func TestAuthoriseUser_UserNotFound(t *testing.T) {
auth := setupAuth(dbtest.NewFakeDB())
_, err := auth.AuthoriseUser("missinguser", "password")
if err != db.NoSuchUserError {
t.Fatal("Expected NoSuchUserError, got", err)
}
}
// setupUser creates a new database and auth instance with the given user
// configured.
func setupUser(u, p string) (*Auth, error) {
d := dbtest.NewFakeDB()
auth := setupAuth(d)
pw, err := auth.EncryptPassword(p)
if err != nil {
return nil, err
}
err = d.CreateUser(&model.User{u, pw})
if err != nil {
return nil, err
}
return auth, nil
}
func TestLogout_NoGet(t *testing.T) {
auth := setupAuth(dbtest.NewFakeDB())
r, err := http.NewRequest("GET", "", nil)
if err != nil {
t.Fatal(err)
}
w := httptest.NewRecorder()
auth.LogoutHandler(w, r)
if w.Code != http.StatusBadRequest {
t.Error("Expected StatusBadRequest, got", w.Code)
}
if w.Header().Get(authCookie) != "" {
t.Error("Expected no auth cookie, got", w.Header())
}
}
func TestLogout(t *testing.T) {
auth := setupAuth(dbtest.NewFakeDB())
r, err := http.NewRequest("POST", "", nil)
if err != nil {
t.Fatal(err)
}
w := httptest.NewRecorder()
auth.LogoutHandler(w, r)
if w.Code != http.StatusOK {
t.Error("Expected StatusOK, got", w.Code)
}
res := http.Response{Header: w.Header()}
c := res.Cookies()[0]
if c.Name != authCookie ||
c.Value != "" ||
c.Path != "/" ||
!c.Expires.Before(time.Now()) ||
!c.HttpOnly {
t.Error("Expected expired auth cookie, got", c)
}
}