refactor(fe-auth): clean up jwt-handling logic
This commit is contained in:
parent
0fd8e2d8a4
commit
c8e581ee5d
GPG key ID:
048E042F22B5DC79
5 changed files with 48 additions and 3 deletions
|
|
@ -20,6 +20,7 @@ dev = [
|
|||
"pylint_django",
|
||||
"pytest-django",
|
||||
"pytest",
|
||||
"freezegun",
|
||||
]
|
||||
|
||||
[tool.setuptools]
|
||||
|
|
|
|||
|
|
@ -33,6 +33,8 @@ djangorestframework==3.14.0
|
|||
# via
|
||||
# -c requirements.txt
|
||||
# rotini (pyproject.toml)
|
||||
freezegun==1.4.0
|
||||
# via rotini (pyproject.toml)
|
||||
h11==0.14.0
|
||||
# via
|
||||
# -c requirements.txt
|
||||
|
|
@ -88,6 +90,8 @@ pytest==7.4.3
|
|||
# rotini (pyproject.toml)
|
||||
pytest-django==4.7.0
|
||||
# via rotini (pyproject.toml)
|
||||
python-dateutil==2.8.2
|
||||
# via freezegun
|
||||
python-dotenv==1.0.0
|
||||
# via
|
||||
# -c requirements.txt
|
||||
|
|
@ -104,6 +108,8 @@ pyyaml==6.0.1
|
|||
# via
|
||||
# -c requirements.txt
|
||||
# uvicorn
|
||||
six==1.16.0
|
||||
# via python-dateutil
|
||||
sniffio==1.3.0
|
||||
# via
|
||||
# -c requirements.txt
|
||||
|
|
|
|||
|
|
@ -9,11 +9,18 @@ import jwt
|
|||
def generate_token_for_user(user_id: int) -> str:
|
||||
"""
|
||||
Generates an identity token for a given user.
|
||||
|
||||
The token expires in JWT_EXPIRATION seconds (defined in base.settings) and
|
||||
only contains the user's ID and a token ID that can be used to track the
|
||||
token once emitted.
|
||||
"""
|
||||
|
||||
token_data = {
|
||||
"exp": (datetime.datetime.now() + datetime.timedelta(seconds=120)).timestamp(),
|
||||
"exp": (
|
||||
datetime.datetime.now()
|
||||
+ datetime.timedelta(seconds=django.conf.settings.JWT_EXPIRATION)
|
||||
).timestamp(),
|
||||
"user_id": user_id,
|
||||
"username": "yolo",
|
||||
"token_id": str(uuid.uuid4()),
|
||||
}
|
||||
|
||||
|
|
|
|||
29
backend/rotini/auth/jwt_test.py
Normal file
29
backend/rotini/auth/jwt_test.py
Normal file
|
|
@ -0,0 +1,29 @@
|
|||
import pytest
|
||||
import freezegun
|
||||
import jwt
|
||||
|
||||
import auth.jwt
|
||||
|
||||
|
||||
@freezegun.freeze_time("2012-01-01")
|
||||
def test_generates_and_decodes_token_token():
|
||||
MOCK_USER_ID = 1
|
||||
token = auth.jwt.generate_token_for_user(MOCK_USER_ID)
|
||||
|
||||
assert token is not None
|
||||
|
||||
token_data = auth.jwt.decode_token(token)
|
||||
|
||||
assert token_data["user_id"] == MOCK_USER_ID
|
||||
|
||||
|
||||
def test_token_decode_fails_if_expired():
|
||||
MOCK_USER_ID = 1
|
||||
|
||||
with freezegun.freeze_time("2012-01-01"):
|
||||
token = auth.jwt.generate_token_for_user(MOCK_USER_ID)
|
||||
|
||||
assert token is not None
|
||||
|
||||
with pytest.raises(jwt.ExpiredSignatureError):
|
||||
auth.jwt.decode_token(token)
|
||||
|
|
@ -14,6 +14,8 @@ BASE_DIR = Path(__file__).resolve().parent.parent
|
|||
SECRET_KEY = os.environ["DJANGO_SECRET_KEY"]
|
||||
JWT_SIGNING_SECRET = os.environ["JWT_SIGNING_SECRET"]
|
||||
|
||||
# JWT time-to-live, in seconds.
|
||||
JWT_EXPIRATION = 600
|
||||
DEBUG = True
|
||||
|
||||
ALLOWED_HOSTS = ["*"]
|
||||
|
|
@ -46,7 +48,7 @@ MIDDLEWARE = [
|
|||
ROOT_URLCONF = "base.urls"
|
||||
|
||||
CORS_ALLOWED_ORIGINS = ["http://localhost:1234"]
|
||||
|
||||
CSRF_TRUSTED_ORIGINS = ["http://localhost:1234"]
|
||||
TEMPLATES = [
|
||||
{
|
||||
"BACKEND": "django.template.backends.django.DjangoTemplates",
|
||||
|
|
|
|||
Reference in a new issue