45 lines
1.7 KiB
Python
45 lines
1.7 KiB
Python
import time
|
|
from tests.conftest import make_project
|
|
from backend import portal_auth as pa
|
|
from backend.models import Client, ClientAccessToken
|
|
|
|
|
|
def test_portal_client_for_project_is_1to1_and_idempotent(db_session):
|
|
p = make_project(db_session)
|
|
c1 = pa.portal_client_for_project(p, db_session)
|
|
c2 = pa.portal_client_for_project(p, db_session)
|
|
assert isinstance(c1, Client) and c1.id == c2.id
|
|
assert c1.slug == f"portal-{p.id}"
|
|
assert db_session.query(Client).filter_by(slug=f"portal-{p.id}").count() == 1
|
|
|
|
|
|
def test_mint_portal_session_returns_usable_token_id(db_session):
|
|
p = make_project(db_session)
|
|
tid = pa.mint_portal_session(p, db_session)
|
|
tok = db_session.query(ClientAccessToken).filter_by(id=tid, revoked_at=None).first()
|
|
assert tok is not None
|
|
cookie = pa.make_session_cookie(tid)
|
|
client = pa.client_from_cookie(cookie, db_session)
|
|
assert client is not None and client.slug == f"portal-{p.id}"
|
|
|
|
|
|
def test_resolve_project_by_link_token(db_session):
|
|
p = make_project(db_session, portal_enabled=True, portal_link_token="tok-abc")
|
|
assert pa.resolve_project_by_link_token("tok-abc", db_session).id == p.id
|
|
assert pa.resolve_project_by_link_token("nope", db_session) is None
|
|
|
|
|
|
def test_resolve_project_ignores_disabled_portal(db_session):
|
|
make_project(db_session, portal_enabled=False, portal_link_token="tok-off")
|
|
assert pa.resolve_project_by_link_token("tok-off", db_session) is None
|
|
|
|
|
|
def test_lockout_after_max_attempts():
|
|
pa.clear_failures("k1")
|
|
assert pa.is_locked("k1") is False
|
|
for _ in range(pa.MAX_ATTEMPTS):
|
|
pa.register_failure("k1")
|
|
assert pa.is_locked("k1") is True
|
|
pa.clear_failures("k1")
|
|
assert pa.is_locked("k1") is False
|