Skip to content

Commit 86b810a

Browse files
ashokdelphiaashokdelphia
committed
Add tests for when the token and id fields are filled in the blacklist entry.
1 parent 2003eb4 commit 86b810a

File tree

1 file changed

+44
-0
lines changed

1 file changed

+44
-0
lines changed

tests/views/test_blacklist.py

Lines changed: 44 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,7 @@ def test_user_cannot_blacklist_same_token_multiple_times(
5959
assert response.status_code == status.HTTP_403_FORBIDDEN
6060
assert BlacklistedToken.objects.count() == 1
6161

62+
6263
def test_create_or_update_blacklist_entry(
6364
user, create_authenticated_client
6465
):
@@ -75,6 +76,49 @@ def test_create_or_update_blacklist_entry(
7576
api_client.post(url, data={"token":token})
7677
assert BlacklistedToken.objects.count() == 1
7778

79+
80+
def test_blacklist_stores_token_id_and_token_when_including_ids(
81+
monkeypatch, user, create_authenticated_client
82+
):
83+
monkeypatch.setattr(api_settings, "JWT_TOKEN_ID", 'include')
84+
url = reverse('blacklist-list')
85+
api_client = create_authenticated_client(user)
86+
87+
api_client.post(url)
88+
assert BlacklistedToken.objects.count() == 1
89+
blacklist_entry = BlacklistedToken.objects.first()
90+
assert blacklist_entry.token
91+
assert blacklist_entry.token_id
92+
93+
94+
def test_blacklist_stores_token_id_and_no_token_when_requiring_ids(
95+
monkeypatch, user, create_authenticated_client
96+
):
97+
monkeypatch.setattr(api_settings, "JWT_TOKEN_ID", 'require')
98+
url = reverse('blacklist-list')
99+
api_client = create_authenticated_client(user)
100+
101+
api_client.post(url)
102+
assert BlacklistedToken.objects.count() == 1
103+
blacklist_entry = BlacklistedToken.objects.first()
104+
assert blacklist_entry.token is None
105+
assert blacklist_entry.token_id
106+
107+
108+
def test_blacklist_stores_token_and_no_id_token_when_ids_turned_off(
109+
monkeypatch, user, create_authenticated_client
110+
):
111+
monkeypatch.setattr(api_settings, "JWT_TOKEN_ID", 'off')
112+
url = reverse('blacklist-list')
113+
api_client = create_authenticated_client(user)
114+
115+
api_client.post(url)
116+
assert BlacklistedToken.objects.count() == 1
117+
blacklist_entry = BlacklistedToken.objects.first()
118+
assert blacklist_entry.token
119+
assert blacklist_entry.token_id is None
120+
121+
78122
def test_user_can_blacklist_own_token_from_cookie(
79123
monkeypatch, user, call_auth_endpoint
80124
):

0 commit comments

Comments
 (0)