func TestUser_AccessTokenValid(t *testing.T) {
//VerifyUserRequest
initUser(nil)
c := dbConn()
user, err := models.UserSignIn(c, "*****@*****.**", "test1234", "password")
if err != nil {
t.Fatalf("Sign in failed unexpectedly")
}
initJwtUser(nil, user.AccessToken)
if _, err := models.VerifyUserRequest(c, user.AccessToken); err != nil {
t.Fatalf("Access token verification failed")
}
}
func TestUser_AccessTokenInValid(t *testing.T) {
//VerifyUserRequest
initUser(nil)
fuser := mockJwtUser("1234")
c := dbConn()
user, err := models.UserSignIn(c, "*****@*****.**", "test1234", "password")
if err != nil {
t.Fatalf("Sign in failed unexpectedly")
}
initJwtUser(fuser, user.AccessToken)
if _, err := models.VerifyUserRequest(c, "1234"); err == nil {
t.Fatalf("Access token accidientially Verified. Should be false")
}
}
func TestUser_Change_Passwd_In_ValidCurrent(t *testing.T) {
//UserChangePassword
initUser(nil)
c := dbConn()
req, err := models.UserSignIn(c, "*****@*****.**", "test1234", "password")
if err != nil {
t.Fatalf("login failed unexpectedly")
return
}
u, err := models.VerifyUserRequest(c, req.AccessToken)
if _, err := models.UserChangePassword(c, u, "test12355", "test12345"); err == nil {
t.Fatalf("password change was unexpectedly successful")
return
}
}
func exercisify(inner func(http.ResponseWriter, *http.Request, *sitrep.UsersByEmail, *sitrep.ExerciseByIdentifier), h *Handler, requireAuthentication bool) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
exerciseIDRaw, err := parseExerciseID(r)
if err != nil {
makeForbidden(w, err)
return
}
exerciseID, err := gocql.ParseUUID(exerciseIDRaw)
if err != nil {
makeForbidden(w, err)
return
}
exercise, err := models.FindExerciseByID(h.Cassandra, exerciseID)
if err != nil {
makeForbidden(w, err)
return
}
if !requireAuthentication {
inner(w, r, nil, exercise)
return
}
counter := metrics.GetOrRegisterCounter(statAuthFail, h.statMap)
accessToken, err := parseCredentials(r)
if err != nil {
counter.Inc(1)
makeForbidden(w, err)
return
}
user, err := models.VerifyUserRequest(h.Cassandra, accessToken)
if err != nil {
counter.Inc(1)
makeForbidden(w, err)
return
}
inner(w, r, user, exercise)
})
}
func authenticate(inner func(http.ResponseWriter, *http.Request, *sitrep.UsersByEmail), h *Handler, requireAuthentication bool) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if !requireAuthentication {
inner(w, r, nil)
return
}
counter := metrics.GetOrRegisterCounter(statAuthFail, h.statMap)
accessToken, err := parseCredentials(r)
if err != nil {
counter.Inc(1)
makeForbidden(w, err)
return
}
user, err := models.VerifyUserRequest(h.Cassandra, accessToken)
if err != nil {
counter.Inc(1)
makeForbidden(w, err)
return
}
inner(w, r, user)
})
}