29 lines
1.3 KiB
Python
29 lines
1.3 KiB
Python
from flask_jwt_extended import create_access_token, decode_token
|
|
from app.model import Roles
|
|
from .conftest import MOCK_USER_1, MOCK_ADMIN_USER, assert_200, assert_in, assert_equal, assert_response_json_equal, assert_401
|
|
|
|
|
|
def test_access_token(client):
|
|
good_token = create_access_token(MOCK_ADMIN_USER)
|
|
url = '/api/admin/ajax/access_token'
|
|
|
|
# We should get a token for an applicant user if we call this endpoint
|
|
headers = {'Auth-Token': f'Bearer {good_token}'}
|
|
resp = client.get(url, headers=headers, data={'user_id': MOCK_USER_1.user_id})
|
|
assert_200(resp)
|
|
assert_in('access_token', resp.json)
|
|
retrieved_token = resp.json['access_token']
|
|
decoded = decode_token(retrieved_token)
|
|
assert_equal(decoded['roles'], Roles.APPLICANT)
|
|
|
|
# This token should work for applicant endpoints...
|
|
resp = client.post('/api/auth/ajax/test_access_token', headers={'Auth-Token': f'Bearer {retrieved_token}'})
|
|
assert_200(resp)
|
|
assert_response_json_equal(resp, {'user_id': MOCK_USER_1.user_id})
|
|
|
|
# if we revoke the token, things should fail
|
|
resp = client.delete(url, headers=headers, data={'access_token': retrieved_token})
|
|
assert_200(resp)
|
|
resp = client.post('/api/auth/ajax/test_access_token', headers={'Auth-Token': f'Bearer {retrieved_token}'})
|
|
assert_401(resp)
|