1 defmodule Pleroma.Plugs.AuthenticationPlugTest do
2 use Pleroma.Web.ConnCase, async: true
4 alias Pleroma.Plugs.AuthenticationPlug
7 defp fetch_nil(_name) do
14 password_hash: Comeonin.Pbkdf2.hashpwsalt("guy")
20 signing_salt: "cooldude"
23 defp fetch_user(_name) do
27 defp basic_auth_enc(username, password) do
28 "Basic " <> Base.encode64("#{username}:#{password}")
31 describe "without an authorization header" do
32 test "it halts the application" do
34 |> Plug.Session.call(Plug.Session.init(@session_opts))
36 |> AuthenticationPlug.call(%{})
38 assert conn.status == 403
39 assert conn.halted == true
42 test "it assigns a nil user if the 'optional' option is used" do
44 |> Plug.Session.call(Plug.Session.init(@session_opts))
46 |> AuthenticationPlug.call(%{optional: true})
48 assert %{ user: nil } == conn.assigns
52 describe "with an authorization header for a nonexisting user" do
53 test "it halts the application" do
56 |> Plug.Session.call(Plug.Session.init(@session_opts))
58 |> AuthenticationPlug.call(%{fetcher: &fetch_nil/1})
60 assert conn.status == 403
61 assert conn.halted == true
64 test "it assigns a nil user if the 'optional' option is used" do
67 |> Plug.Session.call(Plug.Session.init(@session_opts))
69 |> AuthenticationPlug.call(%{optional: true, fetcher: &fetch_nil/1 })
71 assert %{ user: nil } == conn.assigns
75 describe "with an incorrect authorization header for a enxisting user" do
76 test "it halts the application" do
78 fetcher: &fetch_user/1
81 header = basic_auth_enc("dude", "man")
85 |> Plug.Session.call(Plug.Session.init(@session_opts))
87 |> put_req_header("authorization", header)
88 |> AuthenticationPlug.call(opts)
90 assert conn.status == 403
91 assert conn.halted == true
94 test "it assigns a nil user if the 'optional' option is used" do
97 fetcher: &fetch_user/1
100 header = basic_auth_enc("dude", "man")
104 |> Plug.Session.call(Plug.Session.init(@session_opts))
106 |> put_req_header("authorization", header)
107 |> AuthenticationPlug.call(opts)
109 assert %{ user: nil } == conn.assigns
113 describe "with a correct authorization header for an existing user" do
114 test "it assigns the user", %{conn: conn} do
117 fetcher: &fetch_user/1
120 header = basic_auth_enc("dude", "guy")
123 |> Plug.Session.call(Plug.Session.init(@session_opts))
125 |> put_req_header("authorization", header)
126 |> AuthenticationPlug.call(opts)
128 assert %{ user: @user } == conn.assigns
129 assert get_session(conn, :user_id) == @user.id
130 assert conn.halted == false
134 describe "with a user_id in the session for an existing user" do
135 test "it assigns the user", %{conn: conn} do
138 fetcher: &fetch_user/1
141 header = basic_auth_enc("dude", "THIS IS WRONG")
144 |> Plug.Session.call(Plug.Session.init(@session_opts))
146 |> put_session(:user_id, @user.id)
147 |> put_req_header("authorization", header)
148 |> AuthenticationPlug.call(opts)
150 assert %{ user: @user } == conn.assigns
151 assert get_session(conn, :user_id) == @user.id
152 assert conn.halted == false
156 describe "with an assigned user" do
157 test "it does nothing, returning the incoming conn", %{conn: conn} do
159 |> assign(:user, @user)
161 conn_result = AuthenticationPlug.call(conn, %{})
163 assert conn == conn_result