drawbu.dev / compiles.at
this repo has no description
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

back(auth): fix auth and renforce tests

Clément b0f58456 c8b926a1

+39 -1
+38
backend/internal/handlers/auth_test.go
··· 1 1 package handlers_test 2 2 3 3 import ( 4 + "fmt" 4 5 "net/http" 5 6 "net/http/httptest" 6 7 "strings" 7 8 "testing" 8 9 10 + "github.com/go-chi/chi/v5" 9 11 "github.com/go-sqlx/sqlx" 10 12 "github.com/gofrs/uuid" 11 13 "golang.org/x/crypto/bcrypt" ··· 21 23 db.Exec("insert into users (id, email, password_hash) values (?, ?, ?)", uuid.Must(uuid.NewV7()), email, hashedPassword) 22 24 } 23 25 26 + func createUserToken(db *sqlx.DB, r *chi.Mux, email string) string { 27 + createUser(db, email, "password") 28 + 29 + w := httptest.NewRecorder() 30 + body := strings.NewReader(`{"email": "contact@drawbu.dev", "password": "password"}`) 31 + r.ServeHTTP(w, httptest.NewRequest(http.MethodPost, "/auth/login", body)) 32 + 33 + if w.Code != http.StatusOK { 34 + panic(fmt.Sprintf("could not login user; received %d", w.Code)) 35 + } 36 + 37 + rawHeader := w.Header().Get("Set-Cookie") 38 + token := strings.Split(strings.Split(rawHeader, ";")[0], "=")[1] 39 + if token == "" { 40 + panic("token is empty") 41 + } 42 + return token 43 + } 44 + 24 45 func TestLogin(t *testing.T) { 25 46 db := sqlx.NewDb(store.SqliteDatabase(), "sqlite") 26 47 r := router.Router(db) ··· 35 56 t.Errorf("expected status code %d, got %d", http.StatusOK, w.Code) 36 57 } 37 58 } 59 + 60 + func TestWhoAmI(t *testing.T) { 61 + db := sqlx.NewDb(store.SqliteDatabase(), "sqlite") 62 + r := router.Router(db) 63 + 64 + token := createUserToken(db, r, "contact@drawbu.dev") 65 + 66 + w := httptest.NewRecorder() 67 + body := strings.NewReader(`{"email": "contact@drawbu.dev", "password": "password"}`) 68 + req := httptest.NewRequest(http.MethodGet, "/auth/whoami", body) 69 + req.Header.Set("Cookie", fmt.Sprintf("token=%s;", token)) 70 + r.ServeHTTP(w, req) 71 + 72 + if w.Code != http.StatusOK { 73 + panic(fmt.Sprintf("expected status code %d, got %d", http.StatusOK, w.Code)) 74 + } 75 + }
+1 -1
backend/internal/services/session.go
··· 19 19 20 20 func (s *SessionService) GetUserFromSession(token string) (uuid.UUID, error) { 21 21 var userID uuid.UUID 22 - if err := s.db.Get(&token, "select user_id from \"session\" where token = ?"); err != nil { 22 + if err := s.db.Get(&userID, "select user_id from \"session\" where token = ?", token); err != nil { 23 23 return uuid.Nil, err 24 24 } 25 25 return userID, nil