test: Add verify_session test for Django

KShivendu · KShivendu · commit ee096c3c720b · 2023-07-07T13:23:38.000+05:30
diff --git a/supertokens_python/recipe/session/framework/fastapi/__init__.py b/supertokens_python/recipe/session/framework/fastapi/__init__.py
@@ -64,7 +64,7 @@ async def func(request: Request) -> Union[SessionContainer, None]:
     return func
 
 
-async def st_exception_handler(request: Request, exc: SuperTokensError) -> JSONResponse:
+async def session_exception_handler(request: Request, exc: SuperTokensError) -> JSONResponse:
     """FastAPI exceptional handler for errors raised by Supertokens SDK when not using middleware
 
     Usage: `app.add_exception_handler(SuperTokensError, st_exception_handler)`
diff --git a/tests/Django/test_django.py b/tests/Django/test_django.py
@@ -33,11 +33,12 @@
     create_new_session,
     get_session,
     refresh_session,
+    create_new_session_without_request_response,
 )
 from supertokens_python.recipe.session.framework.django.asyncio import verify_session
 
 import pytest
-from tests.utils import clean_st, reset, setup_st, start_st, create_users
+from tests.utils import clean_st, reset, setup_st, start_st, create_users, get_st_init_args
 from supertokens_python.recipe.dashboard import DashboardRecipe, InputOverrideConfig
 from supertokens_python.recipe.dashboard.interfaces import RecipeInterface
 from supertokens_python.framework import BaseRequest
@@ -111,6 +112,11 @@ async def optional_session(request: HttpRequest):
     return JsonResponse({"s": session.get_handle()})
 
 
+@verify_session()
+async def verify_view(request: HttpRequest):
+    session: SessionContainer = request.supertokens  # type: ignore
+    return JsonResponse({"handle": session.get_handle()}) # type: ignore
+
 class SupertokensTest(TestCase):
     def setUp(self):
         self.factory = RequestFactory()
@@ -874,6 +880,41 @@ async def test_search_with_provider_google_and_phone_one(self):
         data_json = json.loads(response.content)
         self.assertEqual(len(data_json["users"]), 0)
 
+    async def test_that_verify_session_return_401_if_access_token_is_not_sent_and_middleware_is_not_added(self):
+        args = get_st_init_args([session.init(get_token_transfer_method=lambda *_: "header")]) # type: ignore
+        args.update({"framework": "django"})
+        init(**args) # type: ignore
+        start_st()
+
+        # Try with middleware
+        request = self.factory.get("/verify")
+        response = await middleware(verify_view)(request)
+        assert response.status_code == 401
+        assert json.loads(response.content) == {"message": "unauthorised"}
+
+        # Try without middleware
+        request = self.factory.get("/verify")
+        response = await verify_view(request)
+        assert response.status_code == 401
+        assert json.loads(response.content) == {"message": "unauthorised"}
+
+        # Create a session and get access token
+        s = await create_new_session_without_request_response("userId", {}, {})
+        access_token = s.get_access_token()
+        headers = {"HTTP_AUTHORIZATION": "Bearer " + access_token}
+
+        # Now try with middleware:
+        request = self.factory.get("/verify", {}, **headers)
+        response = await middleware(verify_view)(request)
+        assert response.status_code == 200
+        assert list(json.loads(response.content)) == ["handle"]
+
+        # Now try without middleware:
+        request = self.factory.get("/verify", **headers)
+        response = await verify_view(request)
+        assert response.status_code == 200
+        assert list(json.loads(response.content)) == ["handle"]
+
 
 def test_remove_header_works():
     response = HttpResponse()
diff --git a/tests/sessions/claims/test_verify_session.py b/tests/sessions/claims/test_verify_session.py
@@ -16,7 +16,7 @@
 )
 from supertokens_python.recipe.session.framework.fastapi import (
     verify_session,
-    st_exception_handler,
+    session_exception_handler,
 )
 from supertokens_python.exceptions import SuperTokensError
 from supertokens_python.recipe.session.interfaces import (
@@ -550,7 +550,7 @@ async def client_without_middleware():
     async def _verify(s: Session = Depends(verify_session())):  # type: ignore
         return {"handle": s.get_handle()}
 
-    app.add_exception_handler(SuperTokensError, st_exception_handler)  # type: ignore
+    app.add_exception_handler(SuperTokensError, session_exception_handler)  # type: ignore
 
     return TestClient(app)
 

Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,7 @@`
`16`	`16`	`)`
`17`	`17`	`from supertokens_python.recipe.session.framework.fastapi import (`
`18`	`18`	`verify_session,`
`19`		`- st_exception_handler,`
	`19`	`+ session_exception_handler,`
`20`	`20`	`)`
`21`	`21`	`from supertokens_python.exceptions import SuperTokensError`
`22`	`22`	`from supertokens_python.recipe.session.interfaces import (`
`@@ -550,7 +550,7 @@ async def client_without_middleware():`
`550`	`550`	`async def _verify(s: Session = Depends(verify_session())): # type: ignore`
`551`	`551`	`return {"handle": s.get_handle()}`
`552`	`552`
`553`		`- app.add_exception_handler(SuperTokensError, st_exception_handler) # type: ignore`
	`553`	`+ app.add_exception_handler(SuperTokensError, session_exception_handler) # type: ignore`
`554`	`554`
`555`	`555`	`return TestClient(app)`
`556`	`556`