djangorestframework-api-key/tests/test_plain_key_hashing.py at a5e824e2e6c5984aa1be9df253d1e8144b43806d · florimondmanca/djangorestframework-api-key · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
from typing import Callable

import pytest
from django.conf import LazySettings

from rest_framework_api_key.crypto import KeyGenerator
from rest_framework_api_key.models import APIKey


@pytest.mark.parametrize("algorithm", ["sha256", "sha512", "blake2b"])
def test_hashing_algorithm_honors_setting(
    settings: LazySettings, algorithm: str
) -> None:
    settings.DRF_API_KEY_HASHING_ALGORITHM = algorithm
    _key, _prefix, hashed_key = KeyGenerator().generate()
    assert hashed_key.startswith(f"plain_{algorithm}$$")


@pytest.mark.parametrize("algorithm", ["sha256", "sha512", "blake2b"])
def test_hash_verify(settings: LazySettings, algorithm: str) -> None:
    settings.DRF_API_KEY_HASHING_ALGORITHM = algorithm
    key, prefix, hashed_key = KeyGenerator().generate()
    assert KeyGenerator().verify(key, hashed_key, prefix) is True


@pytest.mark.parametrize("update_algo", [True, False])
@pytest.mark.django_db
def test_hash_verify_with_update(
    settings: LazySettings, update_algo: bool, django_assert_num_queries: Callable
) -> None:
    api_key, generated_key = APIKey.objects.create_key(name="test")
    assert not api_key.hashed_key.startswith("plain_")
    assert api_key.is_valid(generated_key) is True

    settings.DRF_API_KEY_HASHING_ALGORITHM = "blake2b"
    settings.DRF_API_KEY_HASH_AUTOUPDATE = update_algo

    assert api_key.is_valid(generated_key) is True
    assert api_key.hashed_key.startswith("plain_blake2b$$") is update_algo
    with django_assert_num_queries(0):
        # no queries should be made to update the key if it is already updated
        assert (
            api_key.is_valid(generated_key) is True
        ), "check still works after potential update"