def make_redirect_for_user(user: models.UsersModel):
# Shoot the user a cookie with their JWT token, and redirect
headers = {
"Location": AFTER_AUTH_REDIRECT,
"Set-Cookie": tokens.get_jwt_cookie(user)
}
return {"statusCode": 302, "headers": headers}
def test_get_jwt_cookie():
group_id = "foobarbaz"
user = models_testlib.create_fake_user(group_id)
cookie = tokens.get_jwt_cookie(user)
assert cookie.startswith("token="), cookie
auth_cookie = cookies.SimpleCookie()
auth_cookie.load(cookie)
value = auth_cookie[shared.COOKIE_ATTR_NAME].value
decoded = tokens.jwt_decode(value)
assert decoded["group_id"] == user.group_id
assert decoded["user_id"] == user.user_id
def test_require_authorization():
group_id = "foobarbaz"
user = models_testlib.create_fake_user(group_id)
user.delete()
cookie = tokens.get_jwt_cookie(user)
fake_aws_events = {"headers": {"Cookie": cookie}}
# User not saved yet, so should fail to get
with pytest.raises(shared.AuthException):
tokens.require_authorization(fake_aws_events)
user.save()
tokens.require_authorization(fake_aws_events)
def test_user_get_noexist():
user1 = models_testlib.create_fake_users("fake_group1", 1)[0]
# Should return user info for self if path params are unset
results = lambdae.user.get_user_info(
{
"headers": {
"Cookie": tokens.get_jwt_cookie(user1)
},
"pathParameters": {
"id": "nonexistant"
}
}, {})
response = json.loads(results["body"])
assert results["statusCode"] == 404
assert not response["ok"]
assert "does not exist" in response["message"]
def test_user_get_self():
user1, user2 = models_testlib.create_fake_users("fake_group1", 2)
# Should return user info for self if path params are unset
results = lambdae.user.get_user_info(
{
"headers": {
"Cookie": tokens.get_jwt_cookie(user1)
},
"pathParameters": None # This is returned for no path params
},
{})
response = json.loads(results["body"])
assert results["statusCode"] == 200
assert response["ok"]
assert response["user_id"] == user1.user_id
assert response["username"] == user1.username
assert response["avatar"] == user1.avatar