Skip to content

Commit

Permalink
added test case
Browse files Browse the repository at this point in the history
  • Loading branch information
@Aniket-Singla
Aniket-Singla committed Jan 9, 2024
1 parent 76a12c8 commit ff038d7
Showing 1 changed file with 29 additions and 0 deletions.
29 changes: 29 additions & 0 deletions dj_rest_auth/tests/test_api.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1064,6 +1064,35 @@ def test_custom_token_refresh_view(self):
# Ensure access keys are provided in response
self.assertIn('access', refresh_resp.data)
self.assertIn('access_expiration', refresh_resp.data)

@override_api_settings(JWT_AUTH_RETURN_EXPIRATION=True)
@override_api_settings(USE_JWT=True)
@override_api_settings(JWT_AUTH_COOKIE='xxx')
@override_api_settings(JWT_AUTH_REFRESH_COOKIE='refresh-xxx')
@override_api_settings(JWT_AUTH_HTTPONLY=True)
def test_custom_token_refresh_view_with_http_only_cookie(self):
payload = {
'username': self.USERNAME,
'password': self.PASS,
}
refresh_cookie_name = 'refresh-xxx'

get_user_model().objects.create_user(self.USERNAME, '', self.PASS)
resp = self.post(self.login_url, data=payload, status_code=200)
refresh = resp.cookies[refresh_cookie_name].value
refresh_resp = self.post(
reverse('token_refresh'),
data=dict(refresh=refresh),
status_code=200,
)
self.assertIn('xxx', refresh_resp.cookies)

# Ensure access keys are provided in response
self.assertIn('access', refresh_resp.data)
self.assertIn('access_expiration', refresh_resp.data)
# ensure refresh token is removed from response
self.assertNotIn('refresh', refresh_resp.data)
self.assertNotIn('refresh_expiration', refresh_resp.data)

@override_api_settings(USE_JWT=True)
@override_api_settings(JWT_AUTH_HTTPONLY=False)
Expand Down

0 comments on commit ff038d7

Please sign in to comment.