Promo-Code-API/promo_code/business/tests/auth/test_tokens.py at 0b8b08357c0fdb85fc1e02c9e905a27012a2d14a · RandomProgramm3r/Promo-Code-API · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
import business.models
import business.tests.auth.base
import rest_framework.status
import rest_framework.test


class JWTTests(business.tests.auth.base.BaseBusinessAuthTestCase):
    def setUp(self):
        super().setUp()
        business.models.Company.objects.create_company(
            name='Digital Marketing Solutions Inc.',
            email='testcompany@example.com',
            password='SuperStrongPassword2000!',
        )

        self.user_data = {
            'email': 'testcompany@example.com',
            'password': 'SuperStrongPassword2000!',
        }

    def test_access_protected_view_with_valid_token(self):
        response = self.client.post(
            self.signin_url,
            self.user_data,
            format='json',
        )

        token = response.data['access']

        self.client.credentials(HTTP_AUTHORIZATION='Bearer ' + token)
        response = self.client.get(self.protected_url)
        self.assertEqual(
            response.status_code,
            rest_framework.status.HTTP_200_OK,
        )
        self.assertEqual(response.data['status'], 'request was permitted')

    def test_registration_token_invalid_after_login(self):
        data = {
            'email': 'test@example.com',
            'password': 'StrongPass123!cd',
            'name': 'Digital Marketing Solutions Inc.',
        }
        response = self.client.post(
            self.signup_url,
            data,
            format='json',
        )
        reg_access_token = response.data['access']

        self.client.credentials(
            HTTP_AUTHORIZATION=f'Bearer {reg_access_token}',
        )
        response = self.client.get(self.protected_url)
        self.assertEqual(
            response.status_code,
            rest_framework.status.HTTP_200_OK,
        )

        login_data = {'email': data['email'], 'password': data['password']}
        response = self.client.post(
            self.signin_url,
            login_data,
            format='json',
        )
        login_access_token = response.data['access']

        self.client.credentials(
            HTTP_AUTHORIZATION=f'Bearer {reg_access_token}',
        )
        response = self.client.get(self.protected_url)
        self.assertEqual(
            response.status_code,
            rest_framework.status.HTTP_401_UNAUTHORIZED,
        )

        self.client.credentials(
            HTTP_AUTHORIZATION=f'Bearer {login_access_token}',
        )
        response = self.client.get(self.protected_url)
        self.assertEqual(
            response.status_code,
            rest_framework.status.HTTP_200_OK,
        )