api/auth/auth_test.go


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98

package auth_test

import (
	"database/sql"
	"net/http"
	"net/http/httptest"
	"os"
	"testing"

	"git.hatecomputers.club/hatecomputers/hatecomputers.club/api/auth"
	"git.hatecomputers.club/hatecomputers/hatecomputers.club/api/types"
	"git.hatecomputers.club/hatecomputers/hatecomputers.club/args"
	"git.hatecomputers.club/hatecomputers/hatecomputers.club/database"
	"git.hatecomputers.club/hatecomputers/hatecomputers.club/utils"
)

func IdContinuation(context *types.RequestContext, req *http.Request, resp http.ResponseWriter) types.ContinuationChain {
	return func(success types.Continuation, _failure types.Continuation) types.ContinuationChain {
		return success(context, req, resp)
	}
}

func setup() (*sql.DB, *types.RequestContext, func()) {
	randomDb := utils.RandomId()

	testDb := database.MakeConn(&randomDb)
	database.Migrate(testDb)

	context := &types.RequestContext{
		DBConn:       testDb,
		Args:         &args.Arguments{},
		TemplateData: &(map[string]interface{}{}),
	}

	return testDb, context, func() {
		testDb.Close()
		os.Remove(randomDb)
	}
}

func TestLoginSendsYouToRedirect(t *testing.T) {
	db, context, cleanup := setup()
	defer cleanup()

	user := &database.User{
		ID:       "test",
		Username: "test",
	}
	database.FindOrSaveUser(db, user)

	session, _ := database.MakeUserSessionFor(db, user)

	testServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		auth.VerifySessionContinuation(context, r, w)(IdContinuation, auth.GoLoginContinuation)(IdContinuation, IdContinuation)
	}))
	defer testServer.Close()

	protectedPath := testServer.URL + "/protected-path"
	req := httptest.NewRequest("GET", protectedPath, nil)
	resp := httptest.NewRecorder()
	testServer.Config.Handler.ServeHTTP(resp, req)

	location := resp.Header().Get("Location")
	if resp.Code != http.StatusFound && location != "/login" {
		t.Errorf("expected redirect code, got %d, to login, got %s", resp.Code, location)
	}

	req.AddCookie(&http.Cookie{
		Name:   "session",
		Value:  session.ID,
		MaxAge: 60,
	})
	resp = httptest.NewRecorder()
	testServer.Config.Handler.ServeHTTP(resp, req)
	if resp.Code != http.StatusOK {
}

func TestOauthFormatsUsername(t *testing.T) {

}

func TestSessionIsUnique(t *testing.T) {}

func TestLogoutClearsCookie(t *testing.T) {

}

func TestRefreshUpdatesExpiration(t *testing.T) {

}

func TestVerifySessionEnsuresNonExpired(t *testing.T) {

}

func TestAPITokensAreEquivalentToSessions(t *testing.T) {

}