saasitone/middleware/auth_test.go

package middleware

import (
	"fmt"
	"net/http"
	"testing"

	"goweb/context"
	"goweb/ent"
	"goweb/tests"

	"github.com/stretchr/testify/require"

	"github.com/stretchr/testify/assert"
)

func TestLoadAuthenticatedUser(t *testing.T) {
	ctx, _ := tests.NewContext(c.Web, "/")
	tests.InitSession(ctx)
	mw := LoadAuthenticatedUser(c.Auth)

	// Not authenticated
	_ = tests.ExecuteMiddleware(ctx, mw)
	assert.Nil(t, ctx.Get(context.AuthenticatedUserKey))

	// Login
	err := c.Auth.Login(ctx, usr.ID)
	require.NoError(t, err)

	// Verify the midldeware returns the authenticated user
	_ = tests.ExecuteMiddleware(ctx, mw)
	require.NotNil(t, ctx.Get(context.AuthenticatedUserKey))
	ctxUsr, ok := ctx.Get(context.AuthenticatedUserKey).(*ent.User)
	require.True(t, ok)
	assert.Equal(t, usr.ID, ctxUsr.ID)
}

func TestRequireAuthentication(t *testing.T) {
	ctx, _ := tests.NewContext(c.Web, "/")
	tests.InitSession(ctx)

	// Not logged in
	err := tests.ExecuteMiddleware(ctx, RequireAuthentication())
	tests.AssertHTTPErrorCode(t, err, http.StatusUnauthorized)

	// Login
	err = c.Auth.Login(ctx, usr.ID)
	require.NoError(t, err)
	_ = tests.ExecuteMiddleware(ctx, LoadAuthenticatedUser(c.Auth))

	// Logged in
	err = tests.ExecuteMiddleware(ctx, RequireAuthentication())
	assert.Nil(t, err)
}

func TestRequireNoAuthentication(t *testing.T) {
	ctx, _ := tests.NewContext(c.Web, "/")
	tests.InitSession(ctx)

	// Not logged in
	err := tests.ExecuteMiddleware(ctx, RequireNoAuthentication())
	assert.Nil(t, err)

	// Login
	err = c.Auth.Login(ctx, usr.ID)
	require.NoError(t, err)
	_ = tests.ExecuteMiddleware(ctx, LoadAuthenticatedUser(c.Auth))

	// Logged in
	err = tests.ExecuteMiddleware(ctx, RequireNoAuthentication())
	tests.AssertHTTPErrorCode(t, err, http.StatusForbidden)
}

func TestLoadValidPasswordToken(t *testing.T) {
	ctx, _ := tests.NewContext(c.Web, "/")
	tests.InitSession(ctx)

	// Missing user context
	err := tests.ExecuteMiddleware(ctx, LoadValidPasswordToken(c.Auth))
	tests.AssertHTTPErrorCode(t, err, http.StatusInternalServerError)

	// Add user context but no password token and expect a redirect
	ctx.SetParamNames("user")
	ctx.SetParamValues(fmt.Sprintf("%d", usr.ID))
	_ = tests.ExecuteMiddleware(ctx, LoadUser(c.ORM))
	err = tests.ExecuteMiddleware(ctx, LoadValidPasswordToken(c.Auth))
	assert.NoError(t, err)
	assert.Equal(t, http.StatusFound, ctx.Response().Status)

	// Add user context and invalid password token and expect a redirect
	ctx.SetParamNames("user", "password_token")
	ctx.SetParamValues(fmt.Sprintf("%d", usr.ID), "faketoken")
	_ = tests.ExecuteMiddleware(ctx, LoadUser(c.ORM))
	err = tests.ExecuteMiddleware(ctx, LoadValidPasswordToken(c.Auth))
	assert.NoError(t, err)
	assert.Equal(t, http.StatusFound, ctx.Response().Status)

	// Create a valid token
	token, pt, err := c.Auth.GeneratePasswordResetToken(ctx, usr.ID)
	require.NoError(t, err)

	// Add user and valid password token
	ctx.SetParamNames("user", "password_token")
	ctx.SetParamValues(fmt.Sprintf("%d", usr.ID), token)
	_ = tests.ExecuteMiddleware(ctx, LoadUser(c.ORM))
	err = tests.ExecuteMiddleware(ctx, LoadValidPasswordToken(c.Auth))
	assert.Nil(t, err)
	ctxPt, ok := ctx.Get(context.PasswordTokenKey).(*ent.PasswordToken)
	require.True(t, ok)
	assert.Equal(t, pt.ID, ctxPt.ID)
}
Added tests package with helpers. Started on middleware tests. 2021-12-21 12:18:17 -08:00			`package middleware`

			`import (`
Added tests for auth middleware. 2021-12-21 17:29:15 -08:00			`"fmt"`
Added tests package with helpers. Started on middleware tests. 2021-12-21 12:18:17 -08:00			`"net/http"`
			`"testing"`

			`"goweb/context"`
			`"goweb/ent"`
			`"goweb/tests"`

			`"github.com/stretchr/testify/require"`

			`"github.com/stretchr/testify/assert"`
			`)`

			`func TestLoadAuthenticatedUser(t *testing.T) {`
			`ctx, _ := tests.NewContext(c.Web, "/")`
			`tests.InitSession(ctx)`
			`mw := LoadAuthenticatedUser(c.Auth)`

			`// Not authenticated`
			`_ = tests.ExecuteMiddleware(ctx, mw)`
			`assert.Nil(t, ctx.Get(context.AuthenticatedUserKey))`

			`// Login`
			`err := c.Auth.Login(ctx, usr.ID)`
			`require.NoError(t, err)`

			`// Verify the midldeware returns the authenticated user`
			`_ = tests.ExecuteMiddleware(ctx, mw)`
			`require.NotNil(t, ctx.Get(context.AuthenticatedUserKey))`
			`ctxUsr, ok := ctx.Get(context.AuthenticatedUserKey).(*ent.User)`
			`require.True(t, ok)`
			`assert.Equal(t, usr.ID, ctxUsr.ID)`
			`}`

			`func TestRequireAuthentication(t *testing.T) {`
			`ctx, _ := tests.NewContext(c.Web, "/")`
			`tests.InitSession(ctx)`

			`// Not logged in`
			`err := tests.ExecuteMiddleware(ctx, RequireAuthentication())`
Added tests for auth middleware. 2021-12-21 17:29:15 -08:00			`tests.AssertHTTPErrorCode(t, err, http.StatusUnauthorized)`
Added tests package with helpers. Started on middleware tests. 2021-12-21 12:18:17 -08:00
			`// Login`
			`err = c.Auth.Login(ctx, usr.ID)`
			`require.NoError(t, err)`
			`_ = tests.ExecuteMiddleware(ctx, LoadAuthenticatedUser(c.Auth))`

			`// Logged in`
			`err = tests.ExecuteMiddleware(ctx, RequireAuthentication())`
Use nil error response for testing middleware execution. 2021-12-22 11:38:00 -08:00			`assert.Nil(t, err)`
Added tests package with helpers. Started on middleware tests. 2021-12-21 12:18:17 -08:00			`}`

			`func TestRequireNoAuthentication(t *testing.T) {`
			`ctx, _ := tests.NewContext(c.Web, "/")`
			`tests.InitSession(ctx)`

			`// Not logged in`
			`err := tests.ExecuteMiddleware(ctx, RequireNoAuthentication())`
Use nil error response for testing middleware execution. 2021-12-22 11:38:00 -08:00			`assert.Nil(t, err)`
Added tests package with helpers. Started on middleware tests. 2021-12-21 12:18:17 -08:00
			`// Login`
			`err = c.Auth.Login(ctx, usr.ID)`
			`require.NoError(t, err)`
			`_ = tests.ExecuteMiddleware(ctx, LoadAuthenticatedUser(c.Auth))`

			`// Logged in`
			`err = tests.ExecuteMiddleware(ctx, RequireNoAuthentication())`
Added tests for auth middleware. 2021-12-21 17:29:15 -08:00			`tests.AssertHTTPErrorCode(t, err, http.StatusForbidden)`
Added tests package with helpers. Started on middleware tests. 2021-12-21 12:18:17 -08:00			`}`

			`func TestLoadValidPasswordToken(t *testing.T) {`
Added tests for auth middleware. 2021-12-21 17:29:15 -08:00			`ctx, _ := tests.NewContext(c.Web, "/")`
			`tests.InitSession(ctx)`
Added tests package with helpers. Started on middleware tests. 2021-12-21 12:18:17 -08:00
Added tests for auth middleware. 2021-12-21 17:29:15 -08:00			`// Missing user context`
			`err := tests.ExecuteMiddleware(ctx, LoadValidPasswordToken(c.Auth))`
			`tests.AssertHTTPErrorCode(t, err, http.StatusInternalServerError)`

			`// Add user context but no password token and expect a redirect`
			`ctx.SetParamNames("user")`
			`ctx.SetParamValues(fmt.Sprintf("%d", usr.ID))`
			`_ = tests.ExecuteMiddleware(ctx, LoadUser(c.ORM))`
			`err = tests.ExecuteMiddleware(ctx, LoadValidPasswordToken(c.Auth))`
			`assert.NoError(t, err)`
			`assert.Equal(t, http.StatusFound, ctx.Response().Status)`

			`// Add user context and invalid password token and expect a redirect`
			`ctx.SetParamNames("user", "password_token")`
			`ctx.SetParamValues(fmt.Sprintf("%d", usr.ID), "faketoken")`
			`_ = tests.ExecuteMiddleware(ctx, LoadUser(c.ORM))`
			`err = tests.ExecuteMiddleware(ctx, LoadValidPasswordToken(c.Auth))`
			`assert.NoError(t, err)`
			`assert.Equal(t, http.StatusFound, ctx.Response().Status)`

			`// Create a valid token`
			`token, pt, err := c.Auth.GeneratePasswordResetToken(ctx, usr.ID)`
			`require.NoError(t, err)`

			`// Add user and valid password token`
			`ctx.SetParamNames("user", "password_token")`
			`ctx.SetParamValues(fmt.Sprintf("%d", usr.ID), token)`
			`_ = tests.ExecuteMiddleware(ctx, LoadUser(c.ORM))`
			`err = tests.ExecuteMiddleware(ctx, LoadValidPasswordToken(c.Auth))`
Use nil error response for testing middleware execution. 2021-12-22 11:38:00 -08:00			`assert.Nil(t, err)`
Added tests for auth middleware. 2021-12-21 17:29:15 -08:00			`ctxPt, ok := ctx.Get(context.PasswordTokenKey).(*ent.PasswordToken)`
			`require.True(t, ok)`
			`assert.Equal(t, pt.ID, ctxPt.ID)`
Added tests package with helpers. Started on middleware tests. 2021-12-21 12:18:17 -08:00			`}`