src/user/handlers/login/test.rs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

use axum::extract::{Json, State};

use crate::{
    empty::Empty,
    test::{fixtures, verify},
    token::app,
};

#[tokio::test]
async fn correct_credentials() {
    // Set up the environment

    let app = fixtures::scratch_app().await;
    let (name, password) = fixtures::user::create_with_password(&app, &fixtures::now()).await;

    // Call the endpoint

    let identity = fixtures::cookie::not_logged_in();
    let logged_in_at = fixtures::now();
    let request = super::Request {
        name: name.clone(),
        password,
    };
    let (identity, Empty) =
        super::handler(State(app.clone()), logged_in_at, identity, Json(request))
            .await
            .expect("logged in with valid credentials");

    // Verify the return value's basic structure

    verify::identity::valid_for_name(&app, &identity, &name).await;
}

#[tokio::test]
async fn invalid_name() {
    // Set up the environment

    let app = fixtures::scratch_app().await;

    // Call the endpoint

    let identity = fixtures::cookie::not_logged_in();
    let logged_in_at = fixtures::now();
    let (name, password) = fixtures::user::propose();
    let request = super::Request {
        name: name.clone(),
        password,
    };
    let super::Error(error) =
        super::handler(State(app.clone()), logged_in_at, identity, Json(request))
            .await
            .expect_err("logged in with an incorrect password fails");

    // Verify the return value's basic structure

    assert!(matches!(error, app::LoginError::Rejected));
}

#[tokio::test]
async fn incorrect_password() {
    // Set up the environment

    let app = fixtures::scratch_app().await;
    let login = fixtures::user::create(&app, &fixtures::now()).await;

    // Call the endpoint

    let logged_in_at = fixtures::now();
    let identity = fixtures::cookie::not_logged_in();
    let request = super::Request {
        name: login.name,
        password: fixtures::user::propose_password(),
    };
    let super::Error(error) =
        super::handler(State(app.clone()), logged_in_at, identity, Json(request))
            .await
            .expect_err("logged in with an incorrect password");

    // Verify the return value's basic structure

    assert!(matches!(error, app::LoginError::Rejected));
}

#[tokio::test]
async fn token_expires() {
    // Set up the environment

    let app = fixtures::scratch_app().await;
    let (name, password) = fixtures::user::create_with_password(&app, &fixtures::now()).await;

    // Call the endpoint

    let logged_in_at = fixtures::ancient();
    let identity = fixtures::cookie::not_logged_in();
    let request = super::Request { name, password };
    let (identity, _) = super::handler(State(app.clone()), logged_in_at, identity, Json(request))
        .await
        .expect("logged in with valid credentials");
    let secret = identity.secret().expect("logged in with valid credentials");

    // Verify the semantics

    let expired_at = fixtures::now();
    app.tokens()
        .expire(&expired_at)
        .await
        .expect("expiring tokens never fails");

    verify::token::invalid(&app, &secret).await;
}