From 51eb9ae6da8e8e606ccc04676288f4ddfb091efb Mon Sep 17 00:00:00 2001 From: simon987 Date: Sun, 10 Feb 2019 10:32:25 -0500 Subject: [PATCH] auth tests --- api/auth.go | 11 ++- test/api_auth_test.go | 165 ++++++++++++++++++++++++++++++++++++++++++ test/common.go | 1 - 3 files changed, 175 insertions(+), 2 deletions(-) create mode 100644 test/api_auth_test.go diff --git a/api/auth.go b/api/auth.go index 4a2dc6c..279e5cf 100644 --- a/api/auth.go +++ b/api/auth.go @@ -6,6 +6,8 @@ import ( "github.com/simon987/task_tracker/storage" ) +const MinPasswordLength = 8 +const MinUsernameLength = 3 const MaxUsernameLength = 16 type LoginRequest struct { @@ -30,7 +32,9 @@ type AccountDetails struct { } func (r *RegisterRequest) isValid() bool { - return len(r.Username) <= MaxUsernameLength + return MinUsernameLength <= len(r.Username) && + len(r.Username) <= MaxUsernameLength && + MinPasswordLength <= len(r.Password) } type RegisterResponse struct { @@ -139,6 +143,11 @@ func (api *WebAPI) AccountDetails(r *Request) { sess := api.Session.StartFasthttp(r.Ctx) manager := sess.Get("manager") + logrus.WithFields(logrus.Fields{ + "manager": manager, + "session": sess, + }).Trace("Account details request") + if manager == nil { r.OkJson(AccountDetails{ LoggedIn: false, diff --git a/test/api_auth_test.go b/test/api_auth_test.go new file mode 100644 index 0000000..8129213 --- /dev/null +++ b/test/api_auth_test.go @@ -0,0 +1,165 @@ +package test + +import ( + "encoding/json" + "github.com/simon987/task_tracker/api" + "github.com/simon987/task_tracker/config" + "io/ioutil" + "net/http" + "testing" +) + +func TestLoginAndAccountInfo(t *testing.T) { + + regResp := register(&api.RegisterRequest{ + Username: "testusername", + Password: "testpassword", + }) + + if regResp.Ok != true { + t.Error() + } + + loginResp, r := login(&api.LoginRequest{ + Username: "testusername", + Password: "testpassword", + }) + + if loginResp.Ok != true { + t.Error() + } + if loginResp.Manager.Username != "testusername" { + t.Error() + } + if loginResp.Manager.Id == 0 { + t.Error() + } + + ok := false + for _, c := range r.Cookies() { + if c.Name == config.Cfg.SessionCookieName { + ok = true + } + } + if ok != true { + t.Error() + } + + url := "http://" + config.Cfg.ServerAddr + "/account" + req, err := http.NewRequest("GET", url, nil) + for _, c := range r.Cookies() { + req.AddCookie(c) + } + + client := http.Client{} + r, err = client.Do(req) + handleErr(err) + details := &api.AccountDetails{} + data, _ := ioutil.ReadAll(r.Body) + err = json.Unmarshal(data, details) + handleErr(err) + + if details.LoggedIn != true { + t.Error() + } + if details.Manager.Username != "testusername" { + t.Error() + } + if details.Manager.Id != loginResp.Manager.Id { + t.Error() + } +} + +func TestInvalidUsernameRegister(t *testing.T) { + + regResp := register(&api.RegisterRequest{ + Username: "12", + Password: "testpassword", + }) + + if regResp.Ok != false || len(regResp.Message) <= 0 { + t.Error() + } + + regResp2 := register(&api.RegisterRequest{ + Username: "12345678901234567", + Password: "testpassword", + }) + + if regResp2.Ok != false || len(regResp2.Message) <= 0 { + t.Error() + } +} + +func TestInvalidPasswordRegister(t *testing.T) { + + regResp := register(&api.RegisterRequest{ + Username: "testinvalidpassword1", + Password: "12345678", + }) + + if regResp.Ok != false || len(regResp.Message) <= 0 { + t.Error() + } +} + +func TestDuplicateUsernameRegister(t *testing.T) { + + r1 := register(&api.RegisterRequest{ + Password: "testdupeusername", + Username: "testdupeusername", + }) + + if r1.Ok != true { + t.Error() + } + + r2 := register(&api.RegisterRequest{ + Password: "testdupeusername", + Username: "testdupeusername", + }) + if r2.Ok != false || len(r2.Message) <= 0 { + t.Error() + } +} + +func TestInvalidCredentialsLogin(t *testing.T) { + + register(&api.RegisterRequest{ + Password: "testinvalidcreds", + Username: "testinvalidcreds", + }) + + r, _ := login(&api.LoginRequest{ + Username: "testinvalidcreds", + Password: "wrong", + }) + + if r.Ok != false || len(r.Message) <= 0 { + t.Error() + } +} + +func register(request *api.RegisterRequest) *api.RegisterResponse { + + r := Post("/register", request, nil) + + resp := &api.RegisterResponse{} + data, _ := ioutil.ReadAll(r.Body) + err := json.Unmarshal(data, resp) + handleErr(err) + + return resp +} + +func login(request *api.LoginRequest) (*api.LoginResponse, *http.Response) { + + r := Post("/login", request, nil) + + resp := &api.LoginResponse{} + data, _ := ioutil.ReadAll(r.Body) + err := json.Unmarshal(data, resp) + handleErr(err) + + return resp, r +} diff --git a/test/common.go b/test/common.go index 211edba..4390bc5 100644 --- a/test/common.go +++ b/test/common.go @@ -43,7 +43,6 @@ func Get(path string, worker *storage.Worker) *http.Response { url := "http://" + config.Cfg.ServerAddr + path req, err := http.NewRequest("GET", url, nil) - handleErr(err) if worker != nil {