golang-lib/web/auth/api_password_code_test.go

63 lines
1.7 KiB
Go
Raw Permalink Normal View History

2021-06-23 11:36:09 +02:00
package auth
import (
"net/http"
"testing"
"github.com/google/uuid"
"github.com/stretchr/testify/assert"
2023-10-23 21:40:10 +02:00
"codeberg.org/genofire/golang-lib/web"
"codeberg.org/genofire/golang-lib/web/webtest"
2021-06-23 11:36:09 +02:00
)
func TestAPIPasswordCode(t *testing.T) {
assert := assert.New(t)
s, err := webtest.NewWithDBSetup(apiPasswordCode, SetupMigration)
2021-06-28 13:59:27 +02:00
assert.NoError(err)
defer s.Close()
2021-06-23 11:36:09 +02:00
assert.NotNil(s)
forgetCode := uuid.New()
passwordCurrent := "CHANGEME"
passwordNew := "test"
s.DB.DB.Model(&User{ID: TestUser1ID}).Update("forget_code", forgetCode)
hErr := web.HTTPError{}
// invalid
2021-06-28 13:59:27 +02:00
err = s.Request(http.MethodPost, "/api/v1/auth/password/code", &passwordNew, http.StatusBadRequest, &hErr)
2021-06-28 12:14:20 +02:00
assert.NoError(err)
2021-07-22 18:16:05 +02:00
assert.Equal(web.ErrAPIInvalidRequestFormat.Error(), hErr.Message)
2021-06-23 11:36:09 +02:00
res := ""
// set new password
2021-06-28 12:14:20 +02:00
err = s.Request(http.MethodPost, "/api/v1/auth/password/code", &PasswordWithForgetCode{
2021-06-23 11:36:09 +02:00
ForgetCode: forgetCode,
Password: passwordNew,
}, http.StatusOK, &res)
2021-06-28 12:14:20 +02:00
assert.NoError(err)
2021-06-23 11:36:09 +02:00
assert.Equal("admin", res)
hErr = web.HTTPError{}
// set password without code
2021-06-28 12:14:20 +02:00
err = s.Request(http.MethodPost, "/api/v1/auth/password/code", &PasswordWithForgetCode{
2021-06-23 11:36:09 +02:00
ForgetCode: forgetCode,
Password: passwordCurrent,
}, http.StatusBadRequest, &hErr)
2021-06-28 12:14:20 +02:00
assert.NoError(err)
2021-07-22 18:16:05 +02:00
assert.Equal(ErrAPIUserNotFound.Error(), hErr.Message)
2021-06-23 11:36:09 +02:00
forgetCode = uuid.New()
s.DB.DB.Model(&User{ID: TestUser1ID}).Update("forget_code", forgetCode)
res = ""
// set old password
2021-06-28 12:14:20 +02:00
err = s.Request(http.MethodPost, "/api/v1/auth/password/code", &PasswordWithForgetCode{
2021-06-23 11:36:09 +02:00
ForgetCode: forgetCode,
Password: passwordCurrent,
}, http.StatusOK, &res)
2021-06-28 12:14:20 +02:00
assert.NoError(err)
2021-06-23 11:36:09 +02:00
assert.Equal("admin", res)
}