SelfPrivacy/selfprivacy-rest-api
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git synced 2024-12-01 10:56:39 +00:00
Code Issues Projects Releases Wiki Activity

Add new device token deletion endpoint

Browse source
This commit is contained in:
Inex Code 2022-01-27 14:12:49 +02:00
parent 40501401b4
commit fbb82c87e8
3 changed files with 44 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
selfprivacy_api/resources/api_auth/new_device.py
View file

@ -7,6 +7,7 @@ from selfprivacy_api.resources.api_auth import api
from selfprivacy_api.utils.auth import ( from selfprivacy_api.utils.auth import (
get_new_device_auth_token, get_new_device_auth_token,
use_new_device_auth_token, use_new_device_auth_token,
delete_new_device_auth_token,
) )
@ -32,6 +33,23 @@ class NewDevice(Resource):
token = get_new_device_auth_token() token = get_new_device_auth_token()
return {"token": token} return {"token": token}
def delete(self):
"""
Delete new device token
---
tags:
- Tokens
security:
- bearerAuth: []
responses:
200:
description: New device token deleted
400:
description: Bad request
"""
delete_new_device_auth_token()
return {"token": None}
class AuthorizeDevice(Resource): class AuthorizeDevice(Resource):
"""Authorize device class """Authorize device class

7
selfprivacy_api/utils/auth.py
View file

@ -276,6 +276,13 @@ def _get_new_device_auth_token():
return new_device["token"] return new_device["token"]
def delete_new_device_auth_token():
"""Delete new device auth token"""
with WriteUserData(UserDataFiles.TOKENS) as tokens:
if "new_device" in tokens:
del tokens["new_device"]
def use_new_device_auth_token(mnemonic_phrase, name): def use_new_device_auth_token(mnemonic_phrase, name):
"""Use the new device auth token by converting the mnemonic string to a byte array. """Use the new device auth token by converting the mnemonic string to a byte array.
If the mnemonic phrase is valid then generate a device token and return it. If the mnemonic phrase is valid then generate a device token and return it.

19
tests/test_auth.py
View file

@ -114,6 +114,25 @@ def test_get_new_device_auth_token(authorized_client, tokens_file):
assert read_json(tokens_file)["new_device"]["token"] == token assert read_json(tokens_file)["new_device"]["token"] == token
def test_get_and_delete_new_device_token(authorized_client, tokens_file):
response = authorized_client.post("/auth/new_device")
assert response.status_code == 200
assert "token" in response.json
token = Mnemonic(language="english").to_entropy(response.json["token"]).hex()
assert read_json(tokens_file)["new_device"]["token"] == token
response = authorized_client.delete(
"/auth/new_device", json={"token": response.json["token"]}
)
assert response.status_code == 200
assert read_json(tokens_file) == TOKENS_FILE_CONTETS
def test_delete_token_unauthenticated(client, tokens_file):
response = client.delete("/auth/new_device")
assert response.status_code == 401
assert read_json(tokens_file) == TOKENS_FILE_CONTETS
def test_get_and_authorize_new_device(client, authorized_client, tokens_file): def test_get_and_authorize_new_device(client, authorized_client, tokens_file):
response = authorized_client.post("/auth/new_device") response = authorized_client.post("/auth/new_device")
assert response.status_code == 200 assert response.status_code == 200