Expanded user coverage #22
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Expanded tests of user routes to increase coverage Moved "/user/me" route to /profile Added check to avoid 500 error when adding a username already in the db Added refresh_token mechanism and associated tests
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I'm just learning about FastAPI and this project was incredibly useful!
PR Summary:
Found the same bugs listed on a previous PR. While expanding the tests for the user route I found the ordering bug listed in another PR. I started by re-ordering the functions but ultimately decided the "/user/me" route was too risky (for me) i.e. a user is created with the username of "me"... thus I elected to move the route from /user/me to /profile.
Added a JWT refresh_token mechanism that I'm going to need for my next project. This includes the new /refesh_token POST route for updating the the access_token. The access_token now includes a boolean "fresh" value in the JWT to indicated if it was issued based on a /token request or by the refresh_token request. Added a new depends (AuthenticatedFreshUser) to require that the user must have a "fresh" access_token or be a superuser.