114 lines
3.5 KiB
Python
114 lines
3.5 KiB
Python
from fooder.utils.jwt import AccessToken, RefreshToken
|
|
|
|
|
|
async def test_create_token_returns_tokens(client, user, user_password):
|
|
response = await client.post(
|
|
"/api/token",
|
|
data={"username": user.username, "password": user_password},
|
|
)
|
|
assert response.status_code == 200
|
|
body = response.json()
|
|
assert "access_token" in body
|
|
assert "refresh_token" in body
|
|
assert body["token_type"] == "bearer"
|
|
|
|
|
|
async def test_create_token_access_token_is_valid(client, user, user_password):
|
|
response = await client.post(
|
|
"/api/token",
|
|
data={"username": user.username, "password": user_password},
|
|
)
|
|
token = AccessToken.decode(response.json()["access_token"])
|
|
assert token.sub == user.id
|
|
|
|
|
|
async def test_create_token_refresh_token_is_valid(client, user, user_password):
|
|
response = await client.post(
|
|
"/api/token",
|
|
data={"username": user.username, "password": user_password},
|
|
)
|
|
token = RefreshToken.decode(response.json()["refresh_token"])
|
|
assert token.sub == user.id
|
|
|
|
|
|
async def test_create_token_wrong_password(client, user):
|
|
response = await client.post(
|
|
"/api/token",
|
|
data={"username": user.username, "password": "wrong"},
|
|
)
|
|
assert response.status_code == 401
|
|
|
|
|
|
async def test_create_token_unknown_user(client):
|
|
response = await client.post(
|
|
"/api/token",
|
|
data={"username": "nobody", "password": "x"},
|
|
)
|
|
assert response.status_code == 401
|
|
|
|
|
|
async def test_refresh_token_returns_new_tokens(client, user, user_password):
|
|
response = await client.post(
|
|
"/api/token",
|
|
data={"username": user.username, "password": user_password},
|
|
)
|
|
refresh_token = response.json()["refresh_token"]
|
|
|
|
response = await client.post(
|
|
"/api/token/refresh", json={"refresh_token": refresh_token}
|
|
)
|
|
assert response.status_code == 200
|
|
body = response.json()
|
|
assert "access_token" in body
|
|
assert "refresh_token" in body
|
|
assert body["token_type"] == "bearer"
|
|
|
|
|
|
async def test_refresh_token_access_token_is_valid(client, user, user_password):
|
|
response = await client.post(
|
|
"/api/token",
|
|
data={"username": user.username, "password": user_password},
|
|
)
|
|
refresh_token = response.json()["refresh_token"]
|
|
|
|
response = await client.post(
|
|
"/api/token/refresh", json={"refresh_token": refresh_token}
|
|
)
|
|
token = AccessToken.decode(response.json()["access_token"])
|
|
assert token.sub == user.id
|
|
|
|
|
|
async def test_refresh_token_refresh_token_is_valid(client, user, user_password):
|
|
response = await client.post(
|
|
"/api/token",
|
|
data={"username": user.username, "password": user_password},
|
|
)
|
|
refresh_token = response.json()["refresh_token"]
|
|
|
|
response = await client.post(
|
|
"/api/token/refresh", json={"refresh_token": refresh_token}
|
|
)
|
|
token = RefreshToken.decode(response.json()["refresh_token"])
|
|
assert token.sub == user.id
|
|
|
|
|
|
async def test_refresh_token_invalid_returns_401(client):
|
|
response = await client.post(
|
|
"/api/token/refresh", json={"refresh_token": "bad-token"}
|
|
)
|
|
assert response.status_code == 401
|
|
|
|
|
|
async def test_refresh_token_access_token_as_refresh_returns_401(
|
|
client, user, user_password
|
|
):
|
|
response = await client.post(
|
|
"/api/token",
|
|
data={"username": user.username, "password": user_password},
|
|
)
|
|
access_token = response.json()["access_token"]
|
|
|
|
response = await client.post(
|
|
"/api/token/refresh", json={"refresh_token": access_token}
|
|
)
|
|
assert response.status_code == 401
|