Deepak
c28939d2b8
All checks were successful
gitea-deepak/gogmagog/pipeline/head This commit looks good
79 lines
2.0 KiB
Go
79 lines
2.0 KiB
Go
package tokens_test
|
|
|
|
import (
|
|
"gitea.deepak.science/deepak/gogmagog/models"
|
|
"gitea.deepak.science/deepak/gogmagog/tokens"
|
|
"github.com/stretchr/testify/assert"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
)
|
|
|
|
var middlewareURL string = "/"
|
|
|
|
func mwRequestAuth(header string) *http.Request {
|
|
req, _ := http.NewRequest("GET", middlewareURL, nil)
|
|
req.Header.Add(authKey, header)
|
|
|
|
return req
|
|
}
|
|
|
|
func verifyingHandler(t *testing.T, username string, userID int) http.Handler {
|
|
assert := assert.New(t)
|
|
toker := tokens.New("secret")
|
|
dummyHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
ctx := r.Context()
|
|
receivedID, _ := tokens.GetUserID(ctx)
|
|
receivedUsername, _ := tokens.GetUsername(ctx)
|
|
assert.EqualValues(userID, receivedID)
|
|
assert.Equal(username, receivedUsername)
|
|
})
|
|
return toker.Authenticator(dummyHandler)
|
|
}
|
|
|
|
func TestMiddlewareNoToken(t *testing.T) {
|
|
assert := assert.New(t)
|
|
|
|
req := httptest.NewRequest(http.MethodGet, middlewareURL, nil)
|
|
rr := httptest.NewRecorder()
|
|
|
|
middlewareHandler := verifyingHandler(t, "", 0)
|
|
middlewareHandler.ServeHTTP(rr, req)
|
|
|
|
status := rr.Code
|
|
assert.Equal(http.StatusUnauthorized, status)
|
|
}
|
|
|
|
func TestMiddlewareBadToken(t *testing.T) {
|
|
assert := assert.New(t)
|
|
|
|
req := mwRequestAuth("Bearer bad")
|
|
rr := httptest.NewRecorder()
|
|
|
|
middlewareHandler := verifyingHandler(t, "", 0)
|
|
middlewareHandler.ServeHTTP(rr, req)
|
|
|
|
status := rr.Code
|
|
assert.Equal(http.StatusUnauthorized, status)
|
|
}
|
|
|
|
func TestMiddlewareGoodToken(t *testing.T) {
|
|
assert := assert.New(t)
|
|
|
|
idToUse := 3
|
|
username := "username"
|
|
displayName := "display name"
|
|
user := &models.UserNoPassword{UserID: int64(idToUse), Username: username, DisplayName: displayName}
|
|
|
|
toker := tokens.New("secret")
|
|
validToken := toker.EncodeUser(user)
|
|
req := mwRequestAuth("Bearer " + validToken)
|
|
rr := httptest.NewRecorder()
|
|
|
|
middlewareHandler := verifyingHandler(t, username, idToUse)
|
|
middlewareHandler.ServeHTTP(rr, req)
|
|
|
|
status := rr.Code
|
|
assert.Equal(http.StatusOK, status)
|
|
}
|