You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
212 lines
4.5 KiB
212 lines
4.5 KiB
package Auth_test
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/base64"
|
|
"encoding/json"
|
|
"io/ioutil"
|
|
"log"
|
|
"net/http"
|
|
"net/http/cookiejar"
|
|
"net/http/httptest"
|
|
"net/url"
|
|
"testing"
|
|
"time"
|
|
|
|
"git.tovijaeschke.xyz/tovi/Capsule/Backend/Api"
|
|
"git.tovijaeschke.xyz/tovi/Capsule/Backend/Api/Auth"
|
|
"git.tovijaeschke.xyz/tovi/Capsule/Backend/Database"
|
|
"git.tovijaeschke.xyz/tovi/Capsule/Backend/Database/Seeder"
|
|
"git.tovijaeschke.xyz/tovi/Capsule/Backend/Models"
|
|
"github.com/gorilla/mux"
|
|
)
|
|
|
|
func Test_ChangeMessageExpiry(t *testing.T) {
|
|
log.SetOutput(ioutil.Discard)
|
|
Database.InitTest()
|
|
|
|
r := mux.NewRouter()
|
|
Api.InitAPIEndpoints(r)
|
|
ts := httptest.NewServer(r)
|
|
defer ts.Close()
|
|
|
|
userKey, _ := Seeder.GenerateAesKey()
|
|
pubKey := Seeder.GetPubKey()
|
|
|
|
p, _ := Auth.HashPassword("password")
|
|
|
|
u := Models.User{
|
|
Username: "test",
|
|
Password: p,
|
|
AsymmetricPublicKey: Seeder.PublicKey,
|
|
AsymmetricPrivateKey: Seeder.EncryptedPrivateKey,
|
|
SymmetricKey: base64.StdEncoding.EncodeToString(
|
|
Seeder.EncryptWithPublicKey(userKey.Key, pubKey),
|
|
),
|
|
}
|
|
|
|
err := Database.CreateUser(&u)
|
|
if err != nil {
|
|
t.Errorf("Expected nil, recieved %s", err.Error())
|
|
return
|
|
}
|
|
|
|
session := Models.Session{
|
|
UserID: u.ID,
|
|
Expiry: time.Now().Add(12 * time.Hour),
|
|
}
|
|
|
|
err = Database.CreateSession(&session)
|
|
if err != nil {
|
|
t.Errorf("Expected nil, recieved %s", err.Error())
|
|
return
|
|
}
|
|
|
|
jar, err := cookiejar.New(nil)
|
|
if err != nil {
|
|
t.Errorf("Expected nil, recieved %s", err.Error())
|
|
return
|
|
}
|
|
|
|
url, _ := url.Parse(ts.URL)
|
|
|
|
jar.SetCookies(
|
|
url,
|
|
[]*http.Cookie{
|
|
{
|
|
Name: "session_token",
|
|
Value: session.ID.String(),
|
|
MaxAge: 300,
|
|
},
|
|
},
|
|
)
|
|
|
|
d := struct {
|
|
MessageExpiry string `json:"message_expiry"`
|
|
}{
|
|
MessageExpiry: "fifteen_min",
|
|
}
|
|
|
|
jsonStr, _ := json.Marshal(d)
|
|
req, _ := http.NewRequest("POST", ts.URL+"/api/v1/auth/message_expiry", bytes.NewBuffer(jsonStr))
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
client := &http.Client{
|
|
Jar: jar,
|
|
}
|
|
|
|
resp, err := client.Do(req)
|
|
if err != nil {
|
|
t.Errorf("Expected nil, recieved %s", err.Error())
|
|
return
|
|
}
|
|
|
|
if resp.StatusCode != http.StatusNoContent {
|
|
t.Errorf("Expected %d, recieved %d", http.StatusNoContent, resp.StatusCode)
|
|
}
|
|
|
|
u, err = Database.GetUserById(u.ID.String())
|
|
if err != nil {
|
|
t.Errorf("Expected nil, recieved %s", err.Error())
|
|
return
|
|
}
|
|
|
|
if u.MessageExpiryDefault.String() != "fifteen_min" {
|
|
t.Errorf("Failed to verify the MessageExpiryDefault has been changed")
|
|
}
|
|
}
|
|
|
|
func Test_ChangeMessageExpiryInvalidData(t *testing.T) {
|
|
log.SetOutput(ioutil.Discard)
|
|
Database.InitTest()
|
|
|
|
r := mux.NewRouter()
|
|
Api.InitAPIEndpoints(r)
|
|
ts := httptest.NewServer(r)
|
|
defer ts.Close()
|
|
|
|
userKey, _ := Seeder.GenerateAesKey()
|
|
pubKey := Seeder.GetPubKey()
|
|
|
|
p, _ := Auth.HashPassword("password")
|
|
|
|
u := Models.User{
|
|
Username: "test",
|
|
Password: p,
|
|
AsymmetricPublicKey: Seeder.PublicKey,
|
|
AsymmetricPrivateKey: Seeder.EncryptedPrivateKey,
|
|
SymmetricKey: base64.StdEncoding.EncodeToString(
|
|
Seeder.EncryptWithPublicKey(userKey.Key, pubKey),
|
|
),
|
|
}
|
|
|
|
err := Database.CreateUser(&u)
|
|
if err != nil {
|
|
t.Errorf("Expected nil, recieved %s", err.Error())
|
|
return
|
|
}
|
|
|
|
session := Models.Session{
|
|
UserID: u.ID,
|
|
Expiry: time.Now().Add(12 * time.Hour),
|
|
}
|
|
|
|
err = Database.CreateSession(&session)
|
|
if err != nil {
|
|
t.Errorf("Expected nil, recieved %s", err.Error())
|
|
return
|
|
}
|
|
|
|
jar, err := cookiejar.New(nil)
|
|
if err != nil {
|
|
t.Errorf("Expected nil, recieved %s", err.Error())
|
|
return
|
|
}
|
|
|
|
url, _ := url.Parse(ts.URL)
|
|
|
|
jar.SetCookies(
|
|
url,
|
|
[]*http.Cookie{
|
|
{
|
|
Name: "session_token",
|
|
Value: session.ID.String(),
|
|
MaxAge: 300,
|
|
},
|
|
},
|
|
)
|
|
|
|
d := struct {
|
|
MessageExpiry string `json:"message_expiry"`
|
|
}{
|
|
MessageExpiry: "invalid_message_expiry",
|
|
}
|
|
|
|
jsonStr, _ := json.Marshal(d)
|
|
req, _ := http.NewRequest("POST", ts.URL+"/api/v1/auth/message_expiry", bytes.NewBuffer(jsonStr))
|
|
req.Header.Set("Content-Type", "application/json")
|
|
|
|
client := &http.Client{
|
|
Jar: jar,
|
|
}
|
|
|
|
resp, err := client.Do(req)
|
|
if err != nil {
|
|
t.Errorf("Expected nil, recieved %s", err.Error())
|
|
return
|
|
}
|
|
|
|
if resp.StatusCode != http.StatusUnprocessableEntity {
|
|
t.Errorf("Expected %d, recieved %d", http.StatusUnprocessableEntity, resp.StatusCode)
|
|
}
|
|
|
|
u, err = Database.GetUserById(u.ID.String())
|
|
if err != nil {
|
|
t.Errorf("Expected nil, recieved %s", err.Error())
|
|
return
|
|
}
|
|
|
|
if u.MessageExpiryDefault.String() != "no_expiry" {
|
|
t.Errorf("Failed to verify the MessageExpiryDefault has not been changed")
|
|
}
|
|
}
|