x/web-app-template
Archived
Template
2
0
Fork 0
Code Issues 13 Pull Requests 4 Actions Packages Activity
This repository has been archived on 2025-08-09. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
cbaee078904332c311f24c9df623acb2291e2476
web-app-template/service/auth_test.go
Tim Wundenberg bb9381433b
All checks were successful
Build Docker Image / Explore-Gitea-Actions (push) Successful in 46s
Details
chore(auth): add test for retrieving session from db #181
2024-09-18 23:07:01 +02:00

151 lines
4.0 KiB
Go
Raw Blame History

package service
import (
"me-fit/types"
"me-fit/utils"
"database/sql"
"testing"
"github.com/google/uuid"
)
func mustSetup(t *testing.T) *sql.DB {
db, err := sql.Open("sqlite3", ":memory:")
if err != nil {
t.Fatalf("Could not open Database data.db: %v", err)
}
utils.MustRunMigrationsTest(db, "../")
return db
}
func TestGetUserFromSessionIfSessionNotExpired(t *testing.T) {
db := mustSetup(t)
defer db.Close()
expected := types.NewUser(uuid.New(), "email", "session_id", true)
db.Exec(`INSERT INTO user (
user_uuid, email, email_verified, email_verified_at,
is_admin, password, salt, created_at)
VAlUES (
?, ?, 1, datetime(),
0, "password", "salt", datetime())`, expected.Id, expected.Email)
db.Exec(`INSERT INTO session (session_id, user_uuid, created_at) VALUES (?, ?, datetime('now', '-2 hour'))`, expected.SessionId, expected.Id)
actual := GetUserFromSessionId(db, expected.SessionId)
if *actual != *expected {
t.Errorf("Expected %v, got %v", *expected, *actual)
}
}
func TestGetUserFromSessionIfSessionInFuture(t *testing.T) {
db := mustSetup(t)
defer db.Close()
expected := types.NewUser(uuid.New(), "email", "session_id", true)
db.Exec(`INSERT INTO user (
user_uuid, email, email_verified, email_verified_at,
is_admin, password, salt, created_at)
VAlUES (
?, ?, 1, datetime(),
0, "password", "salt", datetime())`, expected.Id, expected.Email)
db.Exec(`INSERT INTO session (session_id, user_uuid, created_at) VALUES (?, ?, datetime('now', '+2 hour'))`, expected.SessionId, expected.Id)
actual := GetUserFromSessionId(db, expected.SessionId)
if *actual != *expected {
t.Errorf("Expected %v, got %v", *expected, *actual)
}
}
func TestFailGetUserFromSessionIfSessionExpired(t *testing.T) {
db := mustSetup(t)
defer db.Close()
expected := types.NewUser(uuid.New(), "email", "session_id", true)
db.Exec(`INSERT INTO user (
user_uuid, email, email_verified, email_verified_at,
is_admin, password, salt, created_at)
VAlUES (
?, ?, 1, datetime(),
0, "password", "salt", datetime())`, expected.Id, expected.Email)
db.Exec(`INSERT INTO session (session_id, user_uuid, created_at) VALUES (?, ?, datetime('now', '-8 hour', '-1 minute'))`, expected.SessionId, expected.Id)
actual := GetUserFromSessionId(db, expected.SessionId)
if actual != nil {
t.Errorf("Expected nil, got %v", *actual)
}
}
func TestGetUserFromSessionShouldFindCorrectUserBySessionId(t *testing.T) {
db := mustSetup(t)
defer db.Close()
expected := types.NewUser(uuid.New(), "email", "session_id", true)
userId2 := uuid.New()
db.Exec(`INSERT INTO user (
user_uuid, email, email_verified, email_verified_at,
is_admin, password, salt, created_at)
VAlUES (
?, ?, 1, datetime(),
0, "password", "salt", datetime()),
(
?, ?, 1, datetime(),
0, "password", "salt", datetime())
`, expected.Id, expected.Email, userId2, "email2")
db.Exec(`
INSERT INTO session (
session_id, user_uuid, created_at)
VALUES
(?, ?, datetime('now')),
(?, ?, datetime('now'))
`, expected.SessionId, expected.Id, expected.SessionId+"x", userId2)
actual := GetUserFromSessionId(db, expected.SessionId)
if *actual != *expected {
t.Errorf("Expected %v, got %v", *expected, *actual)
}
}
func TestValidPasswords(t *testing.T) {
passwords := []string{
"aB!'2d2y", //normal
"v-#:j`fQurudEEUk#xA)uzI-B+'eZW3`F*5Eaf+{YID#PWuD.TbyH'f<MC)Ck$!]K[K6~dIN&R'mRaKO,qpDpP'*A!/}73=ilK_COqM/Q%!(hyS8V75e2@J2k223T`tv", // 128 characters
`aB!"'2d2y`, // include " in password
}
for _, password := range passwords {
err := checkPassword(password)
if err != nil {
t.Errorf("Expected nil, got error")
}
}
}
func TestInvalidPasswords(t *testing.T) {
passwords := []string{
"aB!'2d2", // too short
"", // empty
"ab123SSa", // no special character
"passwor1!", // no uppercase
"PASSWOR1!", // no lowercase
"Password!", // no number
"Password1", // no special character
}
for _, password := range passwords {
err := checkPassword(password)
if err == nil {
t.Errorf("Expected error, got nil")
}
}
}
Reference in New Issue View Git Blame Copy Permalink