diff options
author | Julien Dessaux | 2021-07-26 18:34:25 +0200 |
---|---|---|
committer | Julien Dessaux | 2021-07-26 18:34:25 +0200 |
commit | 863e6266c02a09d84570fe6f6884b95fa458ece3 (patch) | |
tree | 3dde8c2eb8a354d6b892aae70c00cef107fc24f2 /internal/webui | |
parent | Updated dependencies (diff) | |
download | trains-863e6266c02a09d84570fe6f6884b95fa458ece3.tar.gz trains-863e6266c02a09d84570fe6f6884b95fa458ece3.tar.bz2 trains-863e6266c02a09d84570fe6f6884b95fa458ece3.zip |
Added MethodNotAllowed errors to login webui handler
Diffstat (limited to 'internal/webui')
-rw-r--r-- | internal/webui/login.go | 7 | ||||
-rw-r--r-- | internal/webui/login_test.go | 23 |
2 files changed, 28 insertions, 2 deletions
diff --git a/internal/webui/login.go b/internal/webui/login.go index c0eb109..5469dd1 100644 --- a/internal/webui/login.go +++ b/internal/webui/login.go @@ -26,7 +26,8 @@ func loginHandler(e *env, w http.ResponseWriter, r *http.Request) error { http.Redirect(w, r, "/", http.StatusFound) return nil } - if r.Method == http.MethodPost { + switch r.Method { + case http.MethodPost: r.ParseForm() // username username, ok := r.Form["username"] @@ -71,13 +72,15 @@ func loginHandler(e *env, w http.ResponseWriter, r *http.Request) error { http.SetCookie(w, &cookie) http.Redirect(w, r, "/", http.StatusFound) return nil - } else { + case http.MethodGet: p := Page{Title: "Login"} err := loginTemplate.ExecuteTemplate(w, "login.html", p) if err != nil { return newStatusError(http.StatusInternalServerError, err) } return nil + default: + return newStatusError(http.StatusMethodNotAllowed, fmt.Errorf(http.StatusText(http.StatusMethodNotAllowed))) } } else { return newStatusError(http.StatusNotFound, fmt.Errorf("Invalid path in loginHandler")) diff --git a/internal/webui/login_test.go b/internal/webui/login_test.go index fe27f7e..0d661cb 100644 --- a/internal/webui/login_test.go +++ b/internal/webui/login_test.go @@ -187,4 +187,27 @@ func TestLoginHandler(t *testing.T) { err: &statusError{http.StatusNotFound, simpleErrorMessage}, }, }) + // Test other request types + methods := []string{ + http.MethodConnect, + http.MethodDelete, + http.MethodHead, + http.MethodOptions, + http.MethodPatch, + http.MethodPut, + http.MethodTrace, + } + for _, method := range methods { + runHttpTest(t, e, loginHandler, &httpTestCase{ + name: "a login attempt with an invalid method should error", + input: httpTestInput{ + method: method, + path: "/login", + }, + expect: httpTestExpect{ + code: http.StatusMethodNotAllowed, + err: &statusError{http.StatusMethodNotAllowed, simpleErrorMessage}, + }, + }) + } } |