(t *testing.T)
| 22 | ) |
| 23 | |
| 24 | func TestUserController(t *testing.T) { |
| 25 | tlog.NewTestLogger().Init() |
| 26 | tempDir := t.TempDir() |
| 27 | |
| 28 | authServiceCfg := service.AuthServiceConfig{ |
| 29 | Users: []config.User{ |
| 30 | { |
| 31 | Username: "testuser", |
| 32 | Password: "$2a$10$ZwVYQH07JX2zq7Fjkt3gU.BjwvvwPeli4OqOno04RQIv0P7usBrXa", // password |
| 33 | }, |
| 34 | { |
| 35 | Username: "totpuser", |
| 36 | Password: "$2a$10$ZwVYQH07JX2zq7Fjkt3gU.BjwvvwPeli4OqOno04RQIv0P7usBrXa", // password |
| 37 | TotpSecret: "JPIEBDKJH6UGWJMX66RR3S55UFP2SGKK", |
| 38 | }, |
| 39 | }, |
| 40 | SessionExpiry: 10, // 10 seconds, useful for testing |
| 41 | CookieDomain: "example.com", |
| 42 | LoginTimeout: 10, // 10 seconds, useful for testing |
| 43 | LoginMaxRetries: 3, |
| 44 | SessionCookieName: "tinyauth-session", |
| 45 | } |
| 46 | |
| 47 | userControllerCfg := controller.UserControllerConfig{ |
| 48 | CookieDomain: "example.com", |
| 49 | } |
| 50 | |
| 51 | type testCase struct { |
| 52 | description string |
| 53 | middlewares []gin.HandlerFunc |
| 54 | run func(t *testing.T, router *gin.Engine, recorder *httptest.ResponseRecorder) |
| 55 | } |
| 56 | |
| 57 | tests := []testCase{ |
| 58 | { |
| 59 | description: "Should be able to login with valid credentials", |
| 60 | middlewares: []gin.HandlerFunc{}, |
| 61 | run: func(t *testing.T, router *gin.Engine, recorder *httptest.ResponseRecorder) { |
| 62 | loginReq := controller.LoginRequest{ |
| 63 | Username: "testuser", |
| 64 | Password: "password", |
| 65 | } |
| 66 | loginReqBody, err := json.Marshal(loginReq) |
| 67 | assert.NoError(t, err) |
| 68 | |
| 69 | req := httptest.NewRequest("POST", "/api/user/login", strings.NewReader(string(loginReqBody))) |
| 70 | req.Header.Set("Content-Type", "application/json") |
| 71 | |
| 72 | router.ServeHTTP(recorder, req) |
| 73 | |
| 74 | assert.Equal(t, 200, recorder.Code) |
| 75 | assert.Len(t, recorder.Result().Cookies(), 1) |
| 76 | |
| 77 | cookie := recorder.Result().Cookies()[0] |
| 78 | assert.Equal(t, "tinyauth-session", cookie.Name) |
| 79 | assert.True(t, cookie.HttpOnly) |
| 80 | assert.Equal(t, "example.com", cookie.Domain) |
| 81 | assert.Equal(t, 10, cookie.MaxAge) |
nothing calls this directly
no test coverage detected