package auth_test import ( "database/sql" "net/http" "net/http/httptest" "os" "testing" "git.hatecomputers.club/hatecomputers/hatecomputers.club/api/auth" "git.hatecomputers.club/hatecomputers/hatecomputers.club/api/types" "git.hatecomputers.club/hatecomputers/hatecomputers.club/args" "git.hatecomputers.club/hatecomputers/hatecomputers.club/database" "git.hatecomputers.club/hatecomputers/hatecomputers.club/utils" ) func IdContinuation(context *types.RequestContext, req *http.Request, resp http.ResponseWriter) types.ContinuationChain { return func(success types.Continuation, _failure types.Continuation) types.ContinuationChain { return success(context, req, resp) } } func setup() (*sql.DB, *types.RequestContext, func()) { randomDb := utils.RandomId() testDb := database.MakeConn(&randomDb) database.Migrate(testDb) context := &types.RequestContext{ DBConn: testDb, Args: &args.Arguments{}, TemplateData: &(map[string]interface{}{}), } return testDb, context, func() { testDb.Close() os.Remove(randomDb) } } func TestLoginSendsYouToRedirect(t *testing.T) { db, context, cleanup := setup() defer cleanup() user := &database.User{ ID: "test", Username: "test", } database.FindOrSaveUser(db, user) session, _ := database.MakeUserSessionFor(db, user) testServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { auth.VerifySessionContinuation(context, r, w)(IdContinuation, auth.GoLoginContinuation)(IdContinuation, IdContinuation) })) defer testServer.Close() protectedPath := testServer.URL + "/protected-path" req := httptest.NewRequest("GET", protectedPath, nil) resp := httptest.NewRecorder() testServer.Config.Handler.ServeHTTP(resp, req) location := resp.Header().Get("Location") if resp.Code != http.StatusFound && location != "/login" { t.Errorf("expected redirect code, got %d, to login, got %s", resp.Code, location) } req.AddCookie(&http.Cookie{ Name: "session", Value: session.ID, MaxAge: 60, }) resp = httptest.NewRecorder() testServer.Config.Handler.ServeHTTP(resp, req) if resp.Code != http.StatusOK { } func TestOauthFormatsUsername(t *testing.T) { } func TestSessionIsUnique(t *testing.T) {} func TestLogoutClearsCookie(t *testing.T) { } func TestRefreshUpdatesExpiration(t *testing.T) { } func TestVerifySessionEnsuresNonExpired(t *testing.T) { } func TestAPITokensAreEquivalentToSessions(t *testing.T) { }