Handlers are _named operations_, which can be exposed via routes.

Each domain module that exposes handlers does so through a `handlers` child module, ideally as a top-level symbol that can be plugged directly into Axum's `MethodRouter`. Modules could make exceptions to this - kill the doctrinaire inside yourself, after all - but none of the API modules that actually exist need such exceptions, and consistency is useful. The related details of request types, URL types, response types, errors, &c &c are then organized into modules under `handlers`, along with their respective tests.
author: Owen Jacobson <owen@grimoire.ca> 2025-06-17 02:11:45 -0400
committer: Owen Jacobson <owen@grimoire.ca> 2025-06-18 18:31:40 -0400
commit: 4e3d5ccac99b24934c972e088cd7eb02bb95df06 (patch)
tree: c94f5a42f7e734b81892c1289a1d2b566706ba7c /src/user/handlers/login/test.rs
parent: 5ed96f8e8b9d9f19ee249f5c73a5a21ef6bca09f (diff)
1 files changed, 127 insertions, 0 deletions
diff --git a/src/user/handlers/login/test.rs b/src/user/handlers/login/test.rs
new file mode 100644
index 0000000..b8f24f6
--- /dev/null
+++ b/src/user/handlers/login/test.rs
@@ -0,0 +1,127 @@
+use axum::extract::{Json, State};
+
+use crate::{test::fixtures, token::app};
+
+#[tokio::test]
+async fn correct_credentials() {
+    // Set up the environment
+
+    let app = fixtures::scratch_app().await;
+    let (name, password) = fixtures::user::create_with_password(&app, &fixtures::now()).await;
+
+    // Call the endpoint
+
+    let identity = fixtures::cookie::not_logged_in();
+    let logged_in_at = fixtures::now();
+    let request = super::Request {
+        name: name.clone(),
+        password,
+    };
+    let (identity, Json(response)) =
+        super::handler(State(app.clone()), logged_in_at, identity, Json(request))
+            .await
+            .expect("logged in with valid credentials");
+
+    // Verify the return value's basic structure
+
+    assert_eq!(name, response.name);
+    let secret = identity
+        .secret()
+        .expect("logged in with valid credentials issues an identity cookie");
+
+    // Verify the semantics
+
+    let validated_at = fixtures::now();
+    let (_, validated_login) = app
+        .tokens()
+        .validate(&secret, &validated_at)
+        .await
+        .expect("identity secret is valid");
+
+    assert_eq!(response, validated_login);
+}
+
+#[tokio::test]
+async fn invalid_name() {
+    // Set up the environment
+
+    let app = fixtures::scratch_app().await;
+
+    // Call the endpoint
+
+    let identity = fixtures::cookie::not_logged_in();
+    let logged_in_at = fixtures::now();
+    let (name, password) = fixtures::user::propose();
+    let request = super::Request {
+        name: name.clone(),
+        password,
+    };
+    let super::Error(error) =
+        super::handler(State(app.clone()), logged_in_at, identity, Json(request))
+            .await
+            .expect_err("logged in with an incorrect password fails");
+
+    // Verify the return value's basic structure
+
+    assert!(matches!(error, app::LoginError::Rejected));
+}
+
+#[tokio::test]
+async fn incorrect_password() {
+    // Set up the environment
+
+    let app = fixtures::scratch_app().await;
+    let login = fixtures::user::create(&app, &fixtures::now()).await;
+
+    // Call the endpoint
+
+    let logged_in_at = fixtures::now();
+    let identity = fixtures::cookie::not_logged_in();
+    let request = super::Request {
+        name: login.name,
+        password: fixtures::user::propose_password(),
+    };
+    let super::Error(error) =
+        super::handler(State(app.clone()), logged_in_at, identity, Json(request))
+            .await
+            .expect_err("logged in with an incorrect password");
+
+    // Verify the return value's basic structure
+
+    assert!(matches!(error, app::LoginError::Rejected));
+}
+
+#[tokio::test]
+async fn token_expires() {
+    // Set up the environment
+
+    let app = fixtures::scratch_app().await;
+    let (name, password) = fixtures::user::create_with_password(&app, &fixtures::now()).await;
+
+    // Call the endpoint
+
+    let logged_in_at = fixtures::ancient();
+    let identity = fixtures::cookie::not_logged_in();
+    let request = super::Request { name, password };
+    let (identity, _) = super::handler(State(app.clone()), logged_in_at, identity, Json(request))
+        .await
+        .expect("logged in with valid credentials");
+    let secret = identity.secret().expect("logged in with valid credentials");
+
+    // Verify the semantics
+
+    let expired_at = fixtures::now();
+    app.tokens()
+        .expire(&expired_at)
+        .await
+        .expect("expiring tokens never fails");
+
+    let verified_at = fixtures::now();
+    let error = app
+        .tokens()
+        .validate(&secret, &verified_at)
+        .await
+        .expect_err("validating an expired token");
+
+    assert!(matches!(error, app::ValidateError::InvalidToken));
+}
author	Owen Jacobson <owen@grimoire.ca>	2025-06-17 02:11:45 -0400
committer	Owen Jacobson <owen@grimoire.ca>	2025-06-18 18:31:40 -0400
commit	4e3d5ccac99b24934c972e088cd7eb02bb95df06 (patch)
tree	c94f5a42f7e734b81892c1289a1d2b566706ba7c /src/user/handlers/login/test.rs
parent	5ed96f8e8b9d9f19ee249f5c73a5a21ef6bca09f (diff)