1 defmodule Pleroma.Plugs.AuthenticationPlugTest do
2 use Pleroma.Web.ConnCase, async: true
4 alias Pleroma.Plugs.AuthenticationPlug
6 defp fetch_nil(_name) do
13 password_hash: Comeonin.Pbkdf2.hashpwsalt("guy")
19 signing_salt: "cooldude"
22 defp fetch_user(_name) do
26 defp basic_auth_enc(username, password) do
27 "Basic " <> Base.encode64("#{username}:#{password}")
30 describe "without an authorization header" do
31 test "it halts the application" do
33 |> Plug.Session.call(Plug.Session.init(@session_opts))
35 |> AuthenticationPlug.call(%{})
37 assert conn.status == 403
38 assert conn.halted == true
41 test "it assigns a nil user if the 'optional' option is used" do
43 |> Plug.Session.call(Plug.Session.init(@session_opts))
45 |> AuthenticationPlug.call(%{optional: true})
47 assert %{ user: nil } == conn.assigns
51 describe "with an authorization header for a nonexisting user" do
52 test "it halts the application" do
55 |> Plug.Session.call(Plug.Session.init(@session_opts))
57 |> AuthenticationPlug.call(%{fetcher: &fetch_nil/1})
59 assert conn.status == 403
60 assert conn.halted == true
63 test "it assigns a nil user if the 'optional' option is used" do
66 |> Plug.Session.call(Plug.Session.init(@session_opts))
68 |> AuthenticationPlug.call(%{optional: true, fetcher: &fetch_nil/1 })
70 assert %{ user: nil } == conn.assigns
74 describe "with an incorrect authorization header for a enxisting user" do
75 test "it halts the application" do
77 fetcher: &fetch_user/1
80 header = basic_auth_enc("dude", "man")
84 |> Plug.Session.call(Plug.Session.init(@session_opts))
86 |> put_req_header("authorization", header)
87 |> AuthenticationPlug.call(opts)
89 assert conn.status == 403
90 assert conn.halted == true
93 test "it assigns a nil user if the 'optional' option is used" do
96 fetcher: &fetch_user/1
99 header = basic_auth_enc("dude", "man")
103 |> Plug.Session.call(Plug.Session.init(@session_opts))
105 |> put_req_header("authorization", header)
106 |> AuthenticationPlug.call(opts)
108 assert %{ user: nil } == conn.assigns
112 describe "with a correct authorization header for an existing user" do
113 test "it assigns the user", %{conn: conn} do
116 fetcher: &fetch_user/1
119 header = basic_auth_enc("dude", "guy")
122 |> Plug.Session.call(Plug.Session.init(@session_opts))
124 |> put_req_header("authorization", header)
125 |> AuthenticationPlug.call(opts)
127 assert %{ user: @user } == conn.assigns
128 assert get_session(conn, :user_id) == @user.id
129 assert conn.halted == false
132 describe "with a user_id in the session for an existing user" do
133 test "it assigns the user", %{conn: conn} do
136 fetcher: &fetch_user/1
139 header = basic_auth_enc("dude", "THIS IS WRONG")
142 |> Plug.Session.call(Plug.Session.init(@session_opts))
144 |> put_session(:user_id, @user.id)
145 |> put_req_header("authorization", header)
146 |> AuthenticationPlug.call(opts)
148 assert %{ user: @user } == conn.assigns
149 assert get_session(conn, :user_id) == @user.id
150 assert conn.halted == false