248 lines
7.4 KiB
Go
248 lines
7.4 KiB
Go
package service
|
|
|
|
import (
|
|
"me-fit/db"
|
|
"me-fit/mocks"
|
|
"me-fit/types"
|
|
|
|
"errors"
|
|
"strings"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/google/uuid"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/mock"
|
|
)
|
|
|
|
func TestSignIn(t *testing.T) {
|
|
|
|
t.Parallel()
|
|
t.Run("should return user if password is correct", func(t *testing.T) {
|
|
t.Parallel()
|
|
salt := []byte("salt")
|
|
verifiedAt := time.Date(2020, 1, 2, 0, 0, 0, 0, time.UTC)
|
|
user := db.NewUser(
|
|
uuid.New(),
|
|
"test@test.de",
|
|
true,
|
|
&verifiedAt,
|
|
false,
|
|
GetHashPassword("password", salt),
|
|
salt,
|
|
time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC),
|
|
)
|
|
|
|
dbSession := db.NewSession("sessionId", user.Id, time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC))
|
|
|
|
mockAuthDb := mocks.NewMockAuthDb(t)
|
|
mockAuthDb.EXPECT().GetUser("test@test.de").Return(user, nil)
|
|
mockAuthDb.EXPECT().DeleteOldSessions(user.Id).Return(nil)
|
|
mockAuthDb.EXPECT().InsertSession(dbSession).Return(nil)
|
|
mockRandom := mocks.NewMockRandomService(t)
|
|
mockRandom.EXPECT().String(32).Return("sessionId", nil)
|
|
mockClock := mocks.NewMockClockService(t)
|
|
mockClock.EXPECT().Now().Return(time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC))
|
|
mockMail := mocks.NewMockMailService(t)
|
|
|
|
underTest := NewAuthServiceImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.ServerSettings{})
|
|
|
|
actualSession, err := underTest.SignIn(user.Email, "password")
|
|
assert.Nil(t, err)
|
|
|
|
expectedSession := NewSession(dbSession, NewUser(user))
|
|
assert.Equal(t, expectedSession, actualSession)
|
|
})
|
|
|
|
t.Run("should return ErrInvalidCretentials if password is not correct", func(t *testing.T) {
|
|
t.Parallel()
|
|
salt := []byte("salt")
|
|
verifiedAt := time.Date(2020, 1, 2, 0, 0, 0, 0, time.UTC)
|
|
|
|
user := db.NewUser(
|
|
uuid.New(),
|
|
"test@test.de",
|
|
true,
|
|
&verifiedAt,
|
|
false,
|
|
GetHashPassword("password", salt),
|
|
salt,
|
|
time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC),
|
|
)
|
|
|
|
mockAuthDb := mocks.NewMockAuthDb(t)
|
|
mockAuthDb.EXPECT().GetUser(user.Email).Return(user, nil)
|
|
mockRandom := mocks.NewMockRandomService(t)
|
|
mockClock := mocks.NewMockClockService(t)
|
|
mockMail := mocks.NewMockMailService(t)
|
|
|
|
underTest := NewAuthServiceImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.ServerSettings{})
|
|
|
|
_, err := underTest.SignIn("test@test.de", "wrong password")
|
|
|
|
assert.Equal(t, ErrInvaidCredentials, err)
|
|
})
|
|
t.Run("should return ErrInvalidCretentials if user has not been found", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
mockAuthDb := mocks.NewMockAuthDb(t)
|
|
mockAuthDb.EXPECT().GetUser("test").Return(nil, db.ErrNotFound)
|
|
mockRandom := mocks.NewMockRandomService(t)
|
|
mockClock := mocks.NewMockClockService(t)
|
|
mockMail := mocks.NewMockMailService(t)
|
|
|
|
underTest := NewAuthServiceImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.ServerSettings{})
|
|
|
|
_, err := underTest.SignIn("test", "test")
|
|
assert.Equal(t, ErrInvaidCredentials, err)
|
|
})
|
|
t.Run("should forward ErrInternal on any other error", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
mockAuthDb := mocks.NewMockAuthDb(t)
|
|
mockAuthDb.EXPECT().GetUser("test").Return(nil, errors.New("Some undefined error"))
|
|
mockRandom := mocks.NewMockRandomService(t)
|
|
mockClock := mocks.NewMockClockService(t)
|
|
mockMail := mocks.NewMockMailService(t)
|
|
|
|
underTest := NewAuthServiceImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.ServerSettings{})
|
|
|
|
_, err := underTest.SignIn("test", "test")
|
|
|
|
assert.Equal(t, types.ErrInternal, err)
|
|
})
|
|
}
|
|
|
|
func TestSignUp(t *testing.T) {
|
|
t.Parallel()
|
|
t.Run("should check for correct email address", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
mockAuthDb := mocks.NewMockAuthDb(t)
|
|
mockRandom := mocks.NewMockRandomService(t)
|
|
mockClock := mocks.NewMockClockService(t)
|
|
mockMail := mocks.NewMockMailService(t)
|
|
|
|
underTest := NewAuthServiceImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.ServerSettings{})
|
|
|
|
_, err := underTest.SignUp("invalid email address", "SomeStrongPassword123!")
|
|
|
|
assert.Equal(t, ErrInvalidEmail, err)
|
|
})
|
|
t.Run("should check for password complexity", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
mockAuthDb := mocks.NewMockAuthDb(t)
|
|
mockRandom := mocks.NewMockRandomService(t)
|
|
mockClock := mocks.NewMockClockService(t)
|
|
mockMail := mocks.NewMockMailService(t)
|
|
|
|
underTest := NewAuthServiceImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.ServerSettings{})
|
|
|
|
weakPasswords := []string{
|
|
"123!ab", // too short
|
|
"no_upper_case_123",
|
|
"NO_LOWER_CASE_123",
|
|
"noSpecialChar123",
|
|
}
|
|
|
|
for _, password := range weakPasswords {
|
|
_, err := underTest.SignUp("some@valid.email", password)
|
|
assert.Equal(t, ErrInvalidPassword, err)
|
|
}
|
|
})
|
|
t.Run("should signup correctly", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
mockAuthDb := mocks.NewMockAuthDb(t)
|
|
mockRandom := mocks.NewMockRandomService(t)
|
|
mockClock := mocks.NewMockClockService(t)
|
|
mockMail := mocks.NewMockMailService(t)
|
|
|
|
expected := User{
|
|
Id: uuid.New(),
|
|
Email: "some@valid.email",
|
|
EmailVerified: false,
|
|
}
|
|
|
|
random := NewRandomServiceImpl()
|
|
salt, err := random.Bytes(16)
|
|
assert.Nil(t, err)
|
|
password := "SomeStrongPassword123!"
|
|
|
|
mockRandom.EXPECT().UUID().Return(expected.Id, nil)
|
|
mockRandom.EXPECT().Bytes(16).Return(salt, nil)
|
|
|
|
createTime := time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC)
|
|
|
|
mockClock.EXPECT().Now().Return(createTime)
|
|
|
|
mockAuthDb.EXPECT().InsertUser(db.NewUser(expected.Id, expected.Email, false, nil, false, GetHashPassword(password, salt), salt, createTime)).Return(nil)
|
|
|
|
underTest := NewAuthServiceImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.ServerSettings{})
|
|
|
|
actual, err := underTest.SignUp(expected.Email, password)
|
|
|
|
assert.Nil(t, err)
|
|
|
|
assert.Equal(t, expected, *actual)
|
|
})
|
|
t.Run("should return ErrAccountExists", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
mockAuthDb := mocks.NewMockAuthDb(t)
|
|
mockRandom := mocks.NewMockRandomService(t)
|
|
mockClock := mocks.NewMockClockService(t)
|
|
mockMail := mocks.NewMockMailService(t)
|
|
|
|
user := User{
|
|
Id: uuid.New(),
|
|
Email: "some@valid.email",
|
|
}
|
|
|
|
random := NewRandomServiceImpl()
|
|
salt, err := random.Bytes(16)
|
|
assert.Nil(t, err)
|
|
password := "SomeStrongPassword123!"
|
|
|
|
mockRandom.EXPECT().UUID().Return(user.Id, nil)
|
|
mockRandom.EXPECT().Bytes(16).Return(salt, nil)
|
|
|
|
createTime := time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC)
|
|
|
|
mockClock.EXPECT().Now().Return(createTime)
|
|
|
|
mockAuthDb.EXPECT().InsertUser(db.NewUser(user.Id, user.Email, false, nil, false, GetHashPassword(password, salt), salt, createTime)).Return(db.ErrUserExists)
|
|
|
|
underTest := NewAuthServiceImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.ServerSettings{})
|
|
|
|
_, err = underTest.SignUp(user.Email, password)
|
|
assert.Equal(t, ErrAccountExists, err)
|
|
})
|
|
}
|
|
|
|
func TestSendVerificationMail(t *testing.T) {
|
|
|
|
t.Parallel()
|
|
t.Run("should use stored token and send mail", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
token := "someRandomTokenToUse"
|
|
email := "some@email.de"
|
|
userId := uuid.New()
|
|
|
|
mockAuthDb := mocks.NewMockAuthDb(t)
|
|
mockRandom := mocks.NewMockRandomService(t)
|
|
mockClock := mocks.NewMockClockService(t)
|
|
mockMail := mocks.NewMockMailService(t)
|
|
|
|
mockAuthDb.EXPECT().GetEmailVerificationToken(userId).Return(token, nil)
|
|
|
|
mockMail.EXPECT().SendMail(email, "Welcome to ME-FIT", mock.MatchedBy(func(message string) bool { return strings.Contains(message, token) })).Return()
|
|
|
|
underTest := NewAuthServiceImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.ServerSettings{})
|
|
|
|
underTest.SendVerificationMail(userId, email)
|
|
})
|
|
}
|