chore(auth): add test for retrieving session from db #181

service/auth_test.go

@@ -1,9 +1,119 @@
 package service
 
 import (
+	"me-fit/types"
+	"me-fit/utils"
+
+	"database/sql"
 	"testing"
+
+	"github.com/google/uuid"
 )
 
+func mustSetup(t *testing.T) *sql.DB {
+	db, err := sql.Open("sqlite3", ":memory:")
+	if err != nil {
+		t.Fatalf("Could not open Database data.db: %v", err)
+	}
+	utils.MustRunMigrationsTest(db, "../")
+	return db
+}
+
+func TestGetUserFromSessionIfSessionNotExpired(t *testing.T) {
+	db := mustSetup(t)
+	defer db.Close()
+
+	expected := types.NewUser(uuid.New(), "email", "session_id", true)
+
+	db.Exec(`INSERT INTO user (
+			user_uuid, email, email_verified,	email_verified_at,
+			is_admin,	password,	salt,	created_at)
+		VAlUES (
+			?, ?, 1, datetime(), 
+			0, "password", "salt", datetime())`, expected.Id, expected.Email)
+	db.Exec(`INSERT INTO session (session_id, user_uuid, created_at) VALUES (?, ?, datetime('now', '-2 hour'))`, expected.SessionId, expected.Id)
+
+	actual := GetUserFromSessionId(db, expected.SessionId)
+
+	if *actual != *expected {
+		t.Errorf("Expected %v, got %v", *expected, *actual)
+	}
+}
+
+func TestGetUserFromSessionIfSessionInFuture(t *testing.T) {
+	db := mustSetup(t)
+	defer db.Close()
+
+	expected := types.NewUser(uuid.New(), "email", "session_id", true)
+
+	db.Exec(`INSERT INTO user (
+			user_uuid, email, email_verified,	email_verified_at,
+			is_admin,	password,	salt,	created_at)
+		VAlUES (
+			?, ?, 1, datetime(), 
+			0, "password", "salt", datetime())`, expected.Id, expected.Email)
+	db.Exec(`INSERT INTO session (session_id, user_uuid, created_at) VALUES (?, ?, datetime('now', '+2 hour'))`, expected.SessionId, expected.Id)
+
+	actual := GetUserFromSessionId(db, expected.SessionId)
+
+	if *actual != *expected {
+		t.Errorf("Expected %v, got %v", *expected, *actual)
+	}
+}
+
+func TestFailGetUserFromSessionIfSessionExpired(t *testing.T) {
+	db := mustSetup(t)
+	defer db.Close()
+
+	expected := types.NewUser(uuid.New(), "email", "session_id", true)
+
+	db.Exec(`INSERT INTO user (
+			user_uuid, email, email_verified,	email_verified_at,
+			is_admin,	password,	salt,	created_at)
+		VAlUES (
+			?, ?, 1, datetime(), 
+			0, "password", "salt", datetime())`, expected.Id, expected.Email)
+	db.Exec(`INSERT INTO session (session_id, user_uuid, created_at) VALUES (?, ?, datetime('now', '-8 hour', '-1 minute'))`, expected.SessionId, expected.Id)
+
+	actual := GetUserFromSessionId(db, expected.SessionId)
+
+	if actual != nil {
+		t.Errorf("Expected nil, got %v", *actual)
+	}
+}
+
+func TestGetUserFromSessionShouldFindCorrectUserBySessionId(t *testing.T) {
+	db := mustSetup(t)
+	defer db.Close()
+
+	expected := types.NewUser(uuid.New(), "email", "session_id", true)
+	userId2 := uuid.New()
+
+	db.Exec(`INSERT INTO user (
+			user_uuid, email, email_verified,	email_verified_at,
+			is_admin,	password,	salt,	created_at)
+		VAlUES (
+			?, ?, 1, datetime(), 
+			0, "password", "salt", datetime()),
+		( 
+			?, ?, 1, datetime(), 
+			0, "password", "salt", datetime())
+			`, expected.Id, expected.Email, userId2, "email2")
+	db.Exec(`
+		INSERT INTO session (
+			session_id, user_uuid, created_at) 
+		VALUES 
+			(?, ?, datetime('now')),
+			(?, ?, datetime('now'))
+			`, expected.SessionId, expected.Id, expected.SessionId+"x", userId2)
+
+	actual := GetUserFromSessionId(db, expected.SessionId)
+
+	if *actual != *expected {
+		t.Errorf("Expected %v, got %v", *expected, *actual)
+	}
+}
+
 func TestValidPasswords(t *testing.T) {
 	passwords := []string{
 		"aB!'2d2y", //normal