web-app-template/service/auth_test.go

package service

import (
	"web-app-template/db"
	"web-app-template/mocks"
	"web-app-template/types"

	"strings"
	"testing"
	"time"

	"github.com/google/uuid"
	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/mock"
)

func TestSignUp(t *testing.T) {
	t.Parallel()
	t.Run("should check for correct email address", func(t *testing.T) {
		t.Parallel()

		mockAuthDb := mocks.NewMockAuth(t)
		mockRandom := mocks.NewMockRandom(t)
		mockClock := mocks.NewMockClock(t)
		mockMail := mocks.NewMockMail(t)

		underTest := NewAuthImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.Settings{})

		_, err := underTest.SignUp("invalid email address", "SomeStrongPassword123!")

		assert.Equal(t, ErrInvalidEmail, err)
	})
	t.Run("should check for password complexity", func(t *testing.T) {
		t.Parallel()

		mockAuthDb := mocks.NewMockAuth(t)
		mockRandom := mocks.NewMockRandom(t)
		mockClock := mocks.NewMockClock(t)
		mockMail := mocks.NewMockMail(t)

		underTest := NewAuthImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.Settings{})

		weakPasswords := []string{
			"123!ab", // too short
			"no_upper_case_123",
			"NO_LOWER_CASE_123",
			"noSpecialChar123",
		}

		for _, password := range weakPasswords {
			_, err := underTest.SignUp("some@valid.email", password)
			assert.Equal(t, ErrInvalidPassword, err)
		}
	})
	t.Run("should signup correctly", func(t *testing.T) {
		t.Parallel()

		mockAuthDb := mocks.NewMockAuth(t)
		mockRandom := mocks.NewMockRandom(t)
		mockClock := mocks.NewMockClock(t)
		mockMail := mocks.NewMockMail(t)

		userId := uuid.New()
		email := "mail@mail.de"
		password := "SomeStrongPassword123!"
		salt := []byte("salt")
		createTime := time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC)

		expected := types.NewUser(userId, email, false, nil, false, GetHashPassword(password, salt), salt, createTime)

		mockRandom.EXPECT().UUID().Return(userId, nil)
		mockRandom.EXPECT().Bytes(16).Return(salt, nil)
		mockClock.EXPECT().Now().Return(createTime)
		mockAuthDb.EXPECT().InsertUser(expected).Return(nil)

		underTest := NewAuthImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.Settings{})
		actual, err := underTest.SignUp(email, password)

		assert.Nil(t, err)

		assert.Equal(t, expected, actual)
	})
	t.Run("should return ErrAccountExists", func(t *testing.T) {
		t.Parallel()

		mockAuthDb := mocks.NewMockAuth(t)
		mockRandom := mocks.NewMockRandom(t)
		mockClock := mocks.NewMockClock(t)
		mockMail := mocks.NewMockMail(t)

		userId := uuid.New()
		email := "some@valid.email"
		createTime := time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC)
		password := "SomeStrongPassword123!"
		salt := []byte("salt")
		user := types.NewUser(userId, email, false, nil, false, GetHashPassword(password, salt), salt, createTime)

		mockRandom.EXPECT().UUID().Return(user.Id, nil)
		mockRandom.EXPECT().Bytes(16).Return(salt, nil)
		mockClock.EXPECT().Now().Return(createTime)

		mockAuthDb.EXPECT().InsertUser(user).Return(db.ErrAlreadyExists)

		underTest := NewAuthImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.Settings{})

		_, err := underTest.SignUp(user.Email, password)
		assert.Equal(t, ErrAccountExists, err)
	})
}

func TestSendVerificationMail(t *testing.T) {

	t.Parallel()
	t.Run("should use stored token and send mail", func(t *testing.T) {
		t.Parallel()

		token := types.NewToken(uuid.New(), "sessionId", "someRandomTokenToUse", types.TokenTypeEmailVerify, time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC), time.Date(2020, 1, 2, 0, 0, 0, 0, time.UTC))
		tokens := []*types.Token{token}

		email := "some@email.de"
		userId := uuid.New()

		mockAuthDb := mocks.NewMockAuth(t)
		mockRandom := mocks.NewMockRandom(t)
		mockClock := mocks.NewMockClock(t)
		mockMail := mocks.NewMockMail(t)

		mockAuthDb.EXPECT().GetTokensByUserIdAndType(userId, types.TokenTypeEmailVerify).Return(tokens, nil)

		mockMail.EXPECT().SendMail(email, "Welcome to web-app-template", mock.MatchedBy(func(message string) bool {
			return strings.Contains(message, token.Token)
		})).Return()

		underTest := NewAuthImpl(mockAuthDb, mockRandom, mockClock, mockMail, &types.Settings{})

		underTest.SendVerificationMail(userId, email)
	})
}