chore(auth): #331 add last session test
All checks were successful
Build Docker Image / Build-Docker-Image (push) Successful in 45s
All checks were successful
Build Docker Image / Build-Docker-Image (push) Successful in 45s
This commit is contained in:
26
main_test.go
26
main_test.go
@@ -348,6 +348,32 @@ func TestIntegrationAuth(t *testing.T) {
|
||||
assert.NotNil(t, newSession)
|
||||
assert.NotEqual(t, "", newSession.Value)
|
||||
})
|
||||
t.Run("should not have access to user information with outdated session", func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
d, basePath, ctx := setupIntegrationTest(t)
|
||||
|
||||
userId := uuid.New()
|
||||
sessionId := "session-id"
|
||||
|
||||
_, err := d.Exec(`
|
||||
INSERT INTO user (user_id, email, email_verified, is_admin, password, salt, created_at)
|
||||
VALUES (?, "mail@mail.de", FALSE, FALSE, ?, ?, datetime())`, userId, []byte("pass"), []byte("salt"))
|
||||
assert.Nil(t, err)
|
||||
_, err = d.Exec(`
|
||||
INSERT INTO session (session_id, user_id, created_at, expires_at)
|
||||
VALUES (?, ?, datetime("now", "-8 hour"), datetime("now", "-1 minute"))`, sessionId, userId)
|
||||
assert.Nil(t, err)
|
||||
|
||||
req, err := http.NewRequestWithContext(ctx, "GET", basePath+"/workout", nil)
|
||||
assert.Nil(t, err)
|
||||
req.Header.Set("Cookie", "id="+sessionId)
|
||||
resp, err := httpClient.Do(req)
|
||||
assert.Nil(t, err)
|
||||
|
||||
assert.Equal(t, http.StatusSeeOther, resp.StatusCode)
|
||||
assert.Equal(t, "/auth/signin", resp.Header.Get("Location"))
|
||||
})
|
||||
})
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user