Arnike/duty-teller
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 14 Wiki Activity
Files
28973489a5e497287c2ac9f580f319da498acbd1
duty-teller/tests/test_telegram_auth.py
Nikolay Tatarinov 28973489a5 Refactor project structure and enhance Docker configuration 
- Updated `.dockerignore` to exclude test and development artifacts, optimizing the Docker image size.
- Refactored `main.py` to delegate execution to `duty_teller.run.main()`, simplifying the entry point.
- Introduced a new `duty_teller` package to encapsulate core functionality, improving modularity and organization.
- Enhanced `pyproject.toml` to define a script for running the application, streamlining the execution process.
- Updated README documentation to reflect changes in project structure and usage instructions.
- Improved Alembic environment configuration to utilize the new package structure for database migrations.
2026-02-18 13:03:14 +03:00

92 lines
3.2 KiB
Python
Raw Blame History

"""Tests for duty_teller.api.telegram_auth.validate_init_data."""
from duty_teller.api.telegram_auth import validate_init_data
from tests.helpers import make_init_data
def test_valid_payload_returns_username():
bot_token = "123:ABC"
user = {"id": 123, "username": "testuser", "first_name": "Test"}
init_data = make_init_data(user, bot_token)
assert validate_init_data(init_data, bot_token) == "testuser"
def test_valid_payload_username_lowercase():
bot_token = "123:ABC"
user = {"id": 123, "username": "TestUser", "first_name": "Test"}
init_data = make_init_data(user, bot_token)
assert validate_init_data(init_data, bot_token) == "testuser"
def test_invalid_hash_returns_none():
bot_token = "123:ABC"
user = {"id": 123, "username": "testuser"}
init_data = make_init_data(user, bot_token)
# Tamper with hash
init_data = init_data.replace("hash=", "hash=x")
assert validate_init_data(init_data, bot_token) is None
def test_wrong_bot_token_returns_none():
bot_token = "123:ABC"
user = {"id": 123, "username": "testuser"}
init_data = make_init_data(user, bot_token)
assert validate_init_data(init_data, "other:token") is None
def test_missing_user_returns_none():
bot_token = "123:ABC"
init_data = make_init_data(None, bot_token) # no user key
assert validate_init_data(init_data, bot_token) is None
def test_user_without_username_returns_none():
bot_token = "123:ABC"
user = {"id": 123, "first_name": "Test"} # no username
init_data = make_init_data(user, bot_token)
assert validate_init_data(init_data, bot_token) is None
def test_empty_init_data_returns_none():
assert validate_init_data("", "token") is None
assert validate_init_data(" ", "token") is None
def test_empty_bot_token_returns_none():
user = {"id": 1, "username": "u"}
init_data = make_init_data(user, "token")
assert validate_init_data(init_data, "") is None
def test_auth_date_expiry_rejects_old_init_data():
"""When max_age_seconds is set, initData older than that is rejected."""
import time as t
bot_token = "123:ABC"
user = {"id": 1, "username": "testuser"}
# auth_date 100 seconds ago
old_ts = int(t.time()) - 100
init_data = make_init_data(user, bot_token, auth_date=old_ts)
assert validate_init_data(init_data, bot_token, max_age_seconds=60) is None
assert validate_init_data(init_data, bot_token, max_age_seconds=200) == "testuser"
def test_auth_date_expiry_accepts_fresh_init_data():
"""Fresh auth_date within max_age_seconds is accepted."""
import time as t
bot_token = "123:ABC"
user = {"id": 1, "username": "testuser"}
fresh_ts = int(t.time()) - 10
init_data = make_init_data(user, bot_token, auth_date=fresh_ts)
assert validate_init_data(init_data, bot_token, max_age_seconds=60) == "testuser"
def test_auth_date_expiry_requires_auth_date_when_max_age_set():
"""When max_age_seconds is set but auth_date is missing, return None."""
bot_token = "123:ABC"
user = {"id": 1, "username": "testuser"}
init_data = make_init_data(user, bot_token) # no auth_date
assert validate_init_data(init_data, bot_token, max_age_seconds=86400) is None
assert validate_init_data(init_data, bot_token) == "testuser"
Reference in New Issue View Git Blame Copy Permalink