Track refresh token last usage information (#16408)

* Extend refresh_token to support last_used_at and last_used_by * Address code review comment * Remove unused code * Add it to websocket response * Fix typing
2018-09-12 04:24:16 -07:00 · 2018-09-12 04:24:16 -07:00 · ff78a5b04b
commit ff78a5b04b
parent 453cbb7c60
6 changed files with 65 additions and 10 deletions
--- a/tests/auth/test_init.py
+++ b/tests/auth/test_init.py
@ -278,7 +278,11 @@ async def test_saving_loading(hass, hass_storage):
    })
    user = step['result']
    await manager.async_activate_user(user)
-    await manager.async_create_refresh_token(user, CLIENT_ID)
+    # the first refresh token will be used to create access token
+    refresh_token = await manager.async_create_refresh_token(user, CLIENT_ID)
+    manager.async_create_access_token(refresh_token, '192.168.0.1')
+    # the second refresh token will not be used
+    await manager.async_create_refresh_token(user, 'dummy-client')

    await flush_store(manager._store._store)

@ -286,6 +290,18 @@ async def test_saving_loading(hass, hass_storage):
    users = await store2.async_get_users()
    assert len(users) == 1
    assert users[0] == user
+    assert len(users[0].refresh_tokens) == 2
+    for r_token in users[0].refresh_tokens.values():
+        if r_token.client_id == CLIENT_ID:
+            # verify the first refresh token
+            assert r_token.last_used_at is not None
+            assert r_token.last_used_ip == '192.168.0.1'
+        elif r_token.client_id == 'dummy-client':
+            # verify the second refresh token
+            assert r_token.last_used_at is None
+            assert r_token.last_used_ip is None
+        else:
+            assert False, 'Unknown client_id: %s' % r_token.client_id


 async def test_cannot_retrieve_expired_access_token(hass):