From 1ecd784b4e321dcc947550d50c79daa9538bae34 Mon Sep 17 00:00:00 2001 From: Egor fureunoir Gorbunov Date: Fri, 14 Nov 2025 17:21:39 +0300 Subject: [PATCH] Features: 1) Add setup for generating authorization tokens in DRFCoreViewsTests; 2) Simplify user handling in JWT mutations using validated serializer data. Fixes: 1) Correct redundant user lookup in JWT mutations. Extra: 1) Add TODO comments for HTTP method tests in both DRF and Graphene test modules; 2) Minor cleanup in test files. --- engine/core/tests/test_drf.py | 25 +++++++++++++++++++++++++ engine/core/tests/test_graphene.py | 3 +++ engine/vibes_auth/graphene/mutations.py | 9 +++------ 3 files changed, 31 insertions(+), 6 deletions(-) diff --git a/engine/core/tests/test_drf.py b/engine/core/tests/test_drf.py index 1580a9dc..3900c36a 100644 --- a/engine/core/tests/test_drf.py +++ b/engine/core/tests/test_drf.py @@ -1,8 +1,33 @@ from django.test import TestCase from rest_framework.test import APIClient +from engine.vibes_auth.models import User +from engine.vibes_auth.serializers import TokenObtainPairSerializer + class DRFCoreViewsTests(TestCase): def setUp(self): super().setUp() self.client = APIClient() + self.superuser_password = "Str0ngPass!word1" + self.superuser = User.objects.create( + email="test-superuser@email.com", + password=self.superuser_password, + is_active=True, + is_verified=True, + is_superuser=True, + is_staff=True, + ) + self.user_password = "Str0ngPass!word2" + self.user = User.objects.create( + email="test-superuser@email.com", password=self.user_password, is_active=True, is_verified=True + ) + + def _get_authorization_token(self, user): + serializer = TokenObtainPairSerializer( + data={"email": user.email, "password": self.superuser_password if user.is_superuser else self.user_password} + ) + serializer.is_valid(raise_exception=True) + return serializer.validated_data["access_token"] + +# TODO: create tests for every possible HTTP method in core module with DRF stack diff --git a/engine/core/tests/test_graphene.py b/engine/core/tests/test_graphene.py index f95d4c41..477f5218 100644 --- a/engine/core/tests/test_graphene.py +++ b/engine/core/tests/test_graphene.py @@ -13,3 +13,6 @@ class GraphQLCoreTests(TestCase): response = self.client.post(url, data=payload, content_type="application/json") self.assertEqual(response.status_code, 200, response.json()) return response.json() + + +# TODO: create tests for every possible HTTP method in core module with Graphene stack diff --git a/engine/vibes_auth/graphene/mutations.py b/engine/vibes_auth/graphene/mutations.py index 4c06d14e..bcdb6c5f 100644 --- a/engine/vibes_auth/graphene/mutations.py +++ b/engine/vibes_auth/graphene/mutations.py @@ -204,9 +204,8 @@ class ObtainJSONWebToken(BaseMutation): serializer = TokenObtainPairSerializer(data={"email": email, "password": password}) try: serializer.is_valid(raise_exception=True) - user = User.objects.get(email=email) return ObtainJSONWebToken( - user=user, + user=serializer.validated_data["user"], refresh_token=serializer.validated_data["refresh"], access_token=serializer.validated_data["access"], ) @@ -227,9 +226,9 @@ class RefreshJSONWebToken(BaseMutation): try: serializer.is_valid(raise_exception=True) return RefreshJSONWebToken( + user=serializer.validated_data["user"], access_token=serializer.validated_data["access"], refresh_token=serializer.validated_data["refresh"], - user=User.objects.get(uuid=serializer.validated_data["user"]["uuid"]), ) except Exception as e: raise PermissionDenied(f"invalid refresh token provided: {e!s}") from e @@ -247,10 +246,8 @@ class VerifyJSONWebToken(BaseMutation): serializer = TokenVerifySerializer(data={"token": token}) with suppress(Exception): serializer.is_valid(raise_exception=True) - user_uuid = serializer.validated_data["user"]["uuid"] - user = User.objects.get(pk=user_uuid) # noinspection PyTypeChecker - return VerifyJSONWebToken(token_is_valid=True, user=user) + return VerifyJSONWebToken(token_is_valid=True, user=serializer.validated_data["user"]) detail = traceback.format_exc() if settings.DEBUG else "" # noinspection PyTypeChecker return VerifyJSONWebToken(token_is_valid=False, user=None, detail=detail)