mirror of
https://github.com/volatiletech/authboss.git
synced 2024-11-24 08:42:17 +02:00
Make auth tests more solid
This commit is contained in:
Aaron L
parent
d4f8d2f292
commit
1068509540
@ -2,6 +2,7 @@
|
||||
package auth
|
||||
|
||||
import (
|
||||
"context"
|
||||
"net/http"
|
||||
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
@ -83,6 +84,8 @@ func (a *Auth) LoginPost(w http.ResponseWriter, r *http.Request) error {
|
||||
authUser := authboss.MustBeAuthable(pidUser)
|
||||
password := authUser.GetPassword()
|
||||
|
||||
r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyUser, pidUser))
|
||||
|
||||
var handled bool
|
||||
err = bcrypt.CompareHashAndPassword([]byte(password), []byte(creds.GetPassword()))
|
||||
if err != nil {
|
||||
@ -118,7 +121,7 @@ func (a *Auth) LoginPost(w http.ResponseWriter, r *http.Request) error {
|
||||
|
||||
ro := authboss.RedirectOptions{
|
||||
Code: http.StatusTemporaryRedirect,
|
||||
RedirectPath: a.Authboss.Paths.AuthLogoutOK,
|
||||
RedirectPath: a.Authboss.Paths.AuthLoginOK,
|
||||
}
|
||||
return a.Authboss.Core.Redirector.Redirect(w, r, ro)
|
||||
}
|
||||
|
||||
@ -22,7 +22,9 @@ func TestAuthInit(t *testing.T) {
|
||||
ab.Config.Core.ErrorHandler = errHandler
|
||||
|
||||
a := &Auth{}
|
||||
a.Init(ab)
|
||||
if err := a.Init(ab); err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
if err := renderer.HasLoadedViews(PageLogin); err != nil {
|
||||
t.Error(err)
|
||||
@ -79,6 +81,9 @@ func testSetup() *testHarness {
|
||||
harness.session = mocks.NewClientRW()
|
||||
harness.storer = mocks.NewServerStorer()
|
||||
|
||||
harness.ab.Paths.AuthLoginOK = "/login/ok"
|
||||
harness.ab.Paths.AuthLogoutOK = "/logout/ok"
|
||||
|
||||
harness.ab.Config.Core.BodyReader = harness.bodyReader
|
||||
harness.ab.Config.Core.Logger = mocks.Logger{}
|
||||
harness.ab.Config.Core.Responder = harness.responder
|
||||
@ -133,6 +138,9 @@ func TestAuthPostSuccess(t *testing.T) {
|
||||
if resp.Code != http.StatusTemporaryRedirect {
|
||||
t.Error("code was wrong:", resp.Code)
|
||||
}
|
||||
if h.redirector.Options.RedirectPath != "/login/ok" {
|
||||
t.Error("redirect path was wrong:", h.redirector.Options.RedirectPath)
|
||||
}
|
||||
|
||||
if _, ok := h.session.ClientValues[authboss.SessionHalfAuthKey]; ok {
|
||||
t.Error("half auth should have been deleted")
|
||||
@ -235,6 +243,7 @@ func TestAuthPostBadPassword(t *testing.T) {
|
||||
}
|
||||
|
||||
t.Run("normal", func(t *testing.T) {
|
||||
t.Parallel()
|
||||
h := setupMore(testSetup())
|
||||
|
||||
r := mocks.Request("POST")
|
||||
@ -269,6 +278,7 @@ func TestAuthPostBadPassword(t *testing.T) {
|
||||
})
|
||||
|
||||
t.Run("handledAfter", func(t *testing.T) {
|
||||
t.Parallel()
|
||||
h := setupMore(testSetup())
|
||||
|
||||
r := mocks.Request("POST")
|
||||
@ -373,6 +383,13 @@ func TestAuthLogout(t *testing.T) {
|
||||
t.Error(err)
|
||||
}
|
||||
|
||||
if resp.Code != http.StatusTemporaryRedirect {
|
||||
t.Error("response code wrong:", resp.Code)
|
||||
}
|
||||
if h.redirector.Options.RedirectPath != "/logout/ok" {
|
||||
t.Error("redirect path was wrong:", h.redirector.Options.RedirectPath)
|
||||
}
|
||||
|
||||
if _, ok := h.session.ClientValues[authboss.SessionKey]; ok {
|
||||
t.Error("want session key gone")
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user