github.com/volatiletech/authboss@v2.4.1+incompatible/expire/expire_test.go (about) 1 package expire 2 3 import ( 4 "context" 5 "net/http" 6 "net/http/httptest" 7 "testing" 8 "time" 9 10 "github.com/volatiletech/authboss" 11 "github.com/volatiletech/authboss/mocks" 12 ) 13 14 func TestExpireSetup(t *testing.T) { 15 ab := authboss.New() 16 17 clientRW := mocks.NewClientRW() 18 ab.Storage.SessionState = clientRW 19 20 Setup(ab) 21 22 w := httptest.NewRecorder() 23 wr := ab.NewResponse(w) 24 25 handled, err := ab.Events.FireAfter(authboss.EventAuth, wr, nil) 26 if handled { 27 t.Error("it should not handle the event") 28 } 29 if err != nil { 30 t.Error(err) 31 } 32 33 wr.WriteHeader(http.StatusOK) 34 if _, ok := clientRW.ClientValues[authboss.SessionLastAction]; !ok { 35 t.Error("last action should have been set") 36 } 37 } 38 39 func TestExpireIsExpired(t *testing.T) { 40 ab := authboss.New() 41 42 clientRW := mocks.NewClientRW() 43 clientRW.ClientValues[authboss.SessionKey] = "username" 44 clientRW.ClientValues[authboss.SessionLastAction] = time.Now().UTC().Format(time.RFC3339) 45 ab.Storage.SessionState = clientRW 46 47 r := httptest.NewRequest("GET", "/", nil) 48 r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyPID, "primaryid")) 49 r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyUser, struct{}{})) 50 w := ab.NewResponse(httptest.NewRecorder()) 51 r, err := ab.LoadClientState(w, r) 52 if err != nil { 53 t.Error(err) 54 } 55 56 // No t.Parallel() - Also must be after refreshExpiry() call 57 nowTime = func() time.Time { 58 return time.Now().UTC().Add(time.Hour * 2) 59 } 60 defer func() { 61 nowTime = time.Now 62 }() 63 64 called := false 65 hadUser := false 66 m := Middleware(ab)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 67 called = true 68 69 if r.Context().Value(authboss.CTXKeyPID) != nil { 70 hadUser = true 71 } 72 if r.Context().Value(authboss.CTXKeyUser) != nil { 73 hadUser = true 74 } 75 })) 76 77 m.ServeHTTP(w, r) 78 79 if !called { 80 t.Error("expected middleware to call handler") 81 } 82 if hadUser { 83 t.Error("expected user not to be present") 84 } 85 86 w.WriteHeader(200) 87 if _, ok := clientRW.ClientValues[authboss.SessionKey]; ok { 88 t.Error("this key should have been deleted\n", clientRW) 89 } 90 if _, ok := clientRW.ClientValues[authboss.SessionLastAction]; ok { 91 t.Error("this key should have been deleted\n", clientRW) 92 } 93 } 94 95 func TestExpireNotExpired(t *testing.T) { 96 ab := authboss.New() 97 clientRW := mocks.NewClientRW() 98 clientRW.ClientValues[authboss.SessionKey] = "username" 99 clientRW.ClientValues[authboss.SessionLastAction] = time.Now().UTC().Format(time.RFC3339) 100 ab.Storage.SessionState = clientRW 101 102 var err error 103 104 r := httptest.NewRequest("GET", "/", nil) 105 r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyPID, "primaryid")) 106 r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyUser, struct{}{})) 107 w := ab.NewResponse(httptest.NewRecorder()) 108 r, err = ab.LoadClientState(w, r) 109 if err != nil { 110 t.Error(err) 111 } 112 113 // No t.Parallel() - Also must be after refreshExpiry() call 114 newTime := time.Now().UTC().Add(ab.Modules.ExpireAfter / 2) 115 nowTime = func() time.Time { 116 return newTime 117 } 118 defer func() { 119 nowTime = time.Now 120 }() 121 122 called := false 123 hadUser := true 124 m := Middleware(ab)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 125 called = true 126 127 if r.Context().Value(authboss.CTXKeyPID) == nil { 128 hadUser = false 129 } 130 if r.Context().Value(authboss.CTXKeyUser) == nil { 131 hadUser = false 132 } 133 })) 134 135 m.ServeHTTP(w, r) 136 137 if !called { 138 t.Error("expected middleware to call handler") 139 } 140 if !hadUser { 141 t.Error("expected user to be present") 142 } 143 144 want := newTime.Format(time.RFC3339) 145 w.WriteHeader(200) 146 if last, ok := clientRW.ClientValues[authboss.SessionLastAction]; !ok { 147 t.Error("this key should be present", clientRW) 148 } else if want != last { 149 t.Error("want:", want, "got:", last) 150 } 151 } 152 153 func TestExpireTimeToExpiry(t *testing.T) { 154 t.Parallel() 155 156 r := httptest.NewRequest("GET", "/", nil) 157 158 want := 5 * time.Second 159 dur := TimeToExpiry(r, want) 160 if dur != want { 161 t.Error("duration was wrong:", dur) 162 } 163 } 164 165 func TestExpireRefreshExpiry(t *testing.T) { 166 t.Parallel() 167 168 ab := authboss.New() 169 clientRW := mocks.NewClientRW() 170 ab.Storage.SessionState = clientRW 171 r := httptest.NewRequest("GET", "/", nil) 172 w := ab.NewResponse(httptest.NewRecorder()) 173 174 RefreshExpiry(w, r) 175 w.WriteHeader(200) 176 if _, ok := clientRW.ClientValues[authboss.SessionLastAction]; !ok { 177 t.Error("this key should have been set") 178 } 179 }