aaron_nad/cannery
1
0
Fork 0
forked from shibao/cannery
Code Pull Requests Activity

rename to cannery

Browse Source
This commit is contained in:
shibao
2023-02-25 15:47:37 -05:00
parent bc034c0361
commit a778f5a61f
128 changed files with 999 additions and 998 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
test/cannery_web/controllers/home_controller_test.exs Normal file
View File

@ -0,0 +1,14 @@
defmodule CanneryWeb.HomeControllerTest do
@moduledoc """
Tests the home page
"""
use CanneryWeb.ConnCase
@moduletag :home_controller_test
test "GET /", %{conn: conn} do
conn = get(conn, "/")
assert html_response(conn, 200) =~ "Welcome to Cannery"
end
end

188
test/cannery_web/controllers/user_auth_test.exs Normal file
View File

@ -0,0 +1,188 @@
defmodule CanneryWeb.UserAuthTest do
@moduledoc """
Tests user auth
"""
use CanneryWeb.ConnCase, async: true
import CanneryWeb.Gettext
alias Cannery.Accounts
alias CanneryWeb.UserAuth
@moduletag :user_auth_test
@remember_me_cookie "_cannery_web_user_remember_me"
setup %{conn: conn} do
conn =
conn
|> Map.replace!(:secret_key_base, CanneryWeb.Endpoint.config(:secret_key_base))
|> init_test_session(%{})
[current_user: user_fixture() |> confirm_user(), conn: conn]
end
describe "log_in_user/3" do
test "stores the user token in the session", %{conn: conn, current_user: current_user} do
conn = UserAuth.log_in_user(conn, current_user)
assert token = get_session(conn, :user_token)
assert get_session(conn, :live_socket_id) == "users_sessions:#{Base.url_encode64(token)}"
assert redirected_to(conn) == "/"
assert Accounts.get_user_by_session_token(token)
end
test "clears everything previously stored in the session",
%{conn: conn, current_user: current_user} do
conn = conn |> put_session(:to_be_removed, "value") |> UserAuth.log_in_user(current_user)
refute get_session(conn, :to_be_removed)
end
test "redirects to the configured path", %{conn: conn, current_user: current_user} do
conn = conn |> put_session(:user_return_to, "/hello") |> UserAuth.log_in_user(current_user)
assert redirected_to(conn) == "/hello"
end
test "writes a cookie if remember_me is configured", %{conn: conn, current_user: current_user} do
conn =
conn |> fetch_cookies() |> UserAuth.log_in_user(current_user, %{"remember_me" => "true"})
assert get_session(conn, :user_token) == conn.cookies[@remember_me_cookie]
assert %{value: signed_token, max_age: max_age} = conn.resp_cookies[@remember_me_cookie]
assert signed_token != get_session(conn, :user_token)
assert max_age == 5_184_000
end
end
describe "logout_user/1" do
test "erases session and cookies", %{conn: conn, current_user: current_user} do
user_token = Accounts.generate_user_session_token(current_user)
conn =
conn
|> put_session(:user_token, user_token)
|> put_req_cookie(@remember_me_cookie, user_token)
|> fetch_cookies()
|> UserAuth.log_out_user()
refute get_session(conn, :user_token)
refute conn.cookies[@remember_me_cookie]
assert %{max_age: 0} = conn.resp_cookies[@remember_me_cookie]
assert redirected_to(conn) == "/"
refute Accounts.get_user_by_session_token(user_token)
end
test "broadcasts to the given live_socket_id", %{conn: conn} do
live_socket_id = "users_sessions:abcdef-token"
CanneryWeb.Endpoint.subscribe(live_socket_id)
conn
|> put_session(:live_socket_id, live_socket_id)
|> UserAuth.log_out_user()
assert_receive %Phoenix.Socket.Broadcast{
event: "disconnect",
topic: "users_sessions:abcdef-token"
}
end
test "works even if user is already logged out", %{conn: conn} do
conn = conn |> fetch_cookies() |> UserAuth.log_out_user()
refute get_session(conn, :user_token)
assert %{max_age: 0} = conn.resp_cookies[@remember_me_cookie]
assert redirected_to(conn) == "/"
end
end
describe "fetch_current_user/2" do
test "authenticates user from session", %{conn: conn, current_user: current_user} do
user_token = Accounts.generate_user_session_token(current_user)
conn = conn |> put_session(:user_token, user_token) |> UserAuth.fetch_current_user([])
assert conn.assigns.current_user.id == current_user.id
end
test "authenticates user from cookies", %{conn: conn, current_user: current_user} do
logged_in_conn =
conn |> fetch_cookies() |> UserAuth.log_in_user(current_user, %{"remember_me" => "true"})
user_token = logged_in_conn.cookies[@remember_me_cookie]
%{value: signed_token} = logged_in_conn.resp_cookies[@remember_me_cookie]
conn =
conn
|> put_req_cookie(@remember_me_cookie, signed_token)
|> UserAuth.fetch_current_user([])
assert get_session(conn, :user_token) == user_token
assert conn.assigns.current_user.id == current_user.id
end
test "does not authenticate if data is missing", %{conn: conn, current_user: current_user} do
_session_token = Accounts.generate_user_session_token(current_user)
conn = UserAuth.fetch_current_user(conn, [])
refute get_session(conn, :user_token)
refute conn.assigns.current_user
end
end
describe "redirect_if_user_is_authenticated/2" do
test "redirects if user is authenticated", %{conn: conn, current_user: current_user} do
conn =
conn
|> assign(:current_user, current_user)
|> UserAuth.redirect_if_user_is_authenticated([])
assert conn.halted
assert redirected_to(conn) == "/"
end
test "does not redirect if user is not authenticated", %{conn: conn} do
conn = UserAuth.redirect_if_user_is_authenticated(conn, [])
refute conn.halted
refute conn.status
end
end
describe "require_authenticated_user/2" do
test "redirects if user is not authenticated", %{conn: conn} do
conn = conn |> fetch_flash() |> UserAuth.require_authenticated_user([])
assert conn.halted
assert redirected_to(conn) == Routes.user_session_path(conn, :new)
assert get_flash(conn, :error) ==
dgettext("errors", "You must confirm your account and log in to access this page.")
end
test "stores the path to redirect to on GET", %{conn: conn} do
halted_conn =
%{conn | path_info: ["foo"], query_string: ""}
|> fetch_flash()
|> UserAuth.require_authenticated_user([])
assert halted_conn.halted
assert get_session(halted_conn, :user_return_to) == "/foo"
halted_conn =
%{conn | path_info: ["foo"], query_string: "bar=baz"}
|> fetch_flash()
|> UserAuth.require_authenticated_user([])
assert halted_conn.halted
assert get_session(halted_conn, :user_return_to) == "/foo?bar=baz"
halted_conn =
%{conn | path_info: ["/foo?bar"], method: "POST"}
|> fetch_flash()
|> UserAuth.require_authenticated_user([])
assert halted_conn.halted
refute get_session(halted_conn, :user_return_to)
end
test "does not redirect if user is authenticated", %{conn: conn, current_user: current_user} do
conn =
conn |> assign(:current_user, current_user) |> UserAuth.require_authenticated_user([])
refute conn.halted
refute conn.status
end
end
end

125
test/cannery_web/controllers/user_confirmation_controller_test.exs Normal file
View File

@ -0,0 +1,125 @@
defmodule CanneryWeb.UserConfirmationControllerTest do
@moduledoc """
Tests user confirmation
"""
use CanneryWeb.ConnCase, async: true
import CanneryWeb.Gettext
alias Cannery.{Accounts, Repo}
@moduletag :user_confirmation_controller_test
setup do
%{user: user_fixture()}
end
describe "GET /users/confirm" do
test "renders the confirmation page", %{conn: conn} do
conn = get(conn, Routes.user_confirmation_path(conn, :new))
response = html_response(conn, 200)
assert response =~ dgettext("actions", "Resend confirmation instructions")
end
end
describe "POST /users/confirm" do
@tag :capture_log
test "sends a new confirmation token", %{conn: conn, user: user} do
conn =
post(conn, Routes.user_confirmation_path(conn, :create), %{
"user" => %{"email" => user.email}
})
assert redirected_to(conn) == "/"
assert get_flash(conn, :info) =~
dgettext(
"prompts",
"If your email is in our system and it has not been confirmed yet, " <>
"you will receive an email with instructions shortly."
)
assert Repo.get_by!(Accounts.UserToken, user_id: user.id).context == "confirm"
end
test "does not send confirmation token if User is confirmed", %{conn: conn, user: user} do
Repo.update!(Accounts.User.confirm_changeset(user))
conn =
post(conn, Routes.user_confirmation_path(conn, :create), %{
"user" => %{"email" => user.email}
})
assert redirected_to(conn) == "/"
assert get_flash(conn, :info) =~
dgettext(
"prompts",
"If your email is in our system and it has not been confirmed yet, " <>
"you will receive an email with instructions shortly."
)
end
test "does not send confirmation token if email is invalid", %{conn: conn} do
conn =
post(conn, Routes.user_confirmation_path(conn, :create), %{
"user" => %{"email" => "unknown@example.com"}
})
assert redirected_to(conn) == "/"
assert get_flash(conn, :info) =~
dgettext(
"prompts",
"If your email is in our system and it has not been confirmed yet, " <>
"you will receive an email with instructions shortly."
)
assert Repo.all(Accounts.UserToken) == []
end
end
describe "GET /users/confirm/:token" do
test "confirms the given token once", %{conn: conn, user: user} do
token =
extract_user_token(fn url ->
Accounts.deliver_user_confirmation_instructions(user, url)
end)
conn = get(conn, Routes.user_confirmation_path(conn, :confirm, token))
assert redirected_to(conn) == "/"
assert get_flash(conn, :info) =~
dgettext("prompts", "%{email} confirmed successfully", email: user.email)
assert Accounts.get_user!(user.id).confirmed_at
refute get_session(conn, :user_token)
assert Repo.all(Accounts.UserToken) == []
# When not logged in
conn = get(conn, Routes.user_confirmation_path(conn, :confirm, token))
assert redirected_to(conn) == "/"
assert get_flash(conn, :error) =~
dgettext("errors", "User confirmation link is invalid or it has expired")
# When logged in
conn =
build_conn()
|> log_in_user(user)
|> get(Routes.user_confirmation_path(conn, :confirm, token))
assert redirected_to(conn) == "/"
refute get_flash(conn, :error)
end
test "does not confirm email with invalid token", %{conn: conn, user: user} do
conn = get(conn, Routes.user_confirmation_path(conn, :confirm, "oops"))
assert redirected_to(conn) == "/"
assert get_flash(conn, :error) =~
dgettext("errors", "User confirmation link is invalid or it has expired")
refute Accounts.get_user!(user.id).confirmed_at
end
end
end

54
test/cannery_web/controllers/user_registration_controller_test.exs Normal file
View File

@ -0,0 +1,54 @@
defmodule CanneryWeb.UserRegistrationControllerTest do
@moduledoc """
Tests user registration
"""
use CanneryWeb.ConnCase, async: true
import CanneryWeb.Gettext
@moduletag :user_registration_controller_test
describe "GET /users/register" do
test "renders registration page", %{conn: conn} do
conn = get(conn, Routes.user_registration_path(conn, :new))
response = html_response(conn, 200)
assert response =~ dgettext("actions", "Register")
assert response =~ dgettext("actions", "Log in")
end
test "redirects if already logged in", %{conn: conn} do
conn = conn |> log_in_user(user_fixture()) |> get(Routes.user_registration_path(conn, :new))
assert redirected_to(conn) == "/"
end
end
describe "POST /users/register" do
@tag :capture_log
test "creates account and logs the user in", %{conn: conn} do
email = unique_user_email()
conn =
post(conn, Routes.user_registration_path(conn, :create), %{
"user" => valid_user_attributes(email: email)
})
assert get_session(conn, :phoenix_flash) == %{
"info" => dgettext("prompts", "Please check your email to verify your account")
}
assert redirected_to(conn) =~ "/"
end
test "render errors for invalid data", %{conn: conn} do
conn =
post(conn, Routes.user_registration_path(conn, :create), %{
"user" => %{"email" => "with spaces", "password" => "too short"}
})
response = html_response(conn, 200)
assert response =~ gettext("Register")
assert response =~ "must have the @ sign and no spaces"
assert response =~ "should be at least 12 character"
end
end
end

133
test/cannery_web/controllers/user_reset_password_controller_test.exs Normal file
View File

@ -0,0 +1,133 @@
defmodule CanneryWeb.UserResetPasswordControllerTest do
@moduledoc """
Tests the user reset password controller
"""
use CanneryWeb.ConnCase, async: true
import CanneryWeb.Gettext
alias Cannery.{Accounts, Repo}
@moduletag :user_reset_password_controller_test
setup do
%{user: user_fixture()}
end
describe "GET /users/reset_password" do
test "renders the reset password page", %{conn: conn} do
conn = get(conn, Routes.user_reset_password_path(conn, :new))
response = html_response(conn, 200)
assert response =~ dgettext("actions", "Forgot your password?")
end
end
describe "POST /users/reset_password" do
@tag :capture_log
test "sends a new reset password token", %{conn: conn, user: user} do
conn =
post(conn, Routes.user_reset_password_path(conn, :create), %{
"user" => %{"email" => user.email}
})
assert redirected_to(conn) == "/"
assert get_flash(conn, :info) =~
dgettext(
"prompts",
"If your email is in our system, you will receive instructions to reset your password shortly."
)
assert Repo.get_by!(Accounts.UserToken, user_id: user.id).context == "reset_password"
end
test "does not send reset password token if email is invalid", %{conn: conn} do
conn =
post(conn, Routes.user_reset_password_path(conn, :create), %{
"user" => %{"email" => "unknown@example.com"}
})
assert redirected_to(conn) == "/"
assert get_flash(conn, :info) =~
dgettext(
"prompts",
"If your email is in our system, you will receive instructions to reset your password shortly."
)
assert Repo.all(Accounts.UserToken) == []
end
end
describe "GET /users/reset_password/:token" do
setup %{user: user} do
token =
extract_user_token(fn url ->
Accounts.deliver_user_reset_password_instructions(user, url)
end)
%{token: token}
end
test "renders reset password", %{conn: conn, token: token} do
conn = get(conn, Routes.user_reset_password_path(conn, :edit, token))
assert html_response(conn, 200) =~ dgettext("actions", "Reset password")
end
test "does not render reset password with invalid token", %{conn: conn} do
conn = get(conn, Routes.user_reset_password_path(conn, :edit, "oops"))
assert redirected_to(conn) == "/"
assert get_flash(conn, :error) =~
dgettext("errors", "Reset password link is invalid or it has expired")
end
end
describe "PUT /users/reset_password/:token" do
setup %{user: user} do
token =
extract_user_token(fn url ->
Accounts.deliver_user_reset_password_instructions(user, url)
end)
%{token: token}
end
test "resets password once", %{conn: conn, user: user, token: token} do
conn =
put(conn, Routes.user_reset_password_path(conn, :update, token), %{
"user" => %{
"password" => "new valid password",
"password_confirmation" => "new valid password"
}
})
assert redirected_to(conn) == Routes.user_session_path(conn, :new)
refute get_session(conn, :user_token)
assert get_flash(conn, :info) =~ dgettext("prompts", "Password reset successfully")
assert Accounts.get_user_by_email_and_password(user.email, "new valid password")
end
test "does not reset password on invalid data", %{conn: conn, token: token} do
conn =
put(conn, Routes.user_reset_password_path(conn, :update, token), %{
"user" => %{
"password" => "too short",
"password_confirmation" => "does not match"
}
})
response = html_response(conn, 200)
assert response =~ gettext("Reset password")
assert response =~ dgettext("errors", "should be at least 12 character(s)")
assert response =~ dgettext("errors", "does not match password")
end
test "does not reset password with invalid token", %{conn: conn} do
conn = put(conn, Routes.user_reset_password_path(conn, :update, "oops"))
assert redirected_to(conn) == "/"
assert get_flash(conn, :error) =~
dgettext("errors", "Reset password link is invalid or it has expired")
end
end
end

101
test/cannery_web/controllers/user_session_controller_test.exs Normal file
View File

@ -0,0 +1,101 @@
defmodule CanneryWeb.UserSessionControllerTest do
@moduledoc """
Tests the user session controller
"""
use CanneryWeb.ConnCase, async: true
import CanneryWeb.Gettext
@moduletag :user_session_controller_test
setup %{conn: conn} do
[current_user: user_fixture() |> confirm_user(), conn: conn]
end
describe "GET /users/log_in" do
test "renders log in page", %{conn: conn} do
conn = get(conn, Routes.user_session_path(conn, :new))
response = html_response(conn, 200)
assert response =~ dgettext("actions", "Log in")
end
test "redirects if already logged in", %{conn: conn, current_user: current_user} do
conn = conn |> log_in_user(current_user) |> get(Routes.user_session_path(conn, :new))
assert redirected_to(conn) == "/"
end
end
describe "POST /users/log_in" do
test "logs the user in", %{conn: conn, current_user: current_user} do
conn =
post(conn, Routes.user_session_path(conn, :create), %{
"user" => %{"email" => current_user.email, "password" => valid_user_password()}
})
assert get_session(conn, :user_token)
assert redirected_to(conn) =~ "/"
# Now do a logged in request and assert on the menu
conn = get(conn, "/")
response = html_response(conn, 200)
assert response =~ current_user.email
assert response =~ dgettext("prompts", "Are you sure you want to log out?")
end
test "logs the user in with remember me", %{conn: conn, current_user: current_user} do
conn =
post(conn, Routes.user_session_path(conn, :create), %{
"user" => %{
"email" => current_user.email,
"password" => valid_user_password(),
"remember_me" => "true"
}
})
assert conn.resp_cookies["_cannery_web_user_remember_me"]
assert redirected_to(conn) =~ "/"
end
test "logs the user in with return to", %{conn: conn, current_user: current_user} do
conn =
conn
|> init_test_session(user_return_to: "/foo/bar")
|> post(Routes.user_session_path(conn, :create), %{
"user" => %{
"email" => current_user.email,
"password" => valid_user_password()
}
})
assert redirected_to(conn) == "/foo/bar"
end
test "emits error message with invalid credentials",
%{conn: conn, current_user: current_user} do
conn =
post(conn, Routes.user_session_path(conn, :create), %{
"user" => %{"email" => current_user.email, "password" => "bad"}
})
response = html_response(conn, 200)
assert response =~ dgettext("actions", "Log in")
assert response =~ dgettext("errors", "Invalid email or password")
end
end
describe "DELETE /users/log_out" do
test "logs the user out", %{conn: conn, current_user: current_user} do
conn = conn |> log_in_user(current_user) |> delete(Routes.user_session_path(conn, :delete))
assert redirected_to(conn) == "/"
refute get_session(conn, :user_token)
assert get_flash(conn, :info) =~ gettext("Logged out successfully")
end
test "succeeds even if the user is not logged in", %{conn: conn} do
conn = delete(conn, Routes.user_session_path(conn, :delete))
assert redirected_to(conn) == "/"
refute get_session(conn, :user_token)
assert get_flash(conn, :info) =~ gettext("Logged out successfully")
end
end
end

154
test/cannery_web/controllers/user_settings_controller_test.exs Normal file
View File

@ -0,0 +1,154 @@
defmodule CanneryWeb.UserSettingsControllerTest do
@moduledoc """
Tests the user settings controller
"""
use CanneryWeb.ConnCase, async: true
import CanneryWeb.Gettext
alias Cannery.Accounts
@moduletag :user_settings_controller_test
setup :register_and_log_in_user
describe "GET /users/settings" do
test "renders settings page", %{conn: conn} do
conn = get(conn, Routes.user_settings_path(conn, :edit))
response = html_response(conn, 200)
assert response =~ gettext("Settings")
end
test "redirects if user is not logged in" do
conn = build_conn()
conn = get(conn, Routes.user_settings_path(conn, :edit))
assert redirected_to(conn) == Routes.user_session_path(conn, :new)
end
end
describe "PUT /users/settings (change password form)" do
test "updates the user password and resets tokens",
%{conn: conn, current_user: current_user} do
new_password_conn =
put(conn, Routes.user_settings_path(conn, :update), %{
"action" => "update_password",
"current_password" => valid_user_password(),
"user" => %{
"password" => "new valid password",
"password_confirmation" => "new valid password"
}
})
assert redirected_to(new_password_conn) == Routes.user_settings_path(conn, :edit)
assert get_session(new_password_conn, :user_token) != get_session(conn, :user_token)
assert get_flash(new_password_conn, :info) =~
dgettext("actions", "Password updated successfully")
assert Accounts.get_user_by_email_and_password(current_user.email, "new valid password")
end
test "does not update password on invalid data", %{conn: conn} do
old_password_conn =
put(conn, Routes.user_settings_path(conn, :update), %{
"action" => "update_password",
"current_password" => "invalid",
"user" => %{
"password" => "too short",
"password_confirmation" => "does not match"
}
})
response = html_response(old_password_conn, 200)
assert response =~ gettext("Settings")
assert response =~ dgettext("errors", "should be at least 12 character(s)")
assert response =~ dgettext("errors", "does not match password")
assert response =~ dgettext("errors", "is not valid")
assert get_session(old_password_conn, :user_token) == get_session(conn, :user_token)
end
end
describe "PUT /users/settings (change email form)" do
@tag :capture_log
test "updates the user email", %{conn: conn, current_user: current_user} do
conn =
put(conn, Routes.user_settings_path(conn, :update), %{
"action" => "update_email",
"current_password" => valid_user_password(),
"user" => %{"email" => unique_user_email()}
})
assert redirected_to(conn) == Routes.user_settings_path(conn, :edit)
assert get_flash(conn, :info) =~
dgettext(
"prompts",
"A link to confirm your email change has been sent to the new address."
)
assert Accounts.get_user_by_email(current_user.email)
end
test "does not update email on invalid data", %{conn: conn} do
conn =
put(conn, Routes.user_settings_path(conn, :update), %{
"action" => "update_email",
"current_password" => "invalid",
"user" => %{"email" => "with spaces"}
})
response = html_response(conn, 200)
assert response =~ gettext("Settings")
assert response =~ dgettext("errors", "must have the @ sign and no spaces")
assert response =~ dgettext("errors", "is not valid")
end
end
describe "GET /users/settings/confirm_email/:token" do
setup %{current_user: current_user} do
email = unique_user_email()
token =
extract_user_token(fn url ->
Accounts.deliver_update_email_instructions(
%{current_user | email: email},
current_user.email,
url
)
end)
%{token: token, email: email}
end
test "updates the user email once",
%{conn: conn, current_user: current_user, token: token, email: email} do
conn = get(conn, Routes.user_settings_path(conn, :confirm_email, token))
assert redirected_to(conn) == Routes.user_settings_path(conn, :edit)
assert get_flash(conn, :info) =~ dgettext("prompts", "Email changed successfully")
refute Accounts.get_user_by_email(current_user.email)
assert Accounts.get_user_by_email(email)
conn = get(conn, Routes.user_settings_path(conn, :confirm_email, token))
assert redirected_to(conn) == Routes.user_settings_path(conn, :edit)
assert get_flash(conn, :error) =~
dgettext("errors", "Email change link is invalid or it has expired")
end
test "does not update email with invalid token", %{conn: conn, current_user: current_user} do
conn = get(conn, Routes.user_settings_path(conn, :confirm_email, "oops"))
assert redirected_to(conn) == Routes.user_settings_path(conn, :edit)
assert get_flash(conn, :error) =~
dgettext("errors", "Email change link is invalid or it has expired")
assert Accounts.get_user_by_email(current_user.email)
end
test "redirects if user is not logged in", %{token: token} do
conn = build_conn()
conn = get(conn, Routes.user_settings_path(conn, :confirm_email, token))
assert redirected_to(conn) == Routes.user_session_path(conn, :new)
end
end
end