shibao/cannery
shibao
/
cannery
1
2
Fork 1
Code Issues 11 Pull Requests Projects 1 Releases 33 Wiki Activity

pass user auth test

This commit is contained in:
shibao 2022-02-17 20:53:17 -05:00
parent 13c5ba12d2
commit 14b677996d
4 changed files with 48 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/cannery_web/controllers/user_auth.ex
View File

@ -33,6 +33,7 @@ defmodule CanneryWeb.UserAuth do
def log_in_user(conn, %User{confirmed_at: nil}, _params) do def log_in_user(conn, %User{confirmed_at: nil}, _params) do
conn conn
|> fetch_flash()
|> put_flash( |> put_flash(
:error, :error,
dgettext("errors", "You must confirm your account and log in to access this page.") dgettext("errors", "You must confirm your account and log in to access this page.")

6
priv/gettext/errors.pot
View File

@ -102,7 +102,7 @@ msgid "You are not authorized to view this page"
msgstr "" msgstr ""
#, elixir-autogen, elixir-format #, elixir-autogen, elixir-format
#: lib/cannery_web/controllers/user_auth.ex:176 #: lib/cannery_web/controllers/user_auth.ex:177
msgid "You are not authorized to view this page." msgid "You are not authorized to view this page."
msgstr "" msgstr ""
@ -148,7 +148,7 @@ msgid "Count must be less than %{count}"
msgstr "" msgstr ""
#, elixir-autogen, elixir-format #, elixir-autogen, elixir-format
#: lib/cannery_web/controllers/user_auth.ex:38 #: lib/cannery_web/controllers/user_auth.ex:39
#: lib/cannery_web/controllers/user_auth.ex:160 #: lib/cannery_web/controllers/user_auth.ex:161
msgid "You must confirm your account and log in to access this page." msgid "You must confirm your account and log in to access this page."
msgstr "" msgstr ""

59
test/cannery_web/controllers/user_auth_test.exs
View File

@ -17,30 +17,33 @@ defmodule CanneryWeb.UserAuthTest do
|> Map.replace!(:secret_key_base, CanneryWeb.Endpoint.config(:secret_key_base)) |> Map.replace!(:secret_key_base, CanneryWeb.Endpoint.config(:secret_key_base))
|> init_test_session(%{}) |> init_test_session(%{})
%{user: user_fixture(), conn: conn} [current_user: user_fixture() |> confirm_user(), conn: conn]
end end
describe "log_in_user/3" do describe "log_in_user/3" do
test "stores the user token in the session", %{conn: conn, user: user} do test "stores the user token in the session", %{conn: conn, current_user: current_user} do
conn = UserAuth.log_in_user(conn, user) conn = UserAuth.log_in_user(conn, current_user)
assert token = get_session(conn, :user_token) assert token = get_session(conn, :user_token)
assert get_session(conn, :live_socket_id) == "users_sessions:#{Base.url_encode64(token)}" assert get_session(conn, :live_socket_id) == "users_sessions:#{Base.url_encode64(token)}"
assert redirected_to(conn) == "/" assert redirected_to(conn) == "/"
assert Accounts.get_user_by_session_token(token) assert Accounts.get_user_by_session_token(token)
end end
test "clears everything previously stored in the session", %{conn: conn, user: user} do test "clears everything previously stored in the session",
conn = conn |> put_session(:to_be_removed, "value") |> UserAuth.log_in_user(user) %{conn: conn, current_user: current_user} do
conn = conn |> put_session(:to_be_removed, "value") |> UserAuth.log_in_user(current_user)
refute get_session(conn, :to_be_removed) refute get_session(conn, :to_be_removed)
end end
test "redirects to the configured path", %{conn: conn, user: user} do test "redirects to the configured path", %{conn: conn, current_user: current_user} do
conn = conn |> put_session(:user_return_to, "/hello") |> UserAuth.log_in_user(user) conn = conn |> put_session(:user_return_to, "/hello") |> UserAuth.log_in_user(current_user)
assert redirected_to(conn) == "/hello" assert redirected_to(conn) == "/hello"
end end
test "writes a cookie if remember_me is configured", %{conn: conn, user: user} do test "writes a cookie if remember_me is configured", %{conn: conn, current_user: current_user} do
conn = conn |> fetch_cookies() |> UserAuth.log_in_user(user, %{"remember_me" => "true"}) conn =
conn |> fetch_cookies() |> UserAuth.log_in_user(current_user, %{"remember_me" => "true"})
assert get_session(conn, :user_token) == conn.cookies[@remember_me_cookie] assert get_session(conn, :user_token) == conn.cookies[@remember_me_cookie]
assert %{value: signed_token, max_age: max_age} = conn.resp_cookies[@remember_me_cookie] assert %{value: signed_token, max_age: max_age} = conn.resp_cookies[@remember_me_cookie]
@ -50,8 +53,8 @@ defmodule CanneryWeb.UserAuthTest do
end end
describe "logout_user/1" do describe "logout_user/1" do
test "erases session and cookies", %{conn: conn, user: user} do test "erases session and cookies", %{conn: conn, current_user: current_user} do
user_token = Accounts.generate_user_session_token(user) user_token = Accounts.generate_user_session_token(current_user)
conn = conn =
conn conn
@ -90,15 +93,15 @@ defmodule CanneryWeb.UserAuthTest do
end end
describe "fetch_current_user/2" do describe "fetch_current_user/2" do
test "authenticates user from session", %{conn: conn, user: user} do test "authenticates user from session", %{conn: conn, current_user: current_user} do
user_token = Accounts.generate_user_session_token(user) user_token = Accounts.generate_user_session_token(current_user)
conn = conn |> put_session(:user_token, user_token) |> UserAuth.fetch_current_user([]) conn = conn |> put_session(:user_token, user_token) |> UserAuth.fetch_current_user([])
assert conn.assigns.current_user.id == user.id assert conn.assigns.current_user.id == current_user.id
end end
test "authenticates user from cookies", %{conn: conn, user: user} do test "authenticates user from cookies", %{conn: conn, current_user: current_user} do
logged_in_conn = logged_in_conn =
conn |> fetch_cookies() |> UserAuth.log_in_user(user, %{"remember_me" => "true"}) conn |> fetch_cookies() |> UserAuth.log_in_user(current_user, %{"remember_me" => "true"})
user_token = logged_in_conn.cookies[@remember_me_cookie] user_token = logged_in_conn.cookies[@remember_me_cookie]
%{value: signed_token} = logged_in_conn.resp_cookies[@remember_me_cookie] %{value: signed_token} = logged_in_conn.resp_cookies[@remember_me_cookie]
@ -109,11 +112,11 @@ defmodule CanneryWeb.UserAuthTest do
|> UserAuth.fetch_current_user([]) |> UserAuth.fetch_current_user([])
assert get_session(conn, :user_token) == user_token assert get_session(conn, :user_token) == user_token
assert conn.assigns.current_user.id == user.id assert conn.assigns.current_user.id == current_user.id
end end
test "does not authenticate if data is missing", %{conn: conn, user: user} do test "does not authenticate if data is missing", %{conn: conn, current_user: current_user} do
_ = Accounts.generate_user_session_token(user) _ = Accounts.generate_user_session_token(current_user)
conn = UserAuth.fetch_current_user(conn, []) conn = UserAuth.fetch_current_user(conn, [])
refute get_session(conn, :user_token) refute get_session(conn, :user_token)
refute conn.assigns.current_user refute conn.assigns.current_user
@ -121,8 +124,12 @@ defmodule CanneryWeb.UserAuthTest do
end end
describe "redirect_if_user_is_authenticated/2" do describe "redirect_if_user_is_authenticated/2" do
test "redirects if user is authenticated", %{conn: conn, user: user} do test "redirects if user is authenticated", %{conn: conn, current_user: current_user} do
conn = conn |> assign(:current_user, user) |> UserAuth.redirect_if_user_is_authenticated([]) conn =
conn
|> assign(:current_user, current_user)
|> UserAuth.redirect_if_user_is_authenticated([])
assert conn.halted assert conn.halted
assert redirected_to(conn) == "/" assert redirected_to(conn) == "/"
end end
@ -139,7 +146,9 @@ defmodule CanneryWeb.UserAuthTest do
conn = conn |> fetch_flash() |> UserAuth.require_authenticated_user([]) conn = conn |> fetch_flash() |> UserAuth.require_authenticated_user([])
assert conn.halted assert conn.halted
assert redirected_to(conn) == Routes.user_session_path(conn, :new) assert redirected_to(conn) == Routes.user_session_path(conn, :new)
assert get_flash(conn, :error) == dgettext("errors", "You must log in to access this page.")
assert get_flash(conn, :error) ==
dgettext("errors", "You must confirm your account and log in to access this page.")
end end
test "stores the path to redirect to on GET", %{conn: conn} do test "stores the path to redirect to on GET", %{conn: conn} do
@ -168,8 +177,10 @@ defmodule CanneryWeb.UserAuthTest do
refute get_session(halted_conn, :user_return_to) refute get_session(halted_conn, :user_return_to)
end end
test "does not redirect if user is authenticated", %{conn: conn, user: user} do test "does not redirect if user is authenticated", %{conn: conn, current_user: current_user} do
conn = conn |> assign(:current_user, user) |> UserAuth.require_authenticated_user([]) conn =
conn |> assign(:current_user, current_user) |> UserAuth.require_authenticated_user([])
refute conn.halted refute conn.halted
refute conn.status refute conn.status
end end

14
test/support/conn_case.ex
View File

@ -49,15 +49,19 @@ defmodule CanneryWeb.ConnCase do
It stores an updated connection and a registered user in the It stores an updated connection and a registered user in the
test context. test context.
""" """
@spec register_and_log_in_user(%{conn: Plug.Conn.t()}) ::
%{conn: Plug.Conn.t(), current_user: User.t()}
def register_and_log_in_user(%{conn: conn}) do def register_and_log_in_user(%{conn: conn}) do
current_user = user_fixture() current_user = user_fixture() |> confirm_user()
{:ok, %{user: current_user}} =
current_user |> Accounts.confirm_user_multi() |> Repo.transaction()
%{conn: log_in_user(conn, current_user), current_user: current_user} %{conn: log_in_user(conn, current_user), current_user: current_user}
end end
@spec confirm_user(User.t()) :: User.t()
def confirm_user(user) do
{:ok, %{user: user}} = user |> Accounts.confirm_user_multi() |> Repo.transaction()
user
end
@doc """ @doc """
Logs the given `user` into the `conn`. Logs the given `user` into the `conn`.