func TestLogout(t *testing.T) {
initTestDB()
defer closeTestDB()
// Create the user and loggin it in.
password := security.PasswordSalt("1111")
createUser("user", password)
req, err := http.NewRequest("POST", "/", nil)
if err != nil {
t.Fatalf("Expected to be nil: %v", err)
}
w := httptest.NewRecorder()
login(w, req)
// Check that the user has really been logged in.
var user User
err = Db.SelectOne(&user, "select * from users")
if err != nil {
t.Fatalf("Expected to be nil: %v", err)
}
if ck := lib.GetCookie(req, "userId"); ck != user.ID {
t.Fatalf("Got: %v; expected: %v", ck, user.ID)
}
// Logout
Logout(w, req)
if lib.GetCookie(req, "userId") != nil {
t.Fatalf("Expected to be empty")
}
}
// It returns true (thus, accepting the route) if the current user is
// logged in, false otherwise.
func userLogged(req *http.Request, rm *mux.RouteMatch) bool {
var rid string
if lib.JSONEncoding(req) {
rid = req.URL.Query().Get("token")
} else if id, ok := lib.GetCookie(req, "userId").(string); ok {
rid = id
}
return app.Exists("users", rid)
}
// RootIndex renders the root page. It has three different options:
//
// 1. If there's no user, it renders the "Create user" page.
// 2. If the current user is not logged in, it render the "Login" page.
// 3. If the current user is logged in, then it redirects the user to the
// /topics page.
func RootIndex(res http.ResponseWriter, req *http.Request) {
id := lib.GetCookie(req, "userId")
if id == nil {
count := Count("users")
if count == 0 {
lib.Render(res, "users/new", lib.DefaultViewData())
} else {
lib.Render(res, "application/login", lib.DefaultViewData())
}
} else {
http.Redirect(res, req, "/topics", http.StatusFound)
}
}
// TopicsIndex responds to: GET /topics
func TopicsIndex(res http.ResponseWriter, req *http.Request) {
if lib.JSONEncoding(req) {
TopicsIndexJSON(res, req)
return
}
var err error
var t Topic
if id := lib.GetCookie(req, "topic"); id != "" && id != nil {
err = Db.SelectOne(&t, "select * from topics where id=$1", id)
} else {
err = Db.SelectOne(&t, "select * from topics order by name limit 1")
}
if err != nil {
log.Printf("Could not select topics: %v", err)
}
renderShow(res, &t, false)
}
func TestLogin(t *testing.T) {
initTestDB()
defer closeTestDB()
// This guy will be re-used throughout this test.
param := make(url.Values)
param["name"] = []string{"user"}
param["password"] = []string{"1234"}
// No users.
req, err := http.NewRequest("POST", "/", nil)
if err != nil {
t.Fatalf("Expected to be nil: %v", err)
}
req.PostForm = param
w := httptest.NewRecorder()
Login(w, req)
if w.Code != 302 {
t.Fatalf("Got %v, Expected: %v", w.Code, 302)
}
if w.HeaderMap["Location"][0] != "/" {
t.Fatalf("Got %v, Expected: %v", w.HeaderMap["Location"][0], "/")
}
if lib.GetCookie(req, "userId") != nil {
t.Fatalf("Expected to be empty")
}
// Wrong password.
password := security.PasswordSalt("1111")
createUser("user", password)
req, err = http.NewRequest("POST", "/", nil)
if err != nil {
t.Fatalf("Expected to be nil: %v", err)
}
req.PostForm = param
w = httptest.NewRecorder()
Login(w, req)
if w.Code != 302 {
t.Fatalf("Got %v, Expected: %v", w.Code, 302)
}
if w.HeaderMap["Location"][0] != "/" {
t.Fatalf("Got %v, Expected: %v", w.HeaderMap["Location"][0], "/")
}
if lib.GetCookie(req, "userId") != nil {
t.Fatalf("Expected to be empty")
}
// Ok.
req, err = http.NewRequest("POST", "/", nil)
if err != nil {
t.Fatalf("Expected to be nil: %v", err)
}
param["password"] = []string{"1111"}
req.PostForm = param
w = httptest.NewRecorder()
Login(w, req)
if w.Code != 302 {
t.Fatalf("Got %v, Expected: %v", w.Code, 302)
}
if w.HeaderMap["Location"][0] != "/" {
t.Fatalf("Got %v, Expected: %v", w.HeaderMap["Location"][0], "/")
}
if lib.GetCookie(req, "userId") == nil {
t.Fatalf("Expected to be empty")
}
var user User
err = Db.SelectOne(&user, "select * from users")
if err != nil {
t.Fatalf("Expected to be nil: %v", err)
}
if lib.GetCookie(req, "userId") != user.ID {
t.Fatalf("Wrong values")
}
}