ds_author cookie can now expire, closes #829

Refs https://github.com/simonw/datasette-auth-github/issues/62#issuecomment-642152076
2025-12-10 16:51:24 +01:00 · 2020-06-10 12:39:54 -07:00 · 2020-06-10 12:39:54 -07:00 · 57e812d5de
commit 57e812d5de
parent d828abadde
9 changed files with 99 additions and 21 deletions
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@ -1,4 +1,7 @@
 from .fixtures import app_client
+import baseconv
+import pytest
+import time


 def test_auth_token(app_client):
@ -8,7 +11,9 @@ def test_auth_token(app_client):
    response = app_client.get(path, allow_redirects=False,)
    assert 302 == response.status
    assert "/" == response.headers["Location"]
-    assert {"id": "root"} == app_client.ds.unsign(response.cookies["ds_actor"], "actor")
+    assert {"a": {"id": "root"}} == app_client.ds.unsign(
+        response.cookies["ds_actor"], "actor"
+    )
    # Check that a second with same token fails
    assert app_client.ds._root_token is None
    assert 403 == app_client.get(path, allow_redirects=False,).status
@ -16,6 +21,18 @@ def test_auth_token(app_client):

 def test_actor_cookie(app_client):
    "A valid actor cookie sets request.scope['actor']"
-    cookie = app_client.ds.sign({"id": "test"}, "actor")
+    cookie = app_client.actor_cookie({"id": "test"})
    response = app_client.get("/", cookies={"ds_actor": cookie})
    assert {"id": "test"} == app_client.ds._last_request.scope["actor"]
+
+
+@pytest.mark.parametrize(
+    "offset,expected", [((24 * 60 * 60), {"id": "test"}), (-(24 * 60 * 60), None),]
+)
+def test_actor_cookie_that_expires(app_client, offset, expected):
+    expires_at = int(time.time()) + offset
+    cookie = app_client.ds.sign(
+        {"a": {"id": "test"}, "e": baseconv.base62.encode(expires_at)}, "actor"
+    )
+    response = app_client.get("/", cookies={"ds_actor": cookie})
+    assert expected == app_client.ds._last_request.scope["actor"]