73 lines
2.1 KiB
Python
73 lines
2.1 KiB
Python
"""Tests for JWT security utilities."""
|
|
|
|
import pytest
|
|
from datetime import timedelta
|
|
from app.utils.security import create_access_token, decode_access_token
|
|
|
|
|
|
class TestJWTSecurity:
|
|
"""Tests for JWT token creation and validation."""
|
|
|
|
def test_create_access_token(self):
|
|
"""Test creating JWT access token."""
|
|
data = {
|
|
"user_id": "test-user-123",
|
|
"login": "12345678"
|
|
}
|
|
|
|
token = create_access_token(data)
|
|
|
|
assert token is not None
|
|
assert isinstance(token, str)
|
|
assert len(token) > 0
|
|
|
|
def test_decode_access_token(self):
|
|
"""Test decoding valid JWT token."""
|
|
data = {
|
|
"user_id": "test-user-123",
|
|
"login": "12345678"
|
|
}
|
|
|
|
token = create_access_token(data)
|
|
payload = decode_access_token(token)
|
|
|
|
assert payload is not None
|
|
assert payload["user_id"] == "test-user-123"
|
|
assert payload["login"] == "12345678"
|
|
assert "exp" in payload
|
|
|
|
def test_decode_invalid_token(self):
|
|
"""Test decoding invalid token returns None."""
|
|
payload = decode_access_token("invalid.token.here")
|
|
|
|
assert payload is None
|
|
|
|
def test_decode_expired_token(self):
|
|
"""Test decoding expired token returns None."""
|
|
data = {
|
|
"user_id": "test-user-123",
|
|
"login": "12345678"
|
|
}
|
|
|
|
# Create token that expires immediately
|
|
token = create_access_token(data, expires_delta=timedelta(seconds=-1))
|
|
payload = decode_access_token(token)
|
|
|
|
assert payload is None
|
|
|
|
def test_token_contains_all_data(self):
|
|
"""Test that token contains all provided data."""
|
|
data = {
|
|
"user_id": "test-user-123",
|
|
"login": "12345678",
|
|
"custom_field": "custom_value"
|
|
}
|
|
|
|
token = create_access_token(data)
|
|
payload = decode_access_token(token)
|
|
|
|
assert payload["user_id"] == "test-user-123"
|
|
assert payload["login"] == "12345678"
|
|
assert payload["custom_field"] == "custom_value"
|
|
assert "exp" in payload
|