func BenchmarkNewAuthtoken(b *testing.B) {
c := New(5*time.Second, []byte("key1"), []byte("key2"), []byte("key3"))
a := model.Authtoken{}
a.Email = "*****@*****.**"
a.Username = "******"
b.ResetTimer()
for i := 0; i < b.N; i++ {
c.NewAuthtoken(a)
}
}
func BenchmarkAuthenticate(b *testing.B) {
c := New(5*time.Second, []byte("key1"), []byte("key2"), []byte("key3"))
a := model.Authtoken{}
a.Email = "*****@*****.**"
a.Username = "******"
src, _ := c.NewAuthtoken(a)
b.ResetTimer()
for i := 0; i < b.N; i++ {
c.Authenticate(src)
}
}
func TestAuth(t *testing.T) {
Convey("Given a authority", t, func() {
c := New(50*time.Millisecond, []byte("key1"), []byte("key2"), []byte("key3"))
Convey("When create new authtoken with info", func() {
a := model.Authtoken{}
a.Email = "*****@*****.**"
a.Username = "******"
token, _ := c.NewAuthtoken(a)
Convey("The info should resemble a", func() {
info, _ := c.Authenticate(token)
So(info, ShouldResemble, a)
})
Convey("After 50ms, token is expired", func() {
time.Sleep(500 * time.Millisecond)
_, err := c.Authenticate(token)
So(err.(errors.Error).Is(errors.ErrUnauthorized), ShouldBeTrue)
})
})
Convey("When given invalid hex, maybe hacked by someone", func() {
_, err := c.Authenticate(`invalidhex`)
Convey("The detailed error should be hex decode error", func() {
So(err.(errors.Error).Is(errors.ErrServerInternal), ShouldBeTrue)
})
})
Convey("When given invalid token, maybe hacked by someone", func() {
bytes := []byte("invalid json")
privateKeys := [][]byte{[]byte("key1"), []byte("key2"), []byte("key3")}
for i := range privateKeys {
bytes = xxtea.Encrypt(bytes, privateKeys[len(privateKeys)-1-i])
}
token := hex.EncodeToString(bytes)
_, err := c.Authenticate(token)
Convey("The error should be token has been expired", func() {
So(err.(errors.Error).Is(errors.ErrUnauthorized), ShouldBeTrue)
})
})
})
}