projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Add ostatus conversation as context.
[akkoma] / test / plugs / authentication_plug_test.exs
1 defmodule Pleroma.Plugs.AuthenticationPlugTest do
2 use Pleroma.Web.ConnCase, async: true
3
4 alias Pleroma.Plugs.AuthenticationPlug
5
6 defp fetch_nil(_name) do
7 {:ok, nil}
8 end
9
10 @user %{
11 id: 1,
12 name: "dude",
13 password_hash: Comeonin.Pbkdf2.hashpwsalt("guy")
14 }
15
16 @session_opts [
17 store: :cookie,
18 key: "_test",
19 signing_salt: "cooldude"
20 ]
21
22 defp fetch_user(_name) do
23 {:ok, @user}
24 end
25
26 defp basic_auth_enc(username, password) do
27 "Basic " <> Base.encode64("#{username}:#{password}")
28 end
29
30 describe "without an authorization header" do
31 test "it halts the application" do
32 conn = build_conn()
33 |> Plug.Session.call(Plug.Session.init(@session_opts))
34 |> fetch_session
35 |> AuthenticationPlug.call(%{})
36
37 assert conn.status == 403
38 assert conn.halted == true
39 end
40
41 test "it assigns a nil user if the 'optional' option is used" do
42 conn = build_conn()
43 |> Plug.Session.call(Plug.Session.init(@session_opts))
44 |> fetch_session
45 |> AuthenticationPlug.call(%{optional: true})
46
47 assert %{ user: nil } == conn.assigns
48 end
49 end
50
51 describe "with an authorization header for a nonexisting user" do
52 test "it halts the application" do
53 conn =
54 build_conn()
55 |> Plug.Session.call(Plug.Session.init(@session_opts))
56 |> fetch_session
57 |> AuthenticationPlug.call(%{fetcher: &fetch_nil/1})
58
59 assert conn.status == 403
60 assert conn.halted == true
61 end
62
63 test "it assigns a nil user if the 'optional' option is used" do
64 conn =
65 build_conn()
66 |> Plug.Session.call(Plug.Session.init(@session_opts))
67 |> fetch_session
68 |> AuthenticationPlug.call(%{optional: true, fetcher: &fetch_nil/1 })
69
70 assert %{ user: nil } == conn.assigns
71 end
72 end
73
74 describe "with an incorrect authorization header for a enxisting user" do
75 test "it halts the application" do
76 opts = %{
77 fetcher: &fetch_user/1
78 }
79
80 header = basic_auth_enc("dude", "man")
81
82 conn =
83 build_conn()
84 |> Plug.Session.call(Plug.Session.init(@session_opts))
85 |> fetch_session
86 |> put_req_header("authorization", header)
87 |> AuthenticationPlug.call(opts)
88
89 assert conn.status == 403
90 assert conn.halted == true
91 end
92
93 test "it assigns a nil user if the 'optional' option is used" do
94 opts = %{
95 optional: true,
96 fetcher: &fetch_user/1
97 }
98
99 header = basic_auth_enc("dude", "man")
100
101 conn =
102 build_conn()
103 |> Plug.Session.call(Plug.Session.init(@session_opts))
104 |> fetch_session
105 |> put_req_header("authorization", header)
106 |> AuthenticationPlug.call(opts)
107
108 assert %{ user: nil } == conn.assigns
109 end
110 end
111
112 describe "with a correct authorization header for an existing user" do
113 test "it assigns the user", %{conn: conn} do
114 opts = %{
115 optional: true,
116 fetcher: &fetch_user/1
117 }
118
119 header = basic_auth_enc("dude", "guy")
120
121 conn = conn
122 |> Plug.Session.call(Plug.Session.init(@session_opts))
123 |> fetch_session
124 |> put_req_header("authorization", header)
125 |> AuthenticationPlug.call(opts)
126
127 assert %{ user: @user } == conn.assigns
128 assert get_session(conn, :user_id) == @user.id
129 assert conn.halted == false
130 end
131 end
132 describe "with a user_id in the session for an existing user" do
133 test "it assigns the user", %{conn: conn} do
134 opts = %{
135 optional: true,
136 fetcher: &fetch_user/1
137 }
138
139 header = basic_auth_enc("dude", "THIS IS WRONG")
140
141 conn = conn
142 |> Plug.Session.call(Plug.Session.init(@session_opts))
143 |> fetch_session
144 |> put_session(:user_id, @user.id)
145 |> put_req_header("authorization", header)
146 |> AuthenticationPlug.call(opts)
147
148 assert %{ user: @user } == conn.assigns
149 assert get_session(conn, :user_id) == @user.id
150 assert conn.halted == false
151 end
152 end
153 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git