78 lines
2.2 KiB
Rust
78 lines
2.2 KiB
Rust
|
// SPDX-FileCopyrightText: 2024 Simon Bruder <simon@sbruder.de>
|
||
|
|
//
|
||
|
|
// SPDX-License-Identifier: AGPL-3.0-or-later
|
||
|
|
|
||
|
|
use actix_http::header;
|
||
|
|
use actix_web::{cookie::Cookie, test};
|
||
|
|
use sqlx::PgPool;
|
||
|
|
|
||
|
|
mod common;
|
||
|
|
|
||
|
|
#[sqlx::test]
|
||
|
|
async fn protected_route_requires_login(pool: PgPool) {
|
||
|
|
let srv = test::init_service(li7y::app(&common::config(), &pool)).await;
|
||
|
|
let req = test::TestRequest::get().uri("/items").to_request();
|
||
|
|
let res = test::call_service(&srv, req).await;
|
||
|
|
|
||
|
|
assert!(common::assert_redirect(res.map_into_boxed_body()).starts_with("/login"));
|
||
|
|
}
|
||
|
|
|
||
|
|
#[sqlx::test]
|
||
|
|
async fn login(pool: PgPool) {
|
||
|
|
let srv = test::init_service(li7y::app(&common::config(), &pool)).await;
|
||
|
|
|
||
|
|
// This is identical to common::session_cookie,
|
||
|
|
// but copied here explicitly to ensure the right functionality is tested.
|
||
|
|
let req = test::TestRequest::post()
|
||
|
|
.uri("/login")
|
||
|
|
.set_form(common::LoginForm::default())
|
||
|
|
.to_request();
|
||
|
|
|
||
|
|
let res = test::call_service(&srv, req).await;
|
||
|
|
let session = Cookie::parse_encoded(
|
||
|
|
res.headers()
|
||
|
|
.clone()
|
||
|
|
.get(header::SET_COOKIE)
|
||
|
|
.unwrap()
|
||
|
|
.to_str()
|
||
|
|
.unwrap()
|
||
|
|
.to_string(),
|
||
|
|
)
|
||
|
|
.unwrap();
|
||
|
|
|
||
|
|
assert!(common::assert_redirect(res.map_into_boxed_body()).starts_with("/"));
|
||
|
|
|
||
|
|
let req = test::TestRequest::get()
|
||
|
|
.uri("/")
|
||
|
|
.cookie(session.clone())
|
||
|
|
.to_request();
|
||
|
|
|
||
|
|
let res = test::call_service(&srv, req).await;
|
||
|
|
|
||
|
|
assert!(res.status().is_success());
|
||
|
|
}
|
||
|
|
|
||
|
|
#[ignore = "actix_session::CookieSessionStore does not support invalidating sessions"]
|
||
|
|
#[sqlx::test]
|
||
|
|
async fn logout(pool: PgPool) {
|
||
|
|
let srv = test::init_service(li7y::app(&common::config(), &pool)).await;
|
||
|
|
|
||
|
|
let session_cookie = common::session_cookie(&srv).await;
|
||
|
|
|
||
|
|
let req = test::TestRequest::post()
|
||
|
|
.uri("/logout")
|
||
|
|
.cookie(session_cookie.clone())
|
||
|
|
.to_request();
|
||
|
|
|
||
|
|
test::call_service(&srv, req).await;
|
||
|
|
|
||
|
|
let req = test::TestRequest::get()
|
||
|
|
.uri("/items")
|
||
|
|
.cookie(session_cookie.clone())
|
||
|
|
.to_request();
|
||
|
|
|
||
|
|
let res = test::call_service(&srv, req).await;
|
||
|
|
|
||
|
|
assert!(common::assert_redirect(res.map_into_boxed_body()).starts_with("/login"));
|
||
|
|
}
|