How to fake JWT Authorization outside of request context and get current identity?

Question

I'm creating a Flask app with JWT Authorization and trying to test services with PyTest.

I successfully added tests to endpoints, but when I trying to add unit tests for certain function I can't access current user, because flask_jwt_extended.get_current_user() returns None.

Here is simple example:

@api.route('/listings', methods=['POST'])
@jwt_required
def create_listing():
    payload = request.json
    listing = listing_svc.create(payload)
    return listing


def create(payload):
    listing = ListingSchema().load(payload, db.session).data


class ListingSchema(ModelSchema):
    id = field_for(Project, 'id', dump_only=True)
    creator_user_id = field_for(Project, 'creator_user_id')
    # ...

    @pre_load
    def set_creator_id(self, data):
        current_user = flask_jwt_extended.get_current_user()
        data['creator_user_id'] = current_user.id

It works when I authorize and send a request using app_context:

with client.application.app_context():
    rv = client.post('/listings',
        # ...
    )

But what I need is to test create function without sending a request to client. In this case flask_jwt_extended.get_current_user() returns None, so I think I should set request context some way before running this function.

I tried to do this...

fake_payload = {}
with client.application.test_request_context('/listings', headers={'Authorization': 'Bearer ' + access_token}):
    create(fake_payload)

but still getting current_user is None

This is how I get token:

def login(email, password):
    user = get_by_email(email)
    if user and check_password_hash(user.password, password):
        return access_token = flask_jwt_extended.create_access_token(identity=email)

Answer 1

If you are writing unit tests, using mock can be helpful. For jwt authorization with flask-jwt-extended you can patch the verify_jwt_in_request method which is called from the jwt_required decorator. Then you can also patch the get_jwt_identity function to return a test username. For example:

from unittest.mock import patch


@patch('path.to.some.code.get_jwt_identity')
@patch('flask_jwt_extended.view_decorators.verify_jwt_in_request')
def test_some_code(mock_jwt_required, mock_jwt_identity):
    mock_jwt_identity.return_value = 'user1'

    # Test jwt protected endpoint

Note: This patch is specific to latest package version flask-jwt-extended==3.21.0. The code may change with new versions.

Answer 2

Question from a long time ago but here is the solution for further readers.

You need to activate the app_context, then the request_context and finally call the function decorator is calling, which is verify_jwt_in_request:

fake_payload = {}
with client.application.app_context():
    with client.application.test_request_context('/listings', headers={'Authorization': 'Bearer ' + access_token}):
        verify_jwt_in_request()
        create(fake_payload)

and now you have your current_user set

Answer 3

If you truly want to unit test you need to unit test one function at a time. This is true test driven development in my opinion. So first write tests for create then load and so on. Use patching to mock the functionality of calls to other functions.