web/flask-home-vod
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add Media-Token beside access token

Browse source 
Media-Token can be used only to access the content, but unable to modify user data
This commit is contained in:
Gergely Hegedus 2023-03-27 19:07:29 +03:00
parent 0a71a6c840
commit 1f06c40c4c
31 changed files with 516 additions and 762 deletions
Download patch file Download diff file Expand all files Collapse all files

74
server/flask/application/test/test_create_registration_token.py
View file

@ -2,7 +2,7 @@ import os
import unittest
import unittest.mock
import json
from .context import create_app, default_test_config
from .context import create_app, default_test_config, create_test_session
from backend.data import db
from backend.data import dao_users
from backend.data import dao_registration_tokens
@ -60,13 +60,7 @@ class CreateRegistrationTokenUnitTest(unittest.TestCase):
@unittest.mock.patch('time.time', return_value=1000)
def test_expired_access_token_headers_returns_unauthorized(self, mock_time):
session = Session(
user_id=2,
access_token='token',
refresh_token='',
access_expires_at=950,
refresh_expires_at=1050,
)
session = create_test_session(user_id=2, access_token='token', access_expires_at=1, refresh_expires_at=2000)
self.insert_session(session)
expected = {'message':'Invalid Authorization!','code':441}
@ -79,13 +73,7 @@ class CreateRegistrationTokenUnitTest(unittest.TestCase):
@unittest.mock.patch('time.time', return_value=1000)
def test_sending_non_saved_user_error_is_shown(self, mock_time):
session = Session(
user_id=2,
access_token='token',
refresh_token='',
access_expires_at=1050,
refresh_expires_at=2000
)
session = create_test_session(user_id=2, access_token='token', access_expires_at=1050, refresh_expires_at=2000)
self.insert_session(session)
expected = {'message':'Invalid Authorization!','code':442}
@ -104,13 +92,7 @@ class CreateRegistrationTokenUnitTest(unittest.TestCase):
otp_secret = 'base32secret3232'
)
user_id = self.insert_user(user)
session = Session(
user_id=user_id,
access_token='token',
refresh_token='',
access_expires_at=1050,
refresh_expires_at=2000
)
session = create_test_session(user_id=user_id, access_token='token', access_expires_at=1050, refresh_expires_at=2000)
self.insert_session(session)
expected = {'message':'Invalid Token!','code':431}
@ -129,13 +111,7 @@ class CreateRegistrationTokenUnitTest(unittest.TestCase):
otp_secret = 'base32secret3232'
)
user_id = self.insert_user(user)
session = Session(
user_id=user_id,
access_token='token',
refresh_token='',
access_expires_at=1050,
refresh_expires_at=2000
)
session = create_test_session(user_id=user_id, access_token='token', access_expires_at=1050, refresh_expires_at=2000)
self.insert_session(session)
expected = {'message':'Invalid Token!','code':431}
@ -155,13 +131,7 @@ class CreateRegistrationTokenUnitTest(unittest.TestCase):
otp_secret = 'base32secret3232'
)
user_id = self.insert_user(user)
session = Session(
user_id=user_id,
access_token='token',
refresh_token='',
access_expires_at=1050,
refresh_expires_at=2000
)
session = create_test_session(user_id=user_id, access_token='token', access_expires_at=1050, refresh_expires_at=2000)
self.insert_session(session)
correct_code = 585501 #for 1000 and base32secret3232
expected = {'message':'Not Authorized!','code':460}
@ -183,13 +153,7 @@ class CreateRegistrationTokenUnitTest(unittest.TestCase):
privileged = True
)
user_id = self.insert_user(user)
session = Session(
user_id=user_id,
access_token='token',
refresh_token='',
access_expires_at=1050,
refresh_expires_at=2000
)
session = create_test_session(user_id=user_id, access_token='token', access_expires_at=1050, refresh_expires_at=2000)
self.insert_session(session)
correct_code = 585501 #for 1000 and base32secret3232
expected = {'message':'Invalid Registration Token given!','code':460}
@ -211,13 +175,7 @@ class CreateRegistrationTokenUnitTest(unittest.TestCase):
privileged = True
)
user_id = self.insert_user(user)
session = Session(
user_id=user_id,
access_token='token',
refresh_token='',
access_expires_at=1050,
refresh_expires_at=2000
)
session = create_test_session(user_id=user_id, access_token='token', access_expires_at=1050, refresh_expires_at=2000)
self.insert_session(session)
correct_code = 585501 #for 1000 and base32secret3232
expected = {'message':'Invalid Registration Token given!','code':460}
@ -241,13 +199,7 @@ class CreateRegistrationTokenUnitTest(unittest.TestCase):
privileged = True
)
user_id = self.insert_user(user)
session = Session(
user_id=user_id,
access_token='token',
refresh_token='',
access_expires_at=1050,
refresh_expires_at=2000
)
session = create_test_session(user_id=user_id, access_token='token', access_expires_at=1050, refresh_expires_at=2000)
self.insert_session(session)
correct_code = 585501 #for 1000 and base32secret3232
expected = {'message':'Registration token Saved!','code':205}
@ -270,13 +222,7 @@ class CreateRegistrationTokenUnitTest(unittest.TestCase):
privileged = True
)
user_id = self.insert_user(user)
session = Session(
user_id=user_id,
access_token='token',
refresh_token='',
access_expires_at=1050,
refresh_expires_at=2000
)
session = create_test_session(user_id=user_id, access_token='token', access_expires_at=1050, refresh_expires_at=2000)
self.insert_session(session)
correct_code = 585501 #for 1000 and base32secret3232
data = {'registration_token': '123456', 'otp': correct_code}