go/pocketbase
1
0
Fork 0
mirror of https://github.com/pocketbase/pocketbase.git synced 2024-11-28 10:03:42 +02:00
Code Issues Releases Activity

[#215] enabled Settings.AdminFileToken validations and added more tests

Browse Source
This commit is contained in:
Gani Georgiev 2023-04-04 20:47:03 +03:00
parent 64c3e3b3c5
commit ba7000125b
3 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apis/settings_test.go
View File

@ -49,10 +49,12 @@ func TestSettingsList(t *testing.T) {
`"s3":{`,
`"adminAuthToken":{`,
`"adminPasswordResetToken":{`,
`"adminFileToken":{`,
`"recordAuthToken":{`,
`"recordPasswordResetToken":{`,
`"recordEmailChangeToken":{`,
`"recordVerificationToken":{`,
`"recordFileToken":{`,
`"emailAuth":{`,
`"googleAuth":{`,
`"facebookAuth":{`,
@ -125,10 +127,12 @@ func TestSettingsSet(t *testing.T) {
`"s3":{`,
`"adminAuthToken":{`,
`"adminPasswordResetToken":{`,
`"adminFileToken":{`,
`"recordAuthToken":{`,
`"recordPasswordResetToken":{`,
`"recordEmailChangeToken":{`,
`"recordVerificationToken":{`,
`"recordFileToken":{`,
`"emailAuth":{`,
`"googleAuth":{`,
`"facebookAuth":{`,
@ -188,10 +192,12 @@ func TestSettingsSet(t *testing.T) {
`"s3":{`,
`"adminAuthToken":{`,
`"adminPasswordResetToken":{`,
`"adminFileToken":{`,
`"recordAuthToken":{`,
`"recordPasswordResetToken":{`,
`"recordEmailChangeToken":{`,
`"recordVerificationToken":{`,
`"recordFileToken":{`,
`"emailAuth":{`,
`"googleAuth":{`,
`"facebookAuth":{`,

6
models/settings/settings.go
View File

@ -94,7 +94,7 @@ func New() *Settings {
},
AdminFileToken: TokenConfig{
Secret: security.RandomString(50),
Duration: 180, // 3 minutes
Duration: 300, // 5 minutes
},
RecordAuthToken: TokenConfig{
Secret: security.RandomString(50),
@ -110,7 +110,7 @@ func New() *Settings {
},
RecordFileToken: TokenConfig{
Secret: security.RandomString(50),
Duration: 180, // 3 minutes
Duration: 300, // 5 minutes
},
RecordEmailChangeToken: TokenConfig{
Secret: security.RandomString(50),
@ -183,6 +183,7 @@ func (s *Settings) Validate() error {
validation.Field(&s.Logs),
validation.Field(&s.AdminAuthToken),
validation.Field(&s.AdminPasswordResetToken),
validation.Field(&s.AdminFileToken),
validation.Field(&s.RecordAuthToken),
validation.Field(&s.RecordPasswordResetToken),
validation.Field(&s.RecordEmailChangeToken),
@ -246,6 +247,7 @@ func (s *Settings) RedactClone() (*Settings, error) {
&clone.S3.Secret,
&clone.AdminAuthToken.Secret,
&clone.AdminPasswordResetToken.Secret,
&clone.AdminFileToken.Secret,
&clone.RecordAuthToken.Secret,
&clone.RecordPasswordResetToken.Secret,
&clone.RecordEmailChangeToken.Secret,

4
models/settings/settings_test.go
View File

@ -25,6 +25,7 @@ func TestSettingsValidate(t *testing.T) {
s.S3.Endpoint = "invalid"
s.AdminAuthToken.Duration = -10
s.AdminPasswordResetToken.Duration = -10
s.AdminFileToken.Duration = -10
s.RecordAuthToken.Duration = -10
s.RecordPasswordResetToken.Duration = -10
s.RecordEmailChangeToken.Duration = -10
@ -80,6 +81,7 @@ func TestSettingsValidate(t *testing.T) {
`"s3":{`,
`"adminAuthToken":{`,
`"adminPasswordResetToken":{`,
`"adminFileToken":{`,
`"recordAuthToken":{`,
`"recordPasswordResetToken":{`,
`"recordEmailChangeToken":{`,
@ -127,6 +129,7 @@ func TestSettingsMerge(t *testing.T) {
s2.S3.Endpoint = "test"
s2.AdminAuthToken.Duration = 1
s2.AdminPasswordResetToken.Duration = 2
s2.AdminFileToken.Duration = 2
s2.RecordAuthToken.Duration = 3
s2.RecordPasswordResetToken.Duration = 4
s2.RecordEmailChangeToken.Duration = 5
@ -230,6 +233,7 @@ func TestSettingsRedactClone(t *testing.T) {
s1.S3.Secret = testSecret
s1.AdminAuthToken.Secret = testSecret
s1.AdminPasswordResetToken.Secret = testSecret
s1.AdminFileToken.Secret = testSecret
s1.RecordAuthToken.Secret = testSecret
s1.RecordPasswordResetToken.Secret = testSecret
s1.RecordEmailChangeToken.Secret = testSecret