From 00e922ade423cf7489aaafc379cfd7a17dd61fd4 Mon Sep 17 00:00:00 2001
From: Martin Bauer <martin.bauer@paessler.com>
Date: Sat, 18 Aug 2018 13:05:52 +0200
Subject: [PATCH 1/2] minor cleanup

---
 knox/auth.py             | 2 +-
 knox_project/settings.py | 4 ----
 tests/tests.py           | 5 +----
 3 files changed, 2 insertions(+), 9 deletions(-)

diff --git a/knox/auth.py b/knox/auth.py
index 625fa681..307c6460 100644
--- a/knox/auth.py
+++ b/knox/auth.py
@@ -31,7 +31,7 @@ class TokenAuthentication(BaseAuthentication):
     authentication scheme to cope with the fact that Tokens are not stored
     in plaintext in the database
 
-    If succesful
+    If sucessful
     - `request.user` will be a django `User` instance
     - `request.auth` will be an `AuthToken` instance
     '''
diff --git a/knox_project/settings.py b/knox_project/settings.py
index 5e9cad7f..f0378fcd 100644
--- a/knox_project/settings.py
+++ b/knox_project/settings.py
@@ -57,7 +57,3 @@
 STATIC_URL = '/static/'
 
 TEST_RUNNER = 'django_nose.NoseTestSuiteRunner'
-
-REST_KNOX = {
-    'AUTO_REFRESH': True
-}
diff --git a/tests/tests.py b/tests/tests.py
index 180c0096..d361a29c 100644
--- a/tests/tests.py
+++ b/tests/tests.py
@@ -107,7 +107,6 @@ def test_expired_tokens_deleted(self):
         self.assertEqual(AuthToken.objects.count(), 10)
 
         # Attempting a single logout should delete all tokens
-
         url = reverse('knox_logout')
         self.client.credentials(HTTP_AUTHORIZATION=('Token %s' % token))
         self.client.post(url, {}, format='json')
@@ -140,8 +139,6 @@ def test_invalid_odd_length_token_returns_401_code(self):
         self.assertEqual(response.data, {"detail": "Invalid token."})
 
     def test_token_expiry_is_extended_with_auto_refresh_activated(self):
-        self.assertEqual(settings.REST_KNOX["AUTO_REFRESH"], True)
-        self.assertEqual(knox_settings.TOKEN_TTL, timedelta(hours=10))
         ttl = knox_settings.TOKEN_TTL
         original_time = datetime(2018, 7, 25, 0, 0, 0, 0)
 
@@ -159,7 +156,7 @@ def test_token_expiry_is_extended_with_auto_refresh_activated(self):
         self.assertEqual(new_expiry.replace(tzinfo=None),
                          original_time + ttl + timedelta(hours=5))
 
-        # token works after orignal expiry:
+        # token works after original expiry:
         after_original_expiry = original_time + ttl + timedelta(hours=1)
         with freeze_time(after_original_expiry):
             response = self.client.get(root_url, {}, format='json')

From c747f40a43fb1bd2c713183b1a49afbbcfdf60d0 Mon Sep 17 00:00:00 2001
From: Martin Bauer <martin.bauer@paessler.com>
Date: Sat, 18 Aug 2018 13:06:13 +0200
Subject: [PATCH 2/2] Rewrite tests so that they do not need any REST_KNOX
 definition in the settings.py.

Fix for #111 https://github.com/James1345/django-rest-knox/issues/111

Usage of override_settings is tricky as core modules are already
imported at the time and do not get the updated values unless reloaded. See also
d-r-f using the same workaround:
https://github.com/encode/django-rest-framework/commit/4a200d5e66e093ae6f8c6e94eb749ed588849ce0
https://github.com/encode/django-rest-framework/issues/6030
https://github.com/encode/django-rest-framework/issues/2466

It is important to reload the module again after usage of override_settings
otherwise the overwritten value will remain for following tests.
---
 knox/auth.py   |  2 +-
 tests/tests.py | 32 ++++++++++++++++++++------------
 2 files changed, 21 insertions(+), 13 deletions(-)

diff --git a/knox/auth.py b/knox/auth.py
index 307c6460..c616c29d 100644
--- a/knox/auth.py
+++ b/knox/auth.py
@@ -72,7 +72,7 @@ def authenticate_credentials(self, token):
             except (TypeError, binascii.Error):
                 raise exceptions.AuthenticationFailed(msg)
             if compare_digest(digest, auth_token.digest):
-                if settings.REST_KNOX["AUTO_REFRESH"]:
+                if knox_settings.AUTO_REFRESH:
                     self.renew_token(auth_token)
                 return self.validate_user(auth_token)
         raise exceptions.AuthenticationFailed(msg)
diff --git a/tests/tests.py b/tests/tests.py
index d361a29c..1b5ef757 100644
--- a/tests/tests.py
+++ b/tests/tests.py
@@ -1,9 +1,10 @@
 import base64
 from datetime import datetime, timedelta
 
-from django.conf import settings
+from django.utils.six.moves import reload_module
 from django.contrib.auth import get_user_model
 from django.test import override_settings
+from knox import auth
 
 try:
     # For django >= 2.0
@@ -31,8 +32,9 @@ def get_basic_auth_header(username, password):
     return 'Basic %s' % base64.b64encode(
         ('%s:%s' % (username, password)).encode('ascii')).decode()
 
-no_auto_refresh_knox = settings.REST_KNOX.copy()
-no_auto_refresh_knox["AUTO_REFRESH"] = False
+
+auto_refresh_knox = knox_settings.defaults.copy()
+auto_refresh_knox["AUTO_REFRESH"] = True
 
 
 class AuthTestCase(TestCase):
@@ -147,14 +149,19 @@ def test_token_expiry_is_extended_with_auto_refresh_activated(self):
 
         self.client.credentials(HTTP_AUTHORIZATION=('Token %s' % token_key))
         five_hours_later = original_time + timedelta(hours=5)
-        with freeze_time(five_hours_later):
-            response = self.client.get(root_url, {}, format='json')
+        with override_settings(REST_KNOX=auto_refresh_knox):
+            reload_module(auth)  # necessary to reload settings in core code
+            with freeze_time(five_hours_later):
+                response = self.client.get(root_url, {}, format='json')
+        reload_module(auth)
         self.assertEqual(response.status_code, 200)
 
         # original expiry date was extended:
         new_expiry = AuthToken.objects.get().expires
-        self.assertEqual(new_expiry.replace(tzinfo=None),
-                         original_time + ttl + timedelta(hours=5))
+        expected_expiry = original_time + ttl + timedelta(hours=5)
+        self.assertEqual(new_expiry.replace(tzinfo=None), expected_expiry,
+                         "Expiry time should have been extended to {} but is {}."
+                         .format(expected_expiry, new_expiry))
 
         # token works after original expiry:
         after_original_expiry = original_time + ttl + timedelta(hours=1)
@@ -168,8 +175,8 @@ def test_token_expiry_is_extended_with_auto_refresh_activated(self):
             response = self.client.get(root_url, {}, format='json')
             self.assertEqual(response.status_code, 401)
 
-    @override_settings(REST_KNOX=no_auto_refresh_knox)
     def test_token_expiry_is_not_extended_with_auto_refresh_deativated(self):
+        self.assertEqual(knox_settings.AUTO_REFRESH, False)
         self.assertEqual(knox_settings.TOKEN_TTL, timedelta(hours=10))
 
         now = datetime.now()
@@ -186,8 +193,6 @@ def test_token_expiry_is_not_extended_with_auto_refresh_deativated(self):
         self.assertEqual(original_expiry, AuthToken.objects.get().expires)
 
     def test_token_expiry_is_not_extended_within_MIN_REFRESH_INTERVAL(self):
-        self.assertEqual(settings.REST_KNOX["AUTO_REFRESH"], True)
-
         now = datetime.now()
         with freeze_time(now):
             token_key = AuthToken.objects.create(user=self.user)
@@ -196,8 +201,11 @@ def test_token_expiry_is_not_extended_within_MIN_REFRESH_INTERVAL(self):
 
         self.client.credentials(HTTP_AUTHORIZATION=('Token %s' % token_key))
         in_min_interval = now + timedelta(seconds=CONSTANTS.MIN_REFRESH_INTERVAL - 10)
-        with freeze_time(in_min_interval):
-            response = self.client.get(root_url, {}, format='json')
+        with override_settings(REST_KNOX=auto_refresh_knox):
+            reload_module(auth)  # necessary to reload settings in core code
+            with freeze_time(in_min_interval):
+                response = self.client.get(root_url, {}, format='json')
+        reload_module(auth)  # necessary to reload settings in core code
 
         self.assertEqual(response.status_code, 200)
         self.assertEqual(original_expiry, AuthToken.objects.get().expires)