_mock, **kwargs) next_mock.assert_called_with(None, info_mock, **kwargs) self.assertEqual(info_mock.context.user, self.user) user = self.middleware.cached_authentication[tuple(info_mock.path)] self.assertEqual(user, self.user) @override_jwt_settings( JWT_ALLOW_ARGUMENT=True, JWT_ALLOW_ANY_HANDLER=lambda *args, **kwargs: False) def test_authenticate_parent(self): next_mock = mock.Mock() info_mock = self.info(AnonymousUser()) info_mock.path = ['0', '1'] self.middleware.cached_authentication.insert(['0'], self.user) self.middleware.resolve(next_mock, None, info_mock) next_mock.assert_called_with(None, info_mock) self.assertEqual(info_mock.context.user, self.user) @override_jwt_settings( JWT_ALLOW_ARGUMENT=True, JWT_ALLOW_ANY_HANDLER=lambda *args, **kwargs: False) def test_clear_authentication(self): next_mock = mock.Mock() info_mock = self.info(self.user) self.middleware.resolve(next_mock, None, info_mock) next_mock.assert_called_with(None, info_mock) self.assertIsInstance(info_mock.context.user, AnonymousUser) @override_jwt_settings( JWT_ALLOW_ARGUMENT=True, JWT_ALLOW_ANY_HANDLER=lambda *args, **kwargs: False) def test_clear_session_authentication(self): next_mock = mock.Mock() info_mock = self.info(self.user) info_mock.context.session = self.client.session self.middleware.resolve(next_mock, None, info_mock) next_mock.assert_called_with(None, info_mock) self.assertIsInstance(info_mock.context.user, AnonymousUser) @override_jwt_settings( JWT_ALLOW_ARGUMENT=True, JWT_ALLOW_ANY_HANDLER=lambda *args, **kwargs: False) def test_context_has_not_attr_user(self): next_mock = mock.Mock() info_mock = self.info() self.middleware.resolve(next_mock, None, info_mock) next_mock.assert_called_with(None, info_mock) self.assertFalse(hasattr(info_mock.context, 'user'))
def setUp(self): super(AuthenticateByHeaderTests, self).setUp() self.middleware = JSONWebTokenMiddleware()