summaryrefslogtreecommitdiff
path: root/src/login/handlers/password/test.rs
diff options
context:
space:
mode:
Diffstat (limited to 'src/login/handlers/password/test.rs')
-rw-r--r--src/login/handlers/password/test.rs47
1 files changed, 47 insertions, 0 deletions
diff --git a/src/login/handlers/password/test.rs b/src/login/handlers/password/test.rs
new file mode 100644
index 0000000..ba2f28f
--- /dev/null
+++ b/src/login/handlers/password/test.rs
@@ -0,0 +1,47 @@
+use axum::extract::{Json, State};
+
+use crate::{
+ empty::Empty,
+ test::{fixtures, verify},
+};
+
+#[tokio::test]
+async fn password_change() {
+ // Set up the environment
+ let app = fixtures::scratch_app().await;
+ let creds = fixtures::user::create_with_password(&app, &fixtures::now()).await;
+ let cookie = fixtures::cookie::logged_in(&app, &creds, &fixtures::now()).await;
+ let identity = fixtures::identity::from_cookie(&app, &cookie, &fixtures::now()).await;
+
+ // Call the endpoint
+ let (name, password) = creds;
+ let to = fixtures::user::propose_password();
+ let request = super::Request {
+ password: password.clone(),
+ to: to.clone(),
+ };
+ let (new_cookie, Empty) = super::handler(
+ State(app.clone()),
+ fixtures::now(),
+ identity.clone(),
+ cookie.clone(),
+ Json(request),
+ )
+ .await
+ .expect("changing passwords succeeds");
+
+ // Verify that we have a new session
+ assert_ne!(cookie.secret(), new_cookie.secret());
+
+ // Verify that we're still ourselves
+ verify::identity::valid_for_login(&app, &new_cookie, &identity.login).await;
+
+ // Verify that our original token is no longer valid
+ verify::identity::invalid(&app, &cookie).await;
+
+ // Verify that our original password is no longer valid
+ verify::login::invalid_login(&app, &name, &password).await;
+
+ // Verify that our new password is valid
+ verify::login::valid_login(&app, &name, &to).await;
+}
generated by cgit v1.2.3 (git 2.39.1) at 2026-01-02 07:25:59 +0000