make jti and aud required fields, since they are primary keys in the …

…db, add test to back it up
ueberauth · Feb 1, 2021 · e29fd7f · e29fd7f
1 parent 57bc0fe
commit e29fd7f
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 0 deletions.
diff --git a/lib/guardian/db/token.ex b/lib/guardian/db/token.ex
@@ -10,6 +10,7 @@ defmodule Guardian.DB.Token do
   alias Guardian.DB.Token
 
   @primary_key {:jti, :string, autogenerate: false}
+  @required_fields ~w(jti aud)a
   @allowed_fields ~w(jti typ aud iss sub exp jwt claims)a
 
   schema "virtual: token" do
@@ -52,6 +53,7 @@ defmodule Guardian.DB.Token do
     |> Ecto.put_meta(source: schema_name())
     |> Ecto.put_meta(prefix: prefix())
     |> cast(prepared_claims, @allowed_fields)
+    |> validate_required(@required_fields)
     |> Guardian.DB.repo().insert()
   end
 

diff --git a/test/guardian/db_fail_test.exs b/test/guardian/db_fail_test.exs
@@ -0,0 +1,14 @@
+defmodule Guardian.DBFailTest do
+  alias Guardian.DB.Token
+  use Guardian.DB.TestSupport.CaseTemplate
+
+  test "after_encode_and_sign_in is fails", context do
+    token = get_token()
+    assert token == nil
+
+    {:error, :token_storage_failure} = Guardian.DB.after_encode_and_sign(%{}, "token", %{}, "The JWT")
+    token = get_token()
+    assert token == nil
+
+  end
+end