-
Notifications
You must be signed in to change notification settings - Fork 105
/
test_password_change.py
140 lines (125 loc) · 4.54 KB
/
test_password_change.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
from django.contrib.auth import get_user_model
from graphql_jwt.refresh_token.models import RefreshToken
from .testCases import RelayTestCase, DefaultTestCase
from graphql_auth.utils import revoke_user_refresh_token
from graphql_auth.constants import Messages
from graphql_auth.utils import get_token, get_token_payload
class PasswordChangeTestCaseMixin:
def setUp(self):
self.user = self.register_user(
email="gaa@email.com", username="gaa", verified=True
)
self.old_pass = self.user.password
def test_password_change(self):
"""
change password
"""
variables = {"user": self.user}
executed = self.make_request(self.get_query(), variables)
self.assertEqual(executed["success"], True)
self.assertEqual(executed["errors"], None)
self.assertTrue(executed["token"])
self.assertTrue(executed["refreshToken"])
self.user.refresh_from_db()
self.assertFalse(self.old_pass == self.user.password)
def test_mismatch_passwords(self):
"""
wrong inputs
"""
variables = {"user": self.user}
executed = self.make_request(self.get_query("wrong"), variables)
self.assertEqual(executed["success"], False)
self.assertTrue(executed["errors"]["newPassword2"])
self.assertFalse(executed["token"])
self.assertFalse(executed["refreshToken"])
self.user.refresh_from_db()
self.assertTrue(self.old_pass == self.user.password)
def test_passwords_validation(self):
"""
easy password
"""
variables = {"user": self.user}
executed = self.make_request(self.get_query("123", "123"), variables)
self.assertEqual(executed["success"], False)
self.assertTrue(executed["errors"]["newPassword2"])
self.assertFalse(executed["token"])
self.assertFalse(executed["refreshToken"])
def test_revoke_refresh_tokens_on_password_change(self):
executed = self.make_request(self.get_login_query())
self.user.refresh_from_db()
refresh_tokens = self.user.refresh_tokens.all()
for token in refresh_tokens:
self.assertFalse(token.revoked)
variables = {"user": self.user}
executed = self.make_request(self.get_query(), variables)
self.assertEqual(executed["success"], True)
self.assertEqual(executed["errors"], None)
self.assertTrue(executed["token"])
self.assertTrue(executed["refreshToken"])
self.user.refresh_from_db()
self.assertFalse(self.old_pass == self.user.password)
refresh_tokens = self.user.refresh_tokens.all()
revoke_user_refresh_token(self.user)
self.user.refresh_from_db()
refresh_tokens = self.user.refresh_tokens.all()
for token in refresh_tokens:
self.assertTrue(token.revoked)
class PasswordChangeTestCase(PasswordChangeTestCaseMixin, DefaultTestCase):
def get_login_query(self):
return """
mutation {
tokenAuth(
username: "username",
password: "%s",
)
{ success, errors, refreshToken }
}
""" % (
self.default_password,
)
def get_query(self, new_password1="new_password", new_password2="new_password"):
return """
mutation {
passwordChange(
oldPassword: "%s",
newPassword1: "%s",
newPassword2: "%s"
)
{ success, errors, token, refreshToken }
}
""" % (
self.default_password,
new_password1,
new_password2,
)
class PasswordChangeRelayTestCase(PasswordChangeTestCaseMixin, RelayTestCase):
def get_login_query(self):
return """
mutation {
tokenAuth(
input: {
username: "username",
password: "%s",
}
)
{ success, errors, refreshToken }
}
""" % (
self.default_password,
)
def get_query(self, new_password1="new_password", new_password2="new_password"):
return """
mutation {
passwordChange(
input: {
oldPassword: "%s",
newPassword1: "%s",
newPassword2: "%s"
})
{ success, errors, token, refreshToken }
}
""" % (
self.default_password,
new_password1,
new_password2,
)