| 105 | |
| 106 | |
| 107 | class AdminJwtTests(SettingsOverrideMixin, unittest.TestCase): |
| 108 | def test_admin_jwt_signature_uses_independent_secret(self): |
| 109 | settings.admin_token = hash_password("old-admin-password") |
| 110 | settings.jwt_secret = "j" * 48 |
| 111 | |
| 112 | token = create_token({"is_admin": True}, expires_in=60) |
| 113 | self.assertTrue(verify_token(token)["is_admin"]) |
| 114 | |
| 115 | settings.admin_token = hash_password("new-admin-password") |
| 116 | self.assertTrue(verify_token(token)["is_admin"]) |
| 117 | |
| 118 | settings.jwt_secret = "k" * 48 |
| 119 | with self.assertRaises(ValueError): |
| 120 | verify_token(token) |
| 121 | |
| 122 | |
| 123 | class FakeKeyValue: |
nothing calls this directly
no outgoing calls
no test coverage detected