SelfPrivacy/selfprivacy-rest-api
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git synced 2025-03-12 01:23:49 +00:00
Code Issues Projects Releases Wiki Activity

Cover the case when uses is less than 1

Browse source
This commit is contained in:
inexcode 2022-02-16 17:10:29 +03:00
parent c22fe9e8bd
commit 50a82a065e
2 changed files with 24 additions and 0 deletions
selfprivacy_api/resources/api_auth
recovery_token.py
tests
test_auth.py

2
selfprivacy_api/resources/api_auth/recovery_token.py
View file

@ -131,6 +131,8 @@ class RecoveryToken(Resource):
}, 400 }, 400
else: else:
expiration = None expiration = None
if args["uses"] != None and args["uses"] < 1:
return {"message": "Uses must be greater than 0"}, 400
# Generate recovery token # Generate recovery token
token = generate_recovery_token(expiration, args["uses"]) token = generate_recovery_token(expiration, args["uses"])
return {"token": token} return {"token": token}

22
tests/test_auth.py
View file

@ -504,3 +504,25 @@ def test_generate_recovery_token_with_limited_uses(
assert recovery_response.status_code == 404 assert recovery_response.status_code == 404
assert read_json(tokens_file)["recovery_token"]["uses_left"] == 0 assert read_json(tokens_file)["recovery_token"]["uses_left"] == 0
def test_generate_recovery_token_with_negative_uses(
authorized_client, client, tokens_file
):
# Generate token with limited uses
response = authorized_client.post(
"/auth/recovery_token",
json={"uses": -2},
)
assert response.status_code == 400
assert "recovery_token" not in read_json(tokens_file)
def test_generate_recovery_token_with_zero_uses(
authorized_client, client, tokens_file
):
# Generate token with limited uses
response = authorized_client.post(
"/auth/recovery_token",
json={"uses": 0},
)
assert response.status_code == 400
assert "recovery_token" not in read_json(tokens_file)