forked from shibao/cannery
pass user auth test
This commit is contained in:
parent
13c5ba12d2
commit
14b677996d
@ -33,6 +33,7 @@ defmodule CanneryWeb.UserAuth do
|
|||||||
|
|
||||||
def log_in_user(conn, %User{confirmed_at: nil}, _params) do
|
def log_in_user(conn, %User{confirmed_at: nil}, _params) do
|
||||||
conn
|
conn
|
||||||
|
|> fetch_flash()
|
||||||
|> put_flash(
|
|> put_flash(
|
||||||
:error,
|
:error,
|
||||||
dgettext("errors", "You must confirm your account and log in to access this page.")
|
dgettext("errors", "You must confirm your account and log in to access this page.")
|
||||||
|
@ -102,7 +102,7 @@ msgid "You are not authorized to view this page"
|
|||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#, elixir-autogen, elixir-format
|
#, elixir-autogen, elixir-format
|
||||||
#: lib/cannery_web/controllers/user_auth.ex:176
|
#: lib/cannery_web/controllers/user_auth.ex:177
|
||||||
msgid "You are not authorized to view this page."
|
msgid "You are not authorized to view this page."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
@ -148,7 +148,7 @@ msgid "Count must be less than %{count}"
|
|||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#, elixir-autogen, elixir-format
|
#, elixir-autogen, elixir-format
|
||||||
#: lib/cannery_web/controllers/user_auth.ex:38
|
#: lib/cannery_web/controllers/user_auth.ex:39
|
||||||
#: lib/cannery_web/controllers/user_auth.ex:160
|
#: lib/cannery_web/controllers/user_auth.ex:161
|
||||||
msgid "You must confirm your account and log in to access this page."
|
msgid "You must confirm your account and log in to access this page."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -17,30 +17,33 @@ defmodule CanneryWeb.UserAuthTest do
|
|||||||
|> Map.replace!(:secret_key_base, CanneryWeb.Endpoint.config(:secret_key_base))
|
|> Map.replace!(:secret_key_base, CanneryWeb.Endpoint.config(:secret_key_base))
|
||||||
|> init_test_session(%{})
|
|> init_test_session(%{})
|
||||||
|
|
||||||
%{user: user_fixture(), conn: conn}
|
[current_user: user_fixture() |> confirm_user(), conn: conn]
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "log_in_user/3" do
|
describe "log_in_user/3" do
|
||||||
test "stores the user token in the session", %{conn: conn, user: user} do
|
test "stores the user token in the session", %{conn: conn, current_user: current_user} do
|
||||||
conn = UserAuth.log_in_user(conn, user)
|
conn = UserAuth.log_in_user(conn, current_user)
|
||||||
assert token = get_session(conn, :user_token)
|
assert token = get_session(conn, :user_token)
|
||||||
assert get_session(conn, :live_socket_id) == "users_sessions:#{Base.url_encode64(token)}"
|
assert get_session(conn, :live_socket_id) == "users_sessions:#{Base.url_encode64(token)}"
|
||||||
assert redirected_to(conn) == "/"
|
assert redirected_to(conn) == "/"
|
||||||
assert Accounts.get_user_by_session_token(token)
|
assert Accounts.get_user_by_session_token(token)
|
||||||
end
|
end
|
||||||
|
|
||||||
test "clears everything previously stored in the session", %{conn: conn, user: user} do
|
test "clears everything previously stored in the session",
|
||||||
conn = conn |> put_session(:to_be_removed, "value") |> UserAuth.log_in_user(user)
|
%{conn: conn, current_user: current_user} do
|
||||||
|
conn = conn |> put_session(:to_be_removed, "value") |> UserAuth.log_in_user(current_user)
|
||||||
refute get_session(conn, :to_be_removed)
|
refute get_session(conn, :to_be_removed)
|
||||||
end
|
end
|
||||||
|
|
||||||
test "redirects to the configured path", %{conn: conn, user: user} do
|
test "redirects to the configured path", %{conn: conn, current_user: current_user} do
|
||||||
conn = conn |> put_session(:user_return_to, "/hello") |> UserAuth.log_in_user(user)
|
conn = conn |> put_session(:user_return_to, "/hello") |> UserAuth.log_in_user(current_user)
|
||||||
assert redirected_to(conn) == "/hello"
|
assert redirected_to(conn) == "/hello"
|
||||||
end
|
end
|
||||||
|
|
||||||
test "writes a cookie if remember_me is configured", %{conn: conn, user: user} do
|
test "writes a cookie if remember_me is configured", %{conn: conn, current_user: current_user} do
|
||||||
conn = conn |> fetch_cookies() |> UserAuth.log_in_user(user, %{"remember_me" => "true"})
|
conn =
|
||||||
|
conn |> fetch_cookies() |> UserAuth.log_in_user(current_user, %{"remember_me" => "true"})
|
||||||
|
|
||||||
assert get_session(conn, :user_token) == conn.cookies[@remember_me_cookie]
|
assert get_session(conn, :user_token) == conn.cookies[@remember_me_cookie]
|
||||||
|
|
||||||
assert %{value: signed_token, max_age: max_age} = conn.resp_cookies[@remember_me_cookie]
|
assert %{value: signed_token, max_age: max_age} = conn.resp_cookies[@remember_me_cookie]
|
||||||
@ -50,8 +53,8 @@ defmodule CanneryWeb.UserAuthTest do
|
|||||||
end
|
end
|
||||||
|
|
||||||
describe "logout_user/1" do
|
describe "logout_user/1" do
|
||||||
test "erases session and cookies", %{conn: conn, user: user} do
|
test "erases session and cookies", %{conn: conn, current_user: current_user} do
|
||||||
user_token = Accounts.generate_user_session_token(user)
|
user_token = Accounts.generate_user_session_token(current_user)
|
||||||
|
|
||||||
conn =
|
conn =
|
||||||
conn
|
conn
|
||||||
@ -90,15 +93,15 @@ defmodule CanneryWeb.UserAuthTest do
|
|||||||
end
|
end
|
||||||
|
|
||||||
describe "fetch_current_user/2" do
|
describe "fetch_current_user/2" do
|
||||||
test "authenticates user from session", %{conn: conn, user: user} do
|
test "authenticates user from session", %{conn: conn, current_user: current_user} do
|
||||||
user_token = Accounts.generate_user_session_token(user)
|
user_token = Accounts.generate_user_session_token(current_user)
|
||||||
conn = conn |> put_session(:user_token, user_token) |> UserAuth.fetch_current_user([])
|
conn = conn |> put_session(:user_token, user_token) |> UserAuth.fetch_current_user([])
|
||||||
assert conn.assigns.current_user.id == user.id
|
assert conn.assigns.current_user.id == current_user.id
|
||||||
end
|
end
|
||||||
|
|
||||||
test "authenticates user from cookies", %{conn: conn, user: user} do
|
test "authenticates user from cookies", %{conn: conn, current_user: current_user} do
|
||||||
logged_in_conn =
|
logged_in_conn =
|
||||||
conn |> fetch_cookies() |> UserAuth.log_in_user(user, %{"remember_me" => "true"})
|
conn |> fetch_cookies() |> UserAuth.log_in_user(current_user, %{"remember_me" => "true"})
|
||||||
|
|
||||||
user_token = logged_in_conn.cookies[@remember_me_cookie]
|
user_token = logged_in_conn.cookies[@remember_me_cookie]
|
||||||
%{value: signed_token} = logged_in_conn.resp_cookies[@remember_me_cookie]
|
%{value: signed_token} = logged_in_conn.resp_cookies[@remember_me_cookie]
|
||||||
@ -109,11 +112,11 @@ defmodule CanneryWeb.UserAuthTest do
|
|||||||
|> UserAuth.fetch_current_user([])
|
|> UserAuth.fetch_current_user([])
|
||||||
|
|
||||||
assert get_session(conn, :user_token) == user_token
|
assert get_session(conn, :user_token) == user_token
|
||||||
assert conn.assigns.current_user.id == user.id
|
assert conn.assigns.current_user.id == current_user.id
|
||||||
end
|
end
|
||||||
|
|
||||||
test "does not authenticate if data is missing", %{conn: conn, user: user} do
|
test "does not authenticate if data is missing", %{conn: conn, current_user: current_user} do
|
||||||
_ = Accounts.generate_user_session_token(user)
|
_ = Accounts.generate_user_session_token(current_user)
|
||||||
conn = UserAuth.fetch_current_user(conn, [])
|
conn = UserAuth.fetch_current_user(conn, [])
|
||||||
refute get_session(conn, :user_token)
|
refute get_session(conn, :user_token)
|
||||||
refute conn.assigns.current_user
|
refute conn.assigns.current_user
|
||||||
@ -121,8 +124,12 @@ defmodule CanneryWeb.UserAuthTest do
|
|||||||
end
|
end
|
||||||
|
|
||||||
describe "redirect_if_user_is_authenticated/2" do
|
describe "redirect_if_user_is_authenticated/2" do
|
||||||
test "redirects if user is authenticated", %{conn: conn, user: user} do
|
test "redirects if user is authenticated", %{conn: conn, current_user: current_user} do
|
||||||
conn = conn |> assign(:current_user, user) |> UserAuth.redirect_if_user_is_authenticated([])
|
conn =
|
||||||
|
conn
|
||||||
|
|> assign(:current_user, current_user)
|
||||||
|
|> UserAuth.redirect_if_user_is_authenticated([])
|
||||||
|
|
||||||
assert conn.halted
|
assert conn.halted
|
||||||
assert redirected_to(conn) == "/"
|
assert redirected_to(conn) == "/"
|
||||||
end
|
end
|
||||||
@ -139,7 +146,9 @@ defmodule CanneryWeb.UserAuthTest do
|
|||||||
conn = conn |> fetch_flash() |> UserAuth.require_authenticated_user([])
|
conn = conn |> fetch_flash() |> UserAuth.require_authenticated_user([])
|
||||||
assert conn.halted
|
assert conn.halted
|
||||||
assert redirected_to(conn) == Routes.user_session_path(conn, :new)
|
assert redirected_to(conn) == Routes.user_session_path(conn, :new)
|
||||||
assert get_flash(conn, :error) == dgettext("errors", "You must log in to access this page.")
|
|
||||||
|
assert get_flash(conn, :error) ==
|
||||||
|
dgettext("errors", "You must confirm your account and log in to access this page.")
|
||||||
end
|
end
|
||||||
|
|
||||||
test "stores the path to redirect to on GET", %{conn: conn} do
|
test "stores the path to redirect to on GET", %{conn: conn} do
|
||||||
@ -168,8 +177,10 @@ defmodule CanneryWeb.UserAuthTest do
|
|||||||
refute get_session(halted_conn, :user_return_to)
|
refute get_session(halted_conn, :user_return_to)
|
||||||
end
|
end
|
||||||
|
|
||||||
test "does not redirect if user is authenticated", %{conn: conn, user: user} do
|
test "does not redirect if user is authenticated", %{conn: conn, current_user: current_user} do
|
||||||
conn = conn |> assign(:current_user, user) |> UserAuth.require_authenticated_user([])
|
conn =
|
||||||
|
conn |> assign(:current_user, current_user) |> UserAuth.require_authenticated_user([])
|
||||||
|
|
||||||
refute conn.halted
|
refute conn.halted
|
||||||
refute conn.status
|
refute conn.status
|
||||||
end
|
end
|
||||||
|
@ -49,15 +49,19 @@ defmodule CanneryWeb.ConnCase do
|
|||||||
It stores an updated connection and a registered user in the
|
It stores an updated connection and a registered user in the
|
||||||
test context.
|
test context.
|
||||||
"""
|
"""
|
||||||
|
@spec register_and_log_in_user(%{conn: Plug.Conn.t()}) ::
|
||||||
|
%{conn: Plug.Conn.t(), current_user: User.t()}
|
||||||
def register_and_log_in_user(%{conn: conn}) do
|
def register_and_log_in_user(%{conn: conn}) do
|
||||||
current_user = user_fixture()
|
current_user = user_fixture() |> confirm_user()
|
||||||
|
|
||||||
{:ok, %{user: current_user}} =
|
|
||||||
current_user |> Accounts.confirm_user_multi() |> Repo.transaction()
|
|
||||||
|
|
||||||
%{conn: log_in_user(conn, current_user), current_user: current_user}
|
%{conn: log_in_user(conn, current_user), current_user: current_user}
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@spec confirm_user(User.t()) :: User.t()
|
||||||
|
def confirm_user(user) do
|
||||||
|
{:ok, %{user: user}} = user |> Accounts.confirm_user_multi() |> Repo.transaction()
|
||||||
|
user
|
||||||
|
end
|
||||||
|
|
||||||
@doc """
|
@doc """
|
||||||
Logs the given `user` into the `conn`.
|
Logs the given `user` into the `conn`.
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user