package service import ( "me-fit/db" "me-fit/mocks" "me-fit/types" "strings" "errors" "testing" "time" "github.com/google/uuid" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/mock" ) func TestSignIn(t *testing.T) { t.Parallel() t.Run("should return user if password is correct", func(t *testing.T) { t.Parallel() salt := []byte("salt") verifiedAt := time.Date(2020, 1, 2, 0, 0, 0, 0, time.UTC) user := db.NewUser( uuid.New(), "test@test.de", true, &verifiedAt, false, GetHashPassword("password", salt), salt, time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC), ) mockDbAuth := mocks.NewMockDbAuth(t) mockDbAuth.EXPECT().GetUser("test@test.de").Return(user, nil) mockRandom := mocks.NewMockRandomGenerator(t) mockClock := mocks.NewMockClock(t) mockMail := mocks.NewMockMailService(t) underTest := NewServiceAuthImpl(mockDbAuth, mockRandom, mockClock, mockMail, &types.ServerSettings{}) actualUser, err := underTest.SignIn(user.Email, "password") assert.Nil(t, err) expectedUser := User{ Id: user.Id, Email: user.Email, EmailVerified: user.EmailVerified, } assert.Equal(t, expectedUser, *actualUser) }) t.Run("should return ErrInvalidCretentials if password is not correct", func(t *testing.T) { t.Parallel() salt := []byte("salt") verifiedAt := time.Date(2020, 1, 2, 0, 0, 0, 0, time.UTC) user := db.NewUser( uuid.New(), "test@test.de", true, &verifiedAt, false, GetHashPassword("password", salt), salt, time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC), ) mockDbAuth := mocks.NewMockDbAuth(t) mockDbAuth.EXPECT().GetUser(user.Email).Return(user, nil) mockRandom := mocks.NewMockRandomGenerator(t) mockClock := mocks.NewMockClock(t) mockMail := mocks.NewMockMailService(t) underTest := NewServiceAuthImpl(mockDbAuth, mockRandom, mockClock, mockMail, &types.ServerSettings{}) _, err := underTest.SignIn("test@test.de", "wrong password") assert.Equal(t, ErrInvaidCredentials, err) }) t.Run("should return ErrInvalidCretentials if user has not been found", func(t *testing.T) { t.Parallel() mockDbAuth := mocks.NewMockDbAuth(t) mockDbAuth.EXPECT().GetUser("test").Return(nil, db.ErrUserNotFound) mockRandom := mocks.NewMockRandomGenerator(t) mockClock := mocks.NewMockClock(t) mockMail := mocks.NewMockMailService(t) underTest := NewServiceAuthImpl(mockDbAuth, mockRandom, mockClock, mockMail, &types.ServerSettings{}) _, err := underTest.SignIn("test", "test") assert.Equal(t, ErrInvaidCredentials, err) }) t.Run("should forward ErrInternal on any other error", func(t *testing.T) { t.Parallel() mockDbAuth := mocks.NewMockDbAuth(t) mockDbAuth.EXPECT().GetUser("test").Return(nil, errors.New("Some undefined error")) mockRandom := mocks.NewMockRandomGenerator(t) mockClock := mocks.NewMockClock(t) mockMail := mocks.NewMockMailService(t) underTest := NewServiceAuthImpl(mockDbAuth, mockRandom, mockClock, mockMail, &types.ServerSettings{}) _, err := underTest.SignIn("test", "test") assert.Equal(t, types.ErrInternal, err) }) } func TestSignUp(t *testing.T) { t.Parallel() t.Run("should check for correct email address", func(t *testing.T) { t.Parallel() mockDbAuth := mocks.NewMockDbAuth(t) mockRandom := mocks.NewMockRandomGenerator(t) mockClock := mocks.NewMockClock(t) mockMail := mocks.NewMockMailService(t) underTest := NewServiceAuthImpl(mockDbAuth, mockRandom, mockClock, mockMail, &types.ServerSettings{}) _, err := underTest.SignUp("invalid email address", "SomeStrongPassword123!") assert.Equal(t, ErrInvalidEmail, err) }) t.Run("should check for password complexity", func(t *testing.T) { t.Parallel() mockDbAuth := mocks.NewMockDbAuth(t) mockRandom := mocks.NewMockRandomGenerator(t) mockClock := mocks.NewMockClock(t) mockMail := mocks.NewMockMailService(t) underTest := NewServiceAuthImpl(mockDbAuth, mockRandom, mockClock, mockMail, &types.ServerSettings{}) weakPasswords := []string{ "123!ab", // too short "no_upper_case_123", "NO_LOWER_CASE_123", "noSpecialChar123", } for _, password := range weakPasswords { _, err := underTest.SignUp("some@valid.email", password) assert.Equal(t, ErrInvalidPassword, err) } }) t.Run("should signup correctly", func(t *testing.T) { t.Parallel() mockDbAuth := mocks.NewMockDbAuth(t) mockRandom := mocks.NewMockRandomGenerator(t) mockClock := mocks.NewMockClock(t) mockMail := mocks.NewMockMailService(t) expected := User{ Id: uuid.New(), Email: "some@valid.email", EmailVerified: false, } random := NewRandomGeneratorImpl() salt, err := random.Bytes(16) assert.Nil(t, err) password := "SomeStrongPassword123!" mockRandom.EXPECT().UUID().Return(expected.Id, nil) mockRandom.EXPECT().Bytes(16).Return(salt, nil) createTime := time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC) mockClock.EXPECT().Now().Return(createTime) mockDbAuth.EXPECT().InsertUser(db.NewUser(expected.Id, expected.Email, false, nil, false, GetHashPassword(password, salt), salt, createTime)).Return(nil) underTest := NewServiceAuthImpl(mockDbAuth, mockRandom, mockClock, mockMail, &types.ServerSettings{}) actual, err := underTest.SignUp(expected.Email, password) assert.Nil(t, err) assert.Equal(t, expected, *actual) }) t.Run("should return ErrAccountExists", func(t *testing.T) { t.Parallel() mockDbAuth := mocks.NewMockDbAuth(t) mockRandom := mocks.NewMockRandomGenerator(t) mockClock := mocks.NewMockClock(t) mockMail := mocks.NewMockMailService(t) user := User{ Id: uuid.New(), Email: "some@valid.email", } random := NewRandomGeneratorImpl() salt, err := random.Bytes(16) assert.Nil(t, err) password := "SomeStrongPassword123!" mockRandom.EXPECT().UUID().Return(user.Id, nil) mockRandom.EXPECT().Bytes(16).Return(salt, nil) createTime := time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC) mockClock.EXPECT().Now().Return(createTime) mockDbAuth.EXPECT().InsertUser(db.NewUser(user.Id, user.Email, false, nil, false, GetHashPassword(password, salt), salt, createTime)).Return(db.ErrUserExists) underTest := NewServiceAuthImpl(mockDbAuth, mockRandom, mockClock, mockMail, &types.ServerSettings{}) _, err = underTest.SignUp(user.Email, password) assert.Equal(t, ErrAccountExists, err) }) } func TestSendVerificationMail(t *testing.T) { t.Parallel() t.Run("should use stored token and send mail", func(t *testing.T) { t.Parallel() token := "someRandomTokenToUse" email := "some@email.de" userId := uuid.New() mockDbAuth := mocks.NewMockDbAuth(t) mockRandom := mocks.NewMockRandomGenerator(t) mockClock := mocks.NewMockClock(t) mockMail := mocks.NewMockMailService(t) mockDbAuth.EXPECT().GetEmailVerificationToken(userId).Return(token, nil) mockMail.EXPECT().SendMail(email, "Welcome to ME-FIT", mock.MatchedBy(func(message string) bool { return strings.Contains(message, token) })).Return(nil) underTest := NewServiceAuthImpl(mockDbAuth, mockRandom, mockClock, mockMail, &types.ServerSettings{}) underTest.SendVerificationMail(userId, email) }) }