auth

Paddy 2015-03-20 Parent:163ce22fa4c9 Child:8267e1c8bcd1

147:7ae03163f578 Go to Latest

auth/session_test.go

Randomly generate codes. We've been using our IDs for auth codes. But our IDs may at some point be non-random, for the purpose of optimising database performance, or some other perfectly valid reason. Auth codes we always want to be random, and have no relation to IDs, so why conflate them? Instead, we pull 16 random bytes out of crypto/rand.Reader and hex encode them.

Download raw file
View source Diff to previous Annotate
History
1 package auth
2
3 import (
4 "testing"
5 "time"
6
7 "code.secondbit.org/uuid.hg"
8 )
9
10 var sessionStores = []sessionStore{NewMemstore()}
11
12 func compareSessions(session1, session2 Session) (success bool, field string, val1, val2 interface{}) {
13 if session1.ID != session2.ID {
14 return false, "ID", session1.ID, session2.ID
15 }
16 if session1.IP != session2.IP {
17 return false, "IP", session1.IP, session2.IP
18 }
19 if session1.UserAgent != session2.UserAgent {
20 return false, "UserAgent", session1.UserAgent, session2.UserAgent
21 }
22 if !session1.ProfileID.Equal(session2.ProfileID) {
23 return false, "ProfileID", session1.ProfileID, session2.ProfileID
24 }
25 if !session1.Created.Equal(session2.Created) {
26 return false, "Created", session1.Created, session2.Created
27 }
28 if !session1.Expires.Equal(session2.Expires) {
29 return false, "Expires", session1.Expires, session2.Expires
30 }
31 if session1.Login != session2.Login {
32 return false, "Login", session1.Login, session2.Login
33 }
34 if session1.Active != session2.Active {
35 return false, "Active", session1.Active, session2.Active
36 }
37 if session1.CSRFToken != session2.CSRFToken {
38 return false, "CSRFToken", session1.CSRFToken, session2.CSRFToken
39 }
40 return true, "", nil, nil
41 }
42
43 func TestSessionStoreSuccess(t *testing.T) {
44 t.Parallel()
45 session := Session{
46 ID: uuid.NewID().String() + uuid.NewID().String(),
47 IP: "127.0.0.1",
48 UserAgent: "TestRunner",
49 ProfileID: uuid.NewID(),
50 Created: time.Now(),
51 Login: "test@example.com",
52 Active: true,
53 }
54 for _, store := range sessionStores {
55 context := Context{sessions: store}
56 err := context.CreateSession(session)
57 if err != nil {
58 t.Errorf("Error saving session to %T: %s", store, err)
59 }
60 err = context.CreateSession(session)
61 if err != ErrSessionAlreadyExists {
62 t.Errorf("Expected ErrSessionAlreadyExists from %T, got %s", store, err)
63 }
64 retrieved, err := context.GetSession(session.ID)
65 if err != nil {
66 t.Errorf("Error retrieving session from %T: %s", store, err)
67 }
68 success, field, expectation, result := compareSessions(session, retrieved)
69 if !success {
70 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
71 }
72 retrievedList, err := context.ListSessions(session.ProfileID, time.Time{}, 10)
73 if err != nil {
74 t.Errorf("Error retrieving sessions by profile from %T: %s", store, err)
75 }
76 if len(retrievedList) != 1 {
77 t.Errorf("Expected 1 session retrieved by profile from %T, got %d", store, len(retrievedList))
78 }
79 success, field, expectation, result = compareSessions(session, retrievedList[0])
80 if !success {
81 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
82 }
83 err = context.RemoveSession(session.ID)
84 if err != nil {
85 t.Errorf("Error removing session from %T: %s", store, err)
86 }
87 retrieved, err = context.GetSession(session.ID)
88 if err != ErrSessionNotFound {
89 t.Errorf("Expected ErrSessionNotFound from %T, got %s", store, err)
90 }
91 retrievedList, err = context.ListSessions(session.ProfileID, time.Time{}, 10)
92 if err != nil {
93 t.Errorf("Error retrieving sessions by profile from %T: %s", store, err)
94 }
95 if len(retrievedList) != 0 {
96 t.Errorf("Expected 0 sessions retrieved by profile from %T, got %d", store, len(retrievedList))
97 }
98 err = context.RemoveSession(session.ID)
99 if err != ErrSessionNotFound {
100 t.Errorf("Expected ErrSessionNotFound from %T, got %s", store, err)
101 }
102 }
103 }
104
105 // BUG(paddy): We need to test the CreateSessionHandler.
106 // BUG(paddy): We need to test the credentialsValidate function.