Token tests

This commit is contained in:
binwiederhier 2023-02-12 12:19:46 -05:00
parent 6b4971786f
commit 9131d3d521
3 changed files with 11 additions and 4 deletions

View file

@ -39,7 +39,6 @@ import (
- tiers
- api
- tokens
- MEDIUM: Test new token endpoints & never-expiring token
- LOW: UI: Flickering upgrade banner when logging in
- LOW: get rid of reservation id, replace with DELETE X-Topic: ...

View file

@ -192,7 +192,6 @@ func (s *Server) handleAccountPasswordChange(w http.ResponseWriter, r *http.Requ
}
func (s *Server) handleAccountTokenCreate(w http.ResponseWriter, r *http.Request, v *visitor) error {
// TODO rate limit
req, err := readJSONWithLimit[apiAccountTokenIssueRequest](r.Body, jsonBodyBytesLimit, true) // Allow empty body!
if err != nil {
return err
@ -228,7 +227,6 @@ func (s *Server) handleAccountTokenCreate(w http.ResponseWriter, r *http.Request
}
func (s *Server) handleAccountTokenUpdate(w http.ResponseWriter, r *http.Request, v *visitor) error {
// TODO rate limit
u := v.User()
req, err := readJSONWithLimit[apiAccountTokenUpdateRequest](r.Body, jsonBodyBytesLimit, true) // Allow empty body!
if err != nil {
@ -267,7 +265,6 @@ func (s *Server) handleAccountTokenUpdate(w http.ResponseWriter, r *http.Request
}
func (s *Server) handleAccountTokenDelete(w http.ResponseWriter, r *http.Request, v *visitor) error {
// TODO rate limit
u := v.User()
token := readParam(r, "X-Token", "Token") // DELETEs cannot have a body, and we don't want it in the path
if token == "" {

View file

@ -313,6 +313,17 @@ func TestAccount_ExtendToken(t *testing.T) {
require.Nil(t, err)
require.Equal(t, token.Token, extendedToken.Token)
require.True(t, token.Expires < extendedToken.Expires)
expires := time.Now().Add(999 * time.Hour)
body := fmt.Sprintf(`{"token":"%s", "label":"some label", "expires": %d}`, token.Token, expires.Unix())
rr = request(t, s, "PATCH", "/v1/account/token", body, map[string]string{
"Authorization": util.BearerAuth(token.Token),
})
require.Equal(t, 200, rr.Code)
token, err = util.UnmarshalJSON[apiAccountTokenResponse](io.NopCloser(rr.Body))
require.Nil(t, err)
require.Equal(t, "some label", token.Label)
require.Equal(t, expires.Unix(), token.Expires)
}
func TestAccount_ExtendToken_NoTokenProvided(t *testing.T) {