Add Media-Token beside access token

Media-Token can be used only to access the content, but unable to modify user data
2023-03-27 19:07:29 +03:00 · 2023-03-27 19:07:29 +03:00 · 1f06c40c4c
commit 1f06c40c4c
parent 0a71a6c840
31 changed files with 516 additions and 762 deletions
--- a/server/flask/application/test/test_otp_verification.py
+++ b/server/flask/application/test/test_otp_verification.py
@ -6,7 +6,6 @@ from .context import create_app, default_test_config
 from backend.data import db
 from backend.data import dao_users
 from backend.data import dao_session
-from backend.data.data_models import Session
 from backend.data.data_models import RegisteringUser

 class OTP_VerificationUnitTest(unittest.TestCase):
@ -149,7 +148,7 @@ class OTP_VerificationUnitTest(unittest.TestCase):
        )
        user_id = self.insert_user(user)
        correct_code = 585501 #for 1000 and base32secret3232
-        expected_keys = {'access_token', 'refresh_token', 'expires_at'}
+        expected_keys = {'access_token', 'media_token', 'refresh_token', 'expires_at'}
        
        data = {'username': 'myname', 'password': 'mypass', 'otp': '{}'.format(correct_code)}
        response = self.client.post(self.url_path, data=data)