Remove JWT related code

2021-04-24 20:05:00 +02:00 · 2021-04-24 20:05:00 +02:00 · 88de997603
commit 88de997603
parent f1f9f935cf
13 changed files with 2 additions and 331 deletions
--- a/api/tests/common/test_authentication.py
+++ b/api/tests/common/test_authentication.py
@ -1,8 +1,5 @@
 import pytest

-from rest_framework import exceptions
-from rest_framework_jwt.settings import api_settings as jwt_settings
-
 from funkwhale_api.common import authentication


@ -33,35 +30,6 @@ def test_should_verify_email(
    assert authentication.should_verify_email(user) is expected


-@pytest.mark.parametrize(
-    "setting_value, verified_email, expected",
-    [
-        ("mandatory", False, True),
-        ("optional", False, False),
-        ("mandatory", True, False),
-        ("optional", True, False),
-    ],
-)
-def test_json_webtoken_auth_verify_email_validity(
-    setting_value, verified_email, expected, factories, settings, mocker, api_request
-):
-    settings.ACCOUNT_EMAIL_VERIFICATION = setting_value
-    user = factories["users.User"](verified_email=verified_email)
-    should_verify = mocker.spy(authentication, "should_verify_email")
-    payload = jwt_settings.JWT_PAYLOAD_HANDLER(user)
-    token = jwt_settings.JWT_ENCODE_HANDLER(payload)
-    request = api_request.get("/", HTTP_AUTHORIZATION="JWT {}".format(token))
-
-    auth = authentication.JSONWebTokenAuthentication()
-    if expected is False:
-        assert auth.authenticate(request)[0] == user
-    else:
-        with pytest.raises(exceptions.AuthenticationFailed, match=r".*verify.*"):
-            auth.authenticate(request)
-
-    should_verify.assert_called_once_with(user)
-
-
 def test_app_token_authentication(factories, api_request):
    user = factories["users.User"]()
    app = factories["users.Application"](user=user, scope="read write")
--- a/api/tests/common/test_routers.py
+++ b/api/tests/common/test_routers.py
@ -22,8 +22,6 @@ from django import urls
        "/api/v1/manage/accounts",
        "/api/v1/oauth/apps",
        "/api/v1/moderation/content-filters",
-        "/api/v1/token",
-        "/api/v1/token/refresh",
        "/api/v1/instance/settings",
        "/api/v1/instance/nodeinfo/2.0",
    ],
--- a/api/tests/test_auth.py
+++ b/api/tests/test_auth.py
@ -5,20 +5,6 @@ jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
 jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER


-def test_can_authenticate_using_jwt_token_param_in_url(factories, preferences, client):
-    user = factories["users.User"]()
-    preferences["common__api_authentication_required"] = True
-    url = reverse("api:v1:tracks-list")
-    response = client.get(url)
-
-    assert response.status_code == 401
-
-    payload = jwt_payload_handler(user)
-    token = jwt_encode_handler(payload)
-    response = client.get(url, data={"jwt": token})
-    assert response.status_code == 200
-
-
 def test_can_authenticate_using_oauth_token_param_in_url(
    factories, preferences, client, mocker
 ):
--- a/api/tests/users/test_jwt.py
+++ b/api/tests/users/test_jwt.py
@ -1,43 +0,0 @@
-import pytest
-from jwt.exceptions import DecodeError
-from rest_framework_jwt.settings import api_settings
-
-
-def test_can_invalidate_token_when_changing_user_secret_key(factories):
-    user = factories["users.User"]()
-    u1 = user.secret_key
-    jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
-    jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
-    payload = jwt_payload_handler(user)
-    payload = jwt_encode_handler(payload)
-
-    # this should work
-    api_settings.JWT_DECODE_HANDLER(payload)
-
-    # now we update the secret key
-    user.update_secret_key()
-    user.save()
-    assert user.secret_key != u1
-
-    # token should be invalid
-    with pytest.raises(DecodeError):
-        api_settings.JWT_DECODE_HANDLER(payload)
-
-
-def test_can_invalidate_token_when_changing_settings_secret_key(factories, settings):
-    settings.SECRET_KEY = "test1"
-    user = factories["users.User"]()
-    jwt_payload_handler = api_settings.JWT_PAYLOAD_HANDLER
-    jwt_encode_handler = api_settings.JWT_ENCODE_HANDLER
-    payload = jwt_payload_handler(user)
-    payload = jwt_encode_handler(payload)
-
-    # this should work
-    api_settings.JWT_DECODE_HANDLER(payload)
-
-    # now we update the secret key
-    settings.SECRET_KEY = "test2"
-
-    # token should be invalid
-    with pytest.raises(DecodeError):
-        api_settings.JWT_DECODE_HANDLER(payload)
--- a/api/tests/users/test_views.py
+++ b/api/tests/users/test_views.py
@ -134,42 +134,6 @@ def test_can_fetch_data_from_api(api_client, factories):
    )


-def test_can_get_token_via_api(api_client, factories):
-    user = factories["users.User"]()
-    url = reverse("api:v1:token")
-    payload = {"username": user.username, "password": "test"}
-
-    response = api_client.post(url, payload)
-    assert response.status_code == 200
-    assert "token" in response.data
-
-
-def test_can_get_token_via_api_inactive(api_client, factories):
-    user = factories["users.User"](is_active=False)
-    url = reverse("api:v1:token")
-    payload = {"username": user.username, "password": "test"}
-
-    response = api_client.post(url, payload)
-    assert response.status_code == 400
-
-
-def test_can_refresh_token_via_api(api_client, factories, mocker):
-    # first, we get a token
-    user = factories["users.User"]()
-    url = reverse("api:v1:token")
-    payload = {"username": user.username, "password": "test"}
-
-    response = api_client.post(url, payload)
-    assert response.status_code == 200
-
-    token = response.data["token"]
-    url = reverse("api:v1:token_refresh")
-    response = api_client.post(url, {"token": token})
-
-    assert response.status_code == 200
-    assert "token" in response.data
-
-
 def test_changing_password_updates_secret_key(logged_in_api_client):
    user = logged_in_api_client.user
    password = user.password
@ -488,40 +452,6 @@ def test_signup_with_approval_enabled_validation_error(
    assert response.status_code == 400


-def test_user_login_jwt(factories, api_client):
-    user = factories["users.User"]()
-    data = {
-        "username": user.username,
-        "password": "test",
-    }
-    url = reverse("api:v1:token")
-    response = api_client.post(url, data)
-    assert response.status_code == 200
-
-
-@pytest.mark.parametrize(
-    "setting_value, verified_email, expected_status_code",
-    [
-        ("mandatory", False, 400),
-        ("mandatory", True, 200),
-        ("optional", False, 200),
-        ("optional", True, 200),
-    ],
-)
-def test_user_login_jwt_honor_email_verification(
-    setting_value, verified_email, expected_status_code, settings, factories, api_client
-):
-    settings.ACCOUNT_EMAIL_VERIFICATION = setting_value
-    user = factories["users.User"](verified_email=verified_email)
-    data = {
-        "username": user.username,
-        "password": "test",
-    }
-    url = reverse("api:v1:token")
-    response = api_client.post(url, data)
-    assert response.status_code == expected_status_code
-
-
 def test_login_via_api(api_client, factories):
    user = factories["users.User"]()
    url = reverse("api:v1:users:login")