MCPcopy Create free account
hub / github.com/vastsa/FileCodeBox / AdminJwtTests

Class AdminJwtTests

tests/test_admin_security.py:107–120  ·  view source on GitHub ↗

Source from the content-addressed store, hash-verified

105
106
107class AdminJwtTests(SettingsOverrideMixin, unittest.TestCase):
108 def test_admin_jwt_signature_uses_independent_secret(self):
109 settings.admin_token = hash_password("old-admin-password")
110 settings.jwt_secret = "j" * 48
111
112 token = create_token({"is_admin": True}, expires_in=60)
113 self.assertTrue(verify_token(token)["is_admin"])
114
115 settings.admin_token = hash_password("new-admin-password")
116 self.assertTrue(verify_token(token)["is_admin"])
117
118 settings.jwt_secret = "k" * 48
119 with self.assertRaises(ValueError):
120 verify_token(token)
121
122
123class FakeKeyValue:

Callers

nothing calls this directly

Calls

no outgoing calls

Tested by

no test coverage detected