3 files changed, 29 insertions, 1 deletions

diff --git a/wqflask/tests/utility/test_hmac.py b/wqflask/tests/utility/test_hmac.py
index 7c61c0a6..4e3652f8 100644
--- a/wqflask/tests/utility/test_hmac.py
+++ b/wqflask/tests/utility/test_hmac.py
@@ -17,6 +17,19 @@ class TestHmacUtil(unittest.TestCase):
         """Test hmac creation with a utf-8 string"""
         self.assertEqual(hmac_creation("ファイ"), "7410466338cfe109e946")
 
+    @mock.patch("utility.hmac.app.config",
+                {'SECRET_HMAC_CODE': ('\x08\xdf\xfa\x93N\x80'
+                                      '\xd9\\H@\\\x9f`\x98d^'
+                                      '\xb4a;\xc6OM\x946a\xbc'
+                                      '\xfc\x80:*\xebc')})
+    def test_hmac_creation_with_cookie(self):
+        """Test hmac creation with a cookie"""
+        cookie = "3f4c1dbf-5b56-4260-87d6-f35445bda37e:af4fcf5eace9e7c864ce"
+        uuid_, _, signature = cookie.partition(":")
+        self.assertEqual(
+            hmac_creation(uuid_),
+            "af4fcf5eace9e7c864ce")
+
     @mock.patch("utility.hmac.app.config", {'SECRET_HMAC_CODE': "secret"})
     def test_data_hmac(self):
         """Test data_hmac fn with a utf-8 string"""
diff --git a/wqflask/tests/wqflask/test_user_session.py b/wqflask/tests/wqflask/test_user_session.py
new file mode 100644
index 00000000..ebb0334a
--- /dev/null
+++ b/wqflask/tests/wqflask/test_user_session.py
@@ -0,0 +1,15 @@
+"""Test cases for some methods in user_session.py"""
+
+import unittest
+from wqflask.user_session import verify_cookie
+
+
+class TestUserSession(unittest.TestCase):
+    def test_verify_cookie(self):
+        """
+        Test cookie verification
+        """
+        self.assertEqual(
+            "3f4c1dbf-5b56-4260-87d6-f35445bda37e",
+            verify_cookie(("3f4c1dbf-5b56-4260-87d6-"
+                           "f35445bda37e:af4fcf5eace9e7c864ce")))
diff --git a/wqflask/utility/hmac.py b/wqflask/utility/hmac.py
index 6623f69a..29891677 100644
--- a/wqflask/utility/hmac.py
+++ b/wqflask/utility/hmac.py
@@ -10,7 +10,7 @@ def hmac_creation(stringy):
     """Helper function to create the actual hmac"""
 
     secret = app.config['SECRET_HMAC_CODE']
-    hmaced = hmac.new(bytearray(secret, "utf-8"),
+    hmaced = hmac.new(bytearray(secret, "latin-1"),
                       bytearray(stringy, "utf-8"),
                       hashlib.sha1)
     hm = hmaced.hexdigest()