mirror of
https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api.git
synced 2024-11-29 07:21:27 +00:00
Add new device token deletion endpoint
This commit is contained in:
parent
40501401b4
commit
fbb82c87e8
|
@ -7,6 +7,7 @@ from selfprivacy_api.resources.api_auth import api
|
|||
from selfprivacy_api.utils.auth import (
|
||||
get_new_device_auth_token,
|
||||
use_new_device_auth_token,
|
||||
delete_new_device_auth_token,
|
||||
)
|
||||
|
||||
|
||||
|
@ -32,6 +33,23 @@ class NewDevice(Resource):
|
|||
token = get_new_device_auth_token()
|
||||
return {"token": token}
|
||||
|
||||
def delete(self):
|
||||
"""
|
||||
Delete new device token
|
||||
---
|
||||
tags:
|
||||
- Tokens
|
||||
security:
|
||||
- bearerAuth: []
|
||||
responses:
|
||||
200:
|
||||
description: New device token deleted
|
||||
400:
|
||||
description: Bad request
|
||||
"""
|
||||
delete_new_device_auth_token()
|
||||
return {"token": None}
|
||||
|
||||
|
||||
class AuthorizeDevice(Resource):
|
||||
"""Authorize device class
|
||||
|
|
|
@ -276,6 +276,13 @@ def _get_new_device_auth_token():
|
|||
return new_device["token"]
|
||||
|
||||
|
||||
def delete_new_device_auth_token():
|
||||
"""Delete new device auth token"""
|
||||
with WriteUserData(UserDataFiles.TOKENS) as tokens:
|
||||
if "new_device" in tokens:
|
||||
del tokens["new_device"]
|
||||
|
||||
|
||||
def use_new_device_auth_token(mnemonic_phrase, name):
|
||||
"""Use the new device auth token by converting the mnemonic string to a byte array.
|
||||
If the mnemonic phrase is valid then generate a device token and return it.
|
||||
|
|
|
@ -114,6 +114,25 @@ def test_get_new_device_auth_token(authorized_client, tokens_file):
|
|||
assert read_json(tokens_file)["new_device"]["token"] == token
|
||||
|
||||
|
||||
def test_get_and_delete_new_device_token(authorized_client, tokens_file):
|
||||
response = authorized_client.post("/auth/new_device")
|
||||
assert response.status_code == 200
|
||||
assert "token" in response.json
|
||||
token = Mnemonic(language="english").to_entropy(response.json["token"]).hex()
|
||||
assert read_json(tokens_file)["new_device"]["token"] == token
|
||||
response = authorized_client.delete(
|
||||
"/auth/new_device", json={"token": response.json["token"]}
|
||||
)
|
||||
assert response.status_code == 200
|
||||
assert read_json(tokens_file) == TOKENS_FILE_CONTETS
|
||||
|
||||
|
||||
def test_delete_token_unauthenticated(client, tokens_file):
|
||||
response = client.delete("/auth/new_device")
|
||||
assert response.status_code == 401
|
||||
assert read_json(tokens_file) == TOKENS_FILE_CONTETS
|
||||
|
||||
|
||||
def test_get_and_authorize_new_device(client, authorized_client, tokens_file):
|
||||
response = authorized_client.post("/auth/new_device")
|
||||
assert response.status_code == 200
|
||||
|
|
Loading…
Reference in a new issue