def test_token_with_max_age_override(self):
token = create_token(self.user)
user = ModelBackend().authenticate(request=None,
sesame=token,
max_age=-300)
self.assertIsNone(user)
self.assertLogsContain("Expired token")
def test_inactive_user(self):
self.user.is_active = False
self.user.save()
token = create_token(self.user)
user = ModelBackend().authenticate(request=None, sesame=token)
self.assertIsNone(user)
self.assertLogsContain("Unknown or inactive user")
def test_scoped_token(self):
token = create_token(self.user, scope="test")
user = ModelBackend().authenticate(request=None,
sesame=token,
scope="test")
self.assertEqual(user, self.user)
self.assertLogsContain("Valid token for user john in scope test")
def show_form(request):
form = SignInForm(request.POST or None)
template = "accounts/form_signin.html"
if form.is_valid():
username = form.cleaned_data["username"]
user, _ = User.objects.get_or_create(username=username)
if user.is_staff:
raise PermissionDenied
token = create_token(user)
# Send token by email or phone, dependent on !
reverse("accounts:token", kwargs={"token": token})
return render(request, "accounts/form_token.html", {"token": token})
return render(request, template, {"form": form})
def test_bad_token(client):
client.get(f"/a/badtoken")
# And a token that is valid but for a user that does not exist
user = User(id=1, username="******")
token = create_token(user)
client.get(f"/a/{token}")
def test_token(self):
token = create_token(self.user)
user = ModelBackend().authenticate(request=None, sesame=token)
self.assertEqual(user, self.user)
self.assertLogsContain("Valid token for user john in default scope")
def test_parse_token_force_v1(self):
with override_settings(SESAME_TOKENS=["sesame.tokens_v2"]):
token = create_token(self.user)
user = parse_token(token, self.get_user)
self.assertEqual(user, None)
self.assertLogsContain("Bad token: doesn't match a supported format")
def test_parse_token_accepts_v1(self):
with override_settings(SESAME_TOKENS=["sesame.tokens_v1"]):
token = create_token(self.user)
user = parse_token(token, self.get_user)
self.assertEqual(user, self.user)
self.assertLogsContain("Valid token for user john")
def test_parse_token_accepts_v2(self):
token = create_token(self.user)
user = parse_token(token, self.get_user)
self.assertEqual(user, self.user)
self.assertLogsContain("Valid token for user john")
def test_create_token_use_first_choice(self):
token = create_token(self.user)
self.assertTrue(tokens_v1.detect_token(token))
self.assertFalse(tokens_v2.detect_token(token))
def test_create_token_force_v1(self):
token = create_token(self.user)
self.assertTrue(tokens_v1.detect_token(token))
self.assertFalse(tokens_v2.detect_token(token))
