Skip to content

Commit

Permalink
62: add missing "exp" claims to token payloads
Browse files Browse the repository at this point in the history
  • Loading branch information
Kaloyan Marinov committed Mar 10, 2024
1 parent cd323e8 commit 831d8a7
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 0 deletions.
19 changes: 19 additions & 0 deletions backend/tests/api/test_1_users.py
Original file line number Diff line number Diff line change
Expand Up @@ -1808,7 +1808,14 @@ def test_3_valid_token_wrong_purpose(self):
"src.auth.jwt.decode",
) as mock_4_jwt_decode:
# Arrange.
expiration_timestamp_for_token = (
dt.datetime.utcnow()
+ dt.timedelta(
minutes=self.app.config["MINUTES_FOR_PASSWORD_RESET"]
)
)
mock_4_jwt_decode.return_value = {
"exp": expiration_timestamp_for_token,
"purpose": wrong_purpose,
"user_id": 1,
}
Expand Down Expand Up @@ -1847,7 +1854,11 @@ def test_3_valid_token_wrong_purpose(self):
def test_4_missing_content_type(self):
with patch("src.auth.jwt.decode") as mock_4_jwt_decode:
# Arrange.
expiration_timestamp_for_token = dt.datetime.utcnow() + dt.timedelta(
minutes=self.app.config["MINUTES_FOR_PASSWORD_RESET"]
)
mock_4_jwt_decode.return_value = {
"exp": expiration_timestamp_for_token,
"purpose": PASSWORD_RESET,
"user_id": 1,
}
Expand Down Expand Up @@ -1879,7 +1890,11 @@ def test_4_missing_content_type(self):

def test_5_incomplete_request_body(self):
with patch("src.auth.jwt.decode") as mock_4_jwt_decode:
expiration_timestamp_for_token = dt.datetime.utcnow() + dt.timedelta(
minutes=self.app.config["MINUTES_FOR_PASSWORD_RESET"]
)
mock_4_jwt_decode.return_value = {
"exp": expiration_timestamp_for_token,
"purpose": PASSWORD_RESET,
"user_id": 1,
}
Expand All @@ -1906,7 +1921,11 @@ def test_5_incomplete_request_body(self):

def test_6_reset_password(self):
with patch("src.auth.jwt.decode") as mock_4_jwt_decode:
expiration_timestamp_for_token = dt.datetime.utcnow() + dt.timedelta(
days=self.app.config["DAYS_FOR_EMAIL_ADDRESS_CONFIRMATION"]
)
mock_4_jwt_decode.return_value = {
"exp": expiration_timestamp_for_token,
"purpose": PASSWORD_RESET,
"user_id": 1,
}
Expand Down
5 changes: 5 additions & 0 deletions backend/tests/api/test_4_examples.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import base64
import jwt
import unittest
import datetime as dt

from typing import Optional

Expand Down Expand Up @@ -356,10 +357,14 @@ def test_8_token_for_nonexistent_user(self):

# Simulate a request, in which a client provides a Bearer Token,
# whose payload specifies a non-existent user ID.
expiration_timestamp_for_token = dt.datetime.utcnow() + dt.timedelta(
minutes=self.app.config["MINUTES_FOR_TOKEN_VALIDITY"]
)
nonexistent_user_id = 17
with patch(
"src.auth.jwt.decode",
return_value={
"exp": expiration_timestamp_for_token,
"purpose": ACCESS,
"user_id": nonexistent_user_id,
},
Expand Down

2 comments on commit 831d8a7

@github-actions
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

badge-test-coverage

@github-actions
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

badge-test-coverage

Please sign in to comment.