From dc2c6fc8a4191d9e785040ce19cd3f367cf60b2b Mon Sep 17 00:00:00 2001 From: Julien Dessaux Date: Thu, 24 Jun 2021 15:49:51 +0200 Subject: Added some more tests --- internal/webui/login_test.go | 122 +++++++++++++++++++++++++++++++------------ 1 file changed, 88 insertions(+), 34 deletions(-) (limited to 'internal') diff --git a/internal/webui/login_test.go b/internal/webui/login_test.go index 562095f..fe27f7e 100644 --- a/internal/webui/login_test.go +++ b/internal/webui/login_test.go @@ -99,38 +99,92 @@ func TestLoginHandler(t *testing.T) { setsCookie: true, }, }) - //errorNoUsername := newTestRequest(t, http.MethodPost, "/login", nil) - //// too many username fields - //dataWtfUsername := url.Values{"username": []string{"user1", "user2"}} - //errorWtfUsername, err := http.NewRequest(http.MethodPost, "/login", strings.NewReader(dataWtfUsername.Encode())) - //require.Nil(t, err) - //errorWtfUsername.Header.Add("Content-Type", "application/x-www-form-urlencoded") - //// Invalid username - //dataInvalidUsername := url.Values{"username": []string{"%"}} - //errorInvalidUsername, err := http.NewRequest(http.MethodPost, "/login", strings.NewReader(dataInvalidUsername.Encode())) - //require.Nil(t, err) - //errorInvalidUsername.Header.Add("Content-Type", "application/x-www-form-urlencoded") - //// no password field - //dataNoPassword := url.Values{"username": []string{"user1"}} - //errorNoPassword, err := http.NewRequest(http.MethodPost, "/login", strings.NewReader(dataNoPassword.Encode())) - //require.Nil(t, err) - //errorNoPassword.Header.Add("Content-Type", "application/x-www-form-urlencoded") - //// too many password fields - //dataWtfPassword := url.Values{"username": []string{"user1"}, "password": []string{"user1", "user2"}} - //errorWtfPassword, err := http.NewRequest(http.MethodPost, "/login", strings.NewReader(dataWtfPassword.Encode())) - //require.Nil(t, err) - //errorWtfPassword.Header.Add("Content-Type", "application/x-www-form-urlencoded") - //// Invalid password - //dataInvalidPassword := url.Values{"username": []string{"user1"}, "password": []string{""}} - //errorInvalidPassword, err := http.NewRequest(http.MethodPost, "/login", strings.NewReader(dataInvalidPassword.Encode())) - //require.Nil(t, err) - //errorInvalidPassword.Header.Add("Content-Type", "application/x-www-form-urlencoded") - //// run the tests - //// {"error no username", &env{dbEnv: dbEnv}, errorNoUsername, &expected{err: &statusError{code: 500, err: simpleError}}}, - //// {"error wtf username", &env{dbEnv: dbEnv}, errorWtfUsername, &expected{err: &statusError{code: 500, err: simpleError}}}, - //// {"error invalid username", &env{dbEnv: dbEnv}, errorInvalidUsername, &expected{err: &statusError{code: 500, err: simpleError}}}, - //// {"error no password", &env{dbEnv: dbEnv}, errorNoPassword, &expected{err: &statusError{code: 500, err: simpleError}}}, - //// {"error wtf password", &env{dbEnv: dbEnv}, errorWtfPassword, &expected{err: &statusError{code: 500, err: simpleError}}}, - //// {"error invalid password", &env{dbEnv: dbEnv}, errorInvalidPassword, &expected{err: &statusError{code: 500, err: simpleError}}}, - ////} + runHttpTest(t, e, loginHandler, &httpTestCase{ + name: "a login attempt without username should error", + input: httpTestInput{ + method: http.MethodPost, + path: "/login", + data: url.Values{ + "password": []string{"password1"}, + }, + }, + expect: httpTestExpect{ + code: http.StatusBadRequest, + err: &statusError{http.StatusNotFound, simpleErrorMessage}, + }, + }) + runHttpTest(t, e, loginHandler, &httpTestCase{ + name: "a login attempt with multiple usernames should error", + input: httpTestInput{ + method: http.MethodPost, + path: "/login", + data: url.Values{ + "username": []string{"user1", "user2"}, + "password": []string{"password1"}, + }, + }, + expect: httpTestExpect{ + code: http.StatusBadRequest, + err: &statusError{http.StatusNotFound, simpleErrorMessage}, + }, + }) + runHttpTest(t, e, loginHandler, &httpTestCase{ + name: "a login attempt with an invalid username should error", + input: httpTestInput{ + method: http.MethodPost, + path: "/login", + data: url.Values{ + "username": []string{"%"}, + "password": []string{"password1"}, + }, + }, + expect: httpTestExpect{ + code: http.StatusBadRequest, + err: &statusError{http.StatusNotFound, simpleErrorMessage}, + }, + }) + runHttpTest(t, e, loginHandler, &httpTestCase{ + name: "a login attempt without password should error", + input: httpTestInput{ + method: http.MethodPost, + path: "/login", + data: url.Values{ + "username": []string{"user1"}, + }, + }, + expect: httpTestExpect{ + code: http.StatusBadRequest, + err: &statusError{http.StatusNotFound, simpleErrorMessage}, + }, + }) + runHttpTest(t, e, loginHandler, &httpTestCase{ + name: "a login attempt with multiple passwords should error", + input: httpTestInput{ + method: http.MethodPost, + path: "/login", + data: url.Values{ + "username": []string{"user1"}, + "password": []string{"password1", "password2"}, + }, + }, + expect: httpTestExpect{ + code: http.StatusBadRequest, + err: &statusError{http.StatusNotFound, simpleErrorMessage}, + }, + }) + runHttpTest(t, e, loginHandler, &httpTestCase{ + name: "a login attempt with an empty password should error", + input: httpTestInput{ + method: http.MethodPost, + path: "/login", + data: url.Values{ + "username": []string{"user1"}, + "password": []string{""}, + }, + }, + expect: httpTestExpect{ + code: http.StatusBadRequest, + err: &statusError{http.StatusNotFound, simpleErrorMessage}, + }, + }) } -- cgit v1.2.3