func TestUser_AccessTokenValid(t *testing.T) {
	//VerifyUserRequest
	initUser(nil)
	c := dbConn()
	user, err := models.UserSignIn(c, "*****@*****.**", "test1234", "password")
	if err != nil {
		t.Fatalf("Sign in failed unexpectedly")
	}
	initJwtUser(nil, user.AccessToken)

	if _, err := models.VerifyUserRequest(c, user.AccessToken); err != nil {
		t.Fatalf("Access token verification failed")
	}
}
func TestUser_AccessTokenInValid(t *testing.T) {
	//VerifyUserRequest
	initUser(nil)
	fuser := mockJwtUser("1234")
	c := dbConn()
	user, err := models.UserSignIn(c, "*****@*****.**", "test1234", "password")
	if err != nil {
		t.Fatalf("Sign in failed unexpectedly")
	}
	initJwtUser(fuser, user.AccessToken)

	if _, err := models.VerifyUserRequest(c, "1234"); err == nil {
		t.Fatalf("Access token accidientially Verified. Should be false")
	}
}
func TestUser_Change_Passwd_In_ValidCurrent(t *testing.T) {
	//UserChangePassword
	initUser(nil)
	c := dbConn()
	req, err := models.UserSignIn(c, "*****@*****.**", "test1234", "password")
	if err != nil {
		t.Fatalf("login failed unexpectedly")
		return
	}
	u, err := models.VerifyUserRequest(c, req.AccessToken)
	if _, err := models.UserChangePassword(c, u, "test12355", "test12345"); err == nil {
		t.Fatalf("password change was unexpectedly successful")
		return
	}

}
func exercisify(inner func(http.ResponseWriter, *http.Request, *sitrep.UsersByEmail, *sitrep.ExerciseByIdentifier), h *Handler, requireAuthentication bool) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		exerciseIDRaw, err := parseExerciseID(r)
		if err != nil {
			makeForbidden(w, err)
			return
		}

		exerciseID, err := gocql.ParseUUID(exerciseIDRaw)
		if err != nil {
			makeForbidden(w, err)
			return
		}

		exercise, err := models.FindExerciseByID(h.Cassandra, exerciseID)
		if err != nil {
			makeForbidden(w, err)
			return
		}
		if !requireAuthentication {
			inner(w, r, nil, exercise)
			return
		}
		counter := metrics.GetOrRegisterCounter(statAuthFail, h.statMap)
		accessToken, err := parseCredentials(r)
		if err != nil {
			counter.Inc(1)
			makeForbidden(w, err)
			return
		}

		user, err := models.VerifyUserRequest(h.Cassandra, accessToken)
		if err != nil {
			counter.Inc(1)
			makeForbidden(w, err)
			return
		}
		inner(w, r, user, exercise)
	})
}
func authenticate(inner func(http.ResponseWriter, *http.Request, *sitrep.UsersByEmail), h *Handler, requireAuthentication bool) http.Handler {
	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		if !requireAuthentication {
			inner(w, r, nil)
			return
		}
		counter := metrics.GetOrRegisterCounter(statAuthFail, h.statMap)
		accessToken, err := parseCredentials(r)
		if err != nil {
			counter.Inc(1)
			makeForbidden(w, err)
			return
		}

		user, err := models.VerifyUserRequest(h.Cassandra, accessToken)
		if err != nil {
			counter.Inc(1)
			makeForbidden(w, err)
			return
		}
		inner(w, r, user)
	})
}