web/flask-home-vod
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add Media-Token beside access token

Browse source 
Media-Token can be used only to access the content, but unable to modify user data
This commit is contained in:
Gergely Hegedus 2023-03-27 19:07:29 +03:00
parent 0a71a6c840
commit 1f06c40c4c
31 changed files with 516 additions and 762 deletions
Download patch file Download diff file Expand all files Collapse all files

50
server/flask/application/test/test_delete_registration_token.py
View file

@ -2,7 +2,7 @@ import os
import unittest
import unittest.mock
import json
from .context import create_app, default_test_config
from .context import create_app, default_test_config, create_test_session
from backend.data import db
from backend.data import dao_users
from backend.data import dao_registration_tokens
@ -64,13 +64,7 @@ class DeleteRegistrationTokenUnitTest(unittest.TestCase):
@unittest.mock.patch('time.time', return_value=1000)
def test_expired_access_token_headers_returns_unauthorized(self, mock_time):
session = Session(
user_id=2,
access_token='token',
refresh_token='',
access_expires_at=950,
refresh_expires_at=1050,
)
session = create_test_session(user_id=2, access_token='token', access_expires_at=1, refresh_expires_at=2000)
self.insert_session(session)
expected = {'message':'Invalid Authorization!','code':441}
@ -83,13 +77,7 @@ class DeleteRegistrationTokenUnitTest(unittest.TestCase):
@unittest.mock.patch('time.time', return_value=1000)
def test_sending_non_saved_user_error_is_shown(self, mock_time):
session = Session(
user_id=2,
access_token='token',
refresh_token='',
access_expires_at=1050,
refresh_expires_at=2000
)
session = create_test_session(user_id=2, access_token='token', access_expires_at=1050, refresh_expires_at=2000)
self.insert_session(session)
expected = {'message':'Invalid Authorization!','code':442}
@ -108,13 +96,7 @@ class DeleteRegistrationTokenUnitTest(unittest.TestCase):
otp_secret = 'base32secret3232'
)
user_id = self.insert_user(user)
session = Session(
user_id=user_id,
access_token='token',
refresh_token='',
access_expires_at=1050,
refresh_expires_at=2000
)
session = create_test_session(user_id=user_id, access_token='token', access_expires_at=1050, refresh_expires_at=2000)
self.insert_session(session)
expected = {'message':'Invalid Token!','code':431}
@ -133,13 +115,7 @@ class DeleteRegistrationTokenUnitTest(unittest.TestCase):
otp_secret = 'base32secret3232'
)
user_id = self.insert_user(user)
session = Session(
user_id=user_id,
access_token='token',
refresh_token='',
access_expires_at=1050,
refresh_expires_at=2000
)
session = create_test_session(user_id=user_id, access_token='token', access_expires_at=1050, refresh_expires_at=2000)
self.insert_session(session)
expected = {'message':'Invalid Token!','code':431}
@ -159,13 +135,7 @@ class DeleteRegistrationTokenUnitTest(unittest.TestCase):
otp_secret = 'base32secret3232'
)
user_id = self.insert_user(user)
session = Session(
user_id=user_id,
access_token='token',
refresh_token='',
access_expires_at=1050,
refresh_expires_at=2000
)
session = create_test_session(user_id=user_id, access_token='token', access_expires_at=1050, refresh_expires_at=2000)
self.insert_session(session)
correct_code = 585501 #for 1000 and base32secret3232
expected = {'message':'Not Authorized!','code':460}
@ -187,13 +157,7 @@ class DeleteRegistrationTokenUnitTest(unittest.TestCase):
privileged = True
)
user_id = self.insert_user(user)
session = Session(
user_id=user_id,
access_token='token',
refresh_token='',
access_expires_at=1050,
refresh_expires_at=2000
)
session = create_test_session(user_id=user_id, access_token='token', access_expires_at=1050, refresh_expires_at=2000)
self.insert_session(session)
self.insert_registration_token('123456')
self.insert_registration_token('abcdef')