aboutsummaryrefslogtreecommitdiff
path: root/internal/webui
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--internal/webui/login_test.go122
1 files changed, 88 insertions, 34 deletions
diff --git a/internal/webui/login_test.go b/internal/webui/login_test.go
index 562095f..fe27f7e 100644
--- a/internal/webui/login_test.go
+++ b/internal/webui/login_test.go
@@ -99,38 +99,92 @@ func TestLoginHandler(t *testing.T) {
setsCookie: true,
},
})
- //errorNoUsername := newTestRequest(t, http.MethodPost, "/login", nil)
- //// too many username fields
- //dataWtfUsername := url.Values{"username": []string{"user1", "user2"}}
- //errorWtfUsername, err := http.NewRequest(http.MethodPost, "/login", strings.NewReader(dataWtfUsername.Encode()))
- //require.Nil(t, err)
- //errorWtfUsername.Header.Add("Content-Type", "application/x-www-form-urlencoded")
- //// Invalid username
- //dataInvalidUsername := url.Values{"username": []string{"%"}}
- //errorInvalidUsername, err := http.NewRequest(http.MethodPost, "/login", strings.NewReader(dataInvalidUsername.Encode()))
- //require.Nil(t, err)
- //errorInvalidUsername.Header.Add("Content-Type", "application/x-www-form-urlencoded")
- //// no password field
- //dataNoPassword := url.Values{"username": []string{"user1"}}
- //errorNoPassword, err := http.NewRequest(http.MethodPost, "/login", strings.NewReader(dataNoPassword.Encode()))
- //require.Nil(t, err)
- //errorNoPassword.Header.Add("Content-Type", "application/x-www-form-urlencoded")
- //// too many password fields
- //dataWtfPassword := url.Values{"username": []string{"user1"}, "password": []string{"user1", "user2"}}
- //errorWtfPassword, err := http.NewRequest(http.MethodPost, "/login", strings.NewReader(dataWtfPassword.Encode()))
- //require.Nil(t, err)
- //errorWtfPassword.Header.Add("Content-Type", "application/x-www-form-urlencoded")
- //// Invalid password
- //dataInvalidPassword := url.Values{"username": []string{"user1"}, "password": []string{""}}
- //errorInvalidPassword, err := http.NewRequest(http.MethodPost, "/login", strings.NewReader(dataInvalidPassword.Encode()))
- //require.Nil(t, err)
- //errorInvalidPassword.Header.Add("Content-Type", "application/x-www-form-urlencoded")
- //// run the tests
- //// {"error no username", &env{dbEnv: dbEnv}, errorNoUsername, &expected{err: &statusError{code: 500, err: simpleError}}},
- //// {"error wtf username", &env{dbEnv: dbEnv}, errorWtfUsername, &expected{err: &statusError{code: 500, err: simpleError}}},
- //// {"error invalid username", &env{dbEnv: dbEnv}, errorInvalidUsername, &expected{err: &statusError{code: 500, err: simpleError}}},
- //// {"error no password", &env{dbEnv: dbEnv}, errorNoPassword, &expected{err: &statusError{code: 500, err: simpleError}}},
- //// {"error wtf password", &env{dbEnv: dbEnv}, errorWtfPassword, &expected{err: &statusError{code: 500, err: simpleError}}},
- //// {"error invalid password", &env{dbEnv: dbEnv}, errorInvalidPassword, &expected{err: &statusError{code: 500, err: simpleError}}},
- ////}
+ runHttpTest(t, e, loginHandler, &httpTestCase{
+ name: "a login attempt without username should error",
+ input: httpTestInput{
+ method: http.MethodPost,
+ path: "/login",
+ data: url.Values{
+ "password": []string{"password1"},
+ },
+ },
+ expect: httpTestExpect{
+ code: http.StatusBadRequest,
+ err: &statusError{http.StatusNotFound, simpleErrorMessage},
+ },
+ })
+ runHttpTest(t, e, loginHandler, &httpTestCase{
+ name: "a login attempt with multiple usernames should error",
+ input: httpTestInput{
+ method: http.MethodPost,
+ path: "/login",
+ data: url.Values{
+ "username": []string{"user1", "user2"},
+ "password": []string{"password1"},
+ },
+ },
+ expect: httpTestExpect{
+ code: http.StatusBadRequest,
+ err: &statusError{http.StatusNotFound, simpleErrorMessage},
+ },
+ })
+ runHttpTest(t, e, loginHandler, &httpTestCase{
+ name: "a login attempt with an invalid username should error",
+ input: httpTestInput{
+ method: http.MethodPost,
+ path: "/login",
+ data: url.Values{
+ "username": []string{"%"},
+ "password": []string{"password1"},
+ },
+ },
+ expect: httpTestExpect{
+ code: http.StatusBadRequest,
+ err: &statusError{http.StatusNotFound, simpleErrorMessage},
+ },
+ })
+ runHttpTest(t, e, loginHandler, &httpTestCase{
+ name: "a login attempt without password should error",
+ input: httpTestInput{
+ method: http.MethodPost,
+ path: "/login",
+ data: url.Values{
+ "username": []string{"user1"},
+ },
+ },
+ expect: httpTestExpect{
+ code: http.StatusBadRequest,
+ err: &statusError{http.StatusNotFound, simpleErrorMessage},
+ },
+ })
+ runHttpTest(t, e, loginHandler, &httpTestCase{
+ name: "a login attempt with multiple passwords should error",
+ input: httpTestInput{
+ method: http.MethodPost,
+ path: "/login",
+ data: url.Values{
+ "username": []string{"user1"},
+ "password": []string{"password1", "password2"},
+ },
+ },
+ expect: httpTestExpect{
+ code: http.StatusBadRequest,
+ err: &statusError{http.StatusNotFound, simpleErrorMessage},
+ },
+ })
+ runHttpTest(t, e, loginHandler, &httpTestCase{
+ name: "a login attempt with an empty password should error",
+ input: httpTestInput{
+ method: http.MethodPost,
+ path: "/login",
+ data: url.Values{
+ "username": []string{"user1"},
+ "password": []string{""},
+ },
+ },
+ expect: httpTestExpect{
+ code: http.StatusBadRequest,
+ err: &statusError{http.StatusNotFound, simpleErrorMessage},
+ },
+ })
}