mirror of
https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git
synced 2025-01-11 18:39:30 +00:00
fix(auth): fix timezone issues with recovery tokens
This commit is contained in:
parent
1bbb804919
commit
e414f3b8fd
|
@ -7,7 +7,9 @@ def ensure_tz_aware(dt: datetime) -> datetime:
|
|||
assumes utc on naive datetime input
|
||||
"""
|
||||
if dt.tzinfo is None:
|
||||
dt = dt.astimezone(timezone.utc)
|
||||
# astimezone() is dangerous, it makes an implicit assumption that
|
||||
# the time is localtime
|
||||
dt = dt.replace(tzinfo=timezone.utc)
|
||||
return dt
|
||||
|
||||
|
||||
|
|
|
@ -36,6 +36,10 @@ class NearFuture(datetime):
|
|||
def now(cls, tz=None):
|
||||
return datetime.now(tz) + timedelta(minutes=13)
|
||||
|
||||
@classmethod
|
||||
def utcnow(cls):
|
||||
return datetime.utcnow() + timedelta(minutes=13)
|
||||
|
||||
|
||||
def read_json(file_path):
|
||||
with open(file_path, "r", encoding="utf-8") as file:
|
||||
|
|
|
@ -6,16 +6,16 @@ ORIGINAL_DEVICES = TOKENS_FILE_CONTENTS["tokens"]
|
|||
|
||||
def assert_ok(response, request):
|
||||
data = assert_data(response)
|
||||
data[request]["success"] is True
|
||||
data[request]["message"] is not None
|
||||
data[request]["code"] == 200
|
||||
assert data[request]["success"] is True
|
||||
assert data[request]["message"] is not None
|
||||
assert data[request]["code"] == 200
|
||||
|
||||
|
||||
def assert_errorcode(response, request, code):
|
||||
data = assert_data(response)
|
||||
data[request]["success"] is False
|
||||
data[request]["message"] is not None
|
||||
data[request]["code"] == code
|
||||
assert data[request]["success"] is False
|
||||
assert data[request]["message"] is not None
|
||||
assert data[request]["code"] == code
|
||||
|
||||
|
||||
def assert_empty(response):
|
||||
|
|
|
@ -177,9 +177,9 @@ def test_graphql_generate_recovery_key_with_expiration_date(
|
|||
assert_recovery_recent(status["creationDate"])
|
||||
|
||||
# timezone-aware comparison. Should pass regardless of server's tz
|
||||
assert datetime.fromisoformat(
|
||||
status["expirationDate"]
|
||||
) == expiration_date.astimezone(timezone.utc)
|
||||
assert datetime.fromisoformat(status["expirationDate"]) == expiration_date.replace(
|
||||
tzinfo=timezone.utc
|
||||
)
|
||||
|
||||
assert status["usesLeft"] is None
|
||||
|
||||
|
@ -208,9 +208,9 @@ def test_graphql_use_recovery_key_after_expiration(
|
|||
assert_recovery_recent(status["creationDate"])
|
||||
|
||||
# timezone-aware comparison. Should pass regardless of server's tz
|
||||
assert datetime.fromisoformat(
|
||||
status["expirationDate"]
|
||||
) == expiration_date.astimezone(timezone.utc)
|
||||
assert datetime.fromisoformat(status["expirationDate"]) == expiration_date.replace(
|
||||
tzinfo=timezone.utc
|
||||
)
|
||||
assert status["usesLeft"] is None
|
||||
|
||||
|
||||
|
|
|
@ -12,8 +12,8 @@ from tests.common import (
|
|||
NearFuture,
|
||||
assert_recovery_recent,
|
||||
)
|
||||
from tests.common import five_minutes_into_future_naive as five_minutes_into_future
|
||||
from tests.common import five_minutes_into_past_naive as five_minutes_into_past
|
||||
from tests.common import five_minutes_into_future_naive_utc as five_minutes_into_future
|
||||
from tests.common import five_minutes_into_past_naive_utc as five_minutes_into_past
|
||||
|
||||
DATE_FORMATS = [
|
||||
"%Y-%m-%dT%H:%M:%S.%fZ",
|
||||
|
@ -338,7 +338,7 @@ def test_generate_recovery_token_with_expiration_date(
|
|||
"exists": True,
|
||||
"valid": True,
|
||||
"date": time_generated,
|
||||
"expiration": expiration_date.astimezone(timezone.utc).isoformat(),
|
||||
"expiration": expiration_date.replace(tzinfo=timezone.utc).isoformat(),
|
||||
"uses_left": None,
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue