Example #1
0
File: auth.go Project: gaego/auth
// CreateAndLogin does the following:
//
//  - Search for an existing user - session -> Profile -> email address
//  - Saves the Profile to the datastore
//  - Creates a User or appends the AuthID to the Requesting user's account
//  - Logs in the User
//  - Adds the admin role to the User if they are an GAE Admin.
func CreateAndLogin(w http.ResponseWriter, r *http.Request,
	p *profile.Profile) (u *user.User, err error) {
	c := context.NewContext(r)
	if u, err = p.UpdateUser(w, r); err != nil {
		return
	}
	if err = user.CurrentUserSetID(w, r, p.UserID); err != nil {
		return
	}
	err = p.Put(c)
	return
}
Example #2
0
// Scenario #2:
// - No User session
// - Yes Email Saved
// - Yes Profile Saved
func TestAuthenticate_Scenario2(t *testing.T) {
	pro := setup()
	defer tearDown()

	var pf *profile.Profile
	var uRL string
	var err error
	var v url.Values
	var r *http.Request

	c := context.NewContext(nil)
	w := httptest.NewRecorder()

	// Profile Not found
	v = url.Values{}
	v.Set("Email", "*****@*****.**")
	v.Set("Password.Current", "secret1")
	r = createRequest(v)
	// Check.
	if pf, uRL, err = pro.Authenticate(w, r); uRL != "" || err != ErrProfileNotFound {
		t.Errorf(`url: %v, want: ""`, uRL)
		t.Errorf(`err: %v, want: %v`, err, ErrProfileNotFound)
	}

	// Setup.
	pf = profile.New("Password", "")
	pf.UserID = "1"
	pf.ID = "1"
	passHash, _ := GenerateFromPassword([]byte("secret1"))
	pf.Auth = passHash
	pf.SetKey(c)
	pf.Person = &person.Person{
		Name: &person.PersonName{
			GivenName:  "Barack",
			FamilyName: "Obama",
		},
	}
	_ = pf.Put(c)
	e := email.New()
	e.UserID = "1"
	e.SetKey(c, "*****@*****.**")
	_ = e.Put(c)

	// 1. Login
	// a. Correct password.
	v = url.Values{}
	v.Set("Email", "*****@*****.**")
	v.Set("Password.Current", "secret1")
	v.Set("Name.GivenName", "Berry")
	r = createRequest(v)
	// Check.
	if pf, uRL, err = pro.Authenticate(w, r); uRL != "" || err != nil {
		t.Errorf(`url: %v, want: ""`, uRL)
		t.Fatalf(`err: %v, want: %v`, err, nil)
	}
	if x := pf.Person.Name.GivenName; x != "Barack" {
		t.Errorf(`.Person should not be updated on login`)
	}
	// b. In-Correct password.
	v = url.Values{}
	v.Set("Email", "*****@*****.**")
	v.Set("Password.Current", "fakepass")
	r = createRequest(v)
	// Check.
	if _, _, err = pro.Authenticate(w, r); err != ErrPasswordMismatch {
		t.Errorf(`err: %v, want: %v`, err, ErrPasswordMismatch)
	}
	// 2. Update
	// a. Correct password.
	v = url.Values{}
	v.Set("Email", "*****@*****.**")
	v.Set("Password.Current", "secret1")
	v.Set("Password.New", "secret2")
	v.Set("Name.GivenName", "Berry")
	r = createRequest(v)
	// Check.
	if pf, uRL, err = pro.Authenticate(w, r); uRL != "" || err != nil {
		t.Errorf(`url: %v, want: ""`, uRL)
		t.Errorf(`err: %v, want: %v`, err, nil)
	}
	if x := pf.Person.Name.GivenName; x != "Berry" {
		t.Errorf(`pf.Person should be updated on update`)
	}
	if x := pf.UserID; x != "1" {
		t.Errorf(`pf.UserID: %v, want %v`, x, "1")
	}
	if err := CompareHashAndPassword(pf.Auth, []byte("secret2")); err != nil {
		t.Errorf(`Password was not changed`)
	}
	// b. In-Correct password.
	v = url.Values{}
	v.Set("Email", "*****@*****.**")
	v.Set("Password.Current", "fakepass")
	v.Set("Password.New", "hacked")
	v.Set("Name.GivenName", "Bob")
	r = createRequest(v)
	// Check.
	if _, _, err = pro.Authenticate(w, r); err != ErrPasswordMismatch {
		t.Errorf(`err: %v, want: %v`, err, ErrPasswordMismatch)
	}
	// 2. Create - Should login user
	// a. Correct password.
	v = url.Values{}
	v.Set("Email", "*****@*****.**")
	v.Set("Password.New", "secret1")
	v.Set("Name.GivenName", "Bob1")
	r = createRequest(v)
	// Check.
	if pf, uRL, err = pro.Authenticate(w, r); uRL != "" || err != nil {
		t.Errorf(`url: %v, want: ""`, uRL)
		t.Errorf(`err: %v, want: %v`, err, nil)
	}
	if x := pf.Person.Name.GivenName; x != "Bob1" {
		t.Errorf(`.Person should be updated on update`)
	}
	if x := pf.UserID; x != "1" {
		t.Errorf(`pf.UserID: %v, want %v`, x, "1")
	}
	if err := CompareHashAndPassword(pf.Auth, []byte("secret1")); err != nil {
		t.Errorf(`Password was not changed`)
	}
	// b. In-Correct password.
	v = url.Values{}
	v.Set("Email", "*****@*****.**")
	v.Set("Password.New", "fakepass")
	v.Set("Name.GivenName", "Bob2")
	r = createRequest(v)
	// Check.
	if _, _, err = pro.Authenticate(w, r); err != ErrPasswordMismatch {
		t.Errorf(`err: %v, want: %v`, err, ErrPasswordMismatch)
	}
}