Gateprep / backend /tests /test_security.py
banu4prasad's picture
fix: actions 4
c2e2a43
Raw
History Blame Contribute Delete
1.32 kB
from datetime import timedelta
from jose import jwt
from app.core.config import settings
from app.core.security import create_access_token, decode_token
def test_decode_token_valid():
token = create_access_token({"sub": "testuser"})
payload = decode_token(token)
assert payload is not None
assert payload.get("sub") == "testuser"
def test_decode_token_expired():
# Create a token that expired 1 minute ago
token = create_access_token(
data={"sub": "testuser"},
expires_delta=timedelta(minutes=-1)
)
# decode_token should catch JWTError (specifically ExpiredSignatureError) and return None
payload = decode_token(token)
assert payload is None
def test_decode_token_invalid_signature():
# Create a valid token but sign it with a different secret
wrong_secret = "this_is_not_the_real_secret"
to_encode = {"sub": "testuser"}
encoded_jwt = jwt.encode(to_encode, wrong_secret, algorithm=settings.ALGORITHM)
# decode_token should fail verification and return None
payload = decode_token(encoded_jwt)
assert payload is None
def test_decode_token_malformed_string():
# decode_token should handle arbitrary malformed strings gracefully
assert decode_token("not.a.real.jwt.token") is None
assert decode_token("") is None