def generate_access_token(user_id: int, username: str) -> str: thirty_mins_from_now = generate_time_from_now(seconds=1800) payload = { 'user_id': user_id, 'username': username, 'exp': thirty_mins_from_now } return Authentication.generate_token(payload)
def test_cannot_verify_account_with_invalid_token(self) -> None: invalid_verification_token = Authentication.generate_token( {'email': EMAIL_TALEL}, 'invalidsecretkey') res = self.verify_account_request(invalid_verification_token) res_data = json.loads(res.data) assert res.status_code == 400 assert res_data['error']['message'] == 'Invalid verification token'
def test_cannot_verify_non_registered_account(self) -> None: unknown_verification_token = Authentication.generate_token( {'email': INVALID_EMAIL}) res = self.verify_account_request(unknown_verification_token) res_data = json.loads(res.data) assert res.status_code == 400 assert res_data['error'][ 'message'] == f"No registered account with the email '{INVALID_EMAIL}'"
def set_refresh_token(token_store: TokenStore, user_id: int, username: str) -> str: now = generate_time_from_now(seconds=0) payload = {'user_id': user_id, 'username': username, 'iat': now} refresh_token = Authentication.generate_token(payload) token_store.set_token(user_id, refresh_token) return refresh_token
def test_cannot_verify_already_verified_account(self) -> None: bianca_verification_token = Authentication.generate_token( {'email': EMAIL_BIANCA}) self.register_account_request(bianca_registration_data) self.verify_account_request(bianca_verification_token) res = self.verify_account_request(bianca_verification_token) res_data = json.loads(res.data) assert res.status_code == 400 assert res_data['error']['message'] == 'Account already verified'
def test_can_verify_account(self) -> None: talel_verification_token = Authentication.generate_token( {'email': EMAIL_TALEL}) res_account = self.register_account_request(talel_registration_data) res_account_data = json.loads(res_account.data) assert not res_account_data['verified'] res_verify = self.verify_account_request(talel_verification_token) res_verify_data = json.loads(res_verify.data) assert res_verify.status_code == 200 assert res_verify_data['verified']
def test_cannot_generate_new_access_token_for_user_with_no_stored_refresh_token( self) -> None: invalid_refresh_token = Authentication.generate_token({ 'user_id': INITIAL_USER_ID + 1986, 'username': USERNAME_TALEL }) res = self.new_access_token_request(invalid_refresh_token) res_data = json.loads(res.data) assert res.status_code == 401 assert res_data['error'][ 'message'] == 'No stored refresh token for user'
def generate_authorization_header(user_id: int = INITIAL_USER_ID, username: str = USERNAME_TALEL, access_token: Union[str, None] = None, no_token: bool = False, invalid_token: bool = False) -> Dict[str, str]: if not access_token: access_token = Authentication.generate_token({'user_id': user_id, 'username': username}) if no_token: authorization_header = {'Authorization': 'Bearer '} return authorization_header if invalid_token: authorization_header = {'Authorization': f'Bearer {access_token + "1986"}'} return authorization_header authorization_header = {'Authorization': f'Bearer {access_token}'} return authorization_header
def generate_verification_token(self) -> str: token = Authentication.generate_token({'email': self.email}) return token
def verify_account_helper(uow: FakeUnitOfWork, email: str = EMAIL_TALEL) -> None: verification_token = Authentication.generate_token({'email': email}) verify_account(uow, verification_token) # type: ignore