1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
extern crate mozaic4_backend;
use diesel;
use diesel::prelude::*;
use mozaic4_backend::DbConn;
use rocket::http::{ContentType, Header, Status};
use rocket::local::asynchronous::Client;
// We use a lock to synchronize between tests so DB operations don't collide.
// For now. In the future, we'll have a nice way to run each test in a DB
// transaction so we can regain concurrency.
static DB_LOCK: parking_lot::Mutex<()> = parking_lot::const_mutex(());
async fn reset_db(db: &DbConn) {
db.run(|conn| {
diesel::sql_query("TRUNCATE TABLE users, sessions")
.execute(conn)
.expect("drop all tables");
})
.await
}
macro_rules! run_test {
(|$client:ident, $conn:ident| $block:expr) => {{
let _lock = DB_LOCK.lock();
rocket::async_test(async move {
let $client = Client::tracked(mozaic4_backend::rocket())
.await
.expect("Rocket client");
let db = mozaic4_backend::DbConn::get_one($client.rocket()).await;
let $conn = db.expect("failed to get database connection for testing");
reset_db(&$conn).await;
$block
})
}};
}
pub struct BearerAuth {
token: String,
}
impl BearerAuth {
pub fn new(token: String) -> Self {
Self { token }
}
}
impl<'a> Into<Header<'a>> for BearerAuth {
fn into(self) -> Header<'a> {
Header::new("Authorization", format!("Bearer {}", self.token))
}
}
#[test]
fn test_registration() {
run_test!(|client, _conn| {
let response = client
.post("/register")
.header(ContentType::JSON)
.body(r#"{"username": "piepkonijn", "password": "geheim123"}"#)
.dispatch()
.await;
assert_eq!(response.status(), Status::Ok);
assert_eq!(response.content_type(), Some(ContentType::JSON));
let response = client
.post("/login")
.header(ContentType::JSON)
.body(r#"{"username": "piepkonijn", "password": "geheim123"}"#)
.dispatch()
.await;
assert_eq!(response.status(), Status::Ok);
let token = response.into_string().await.unwrap();
let response = client
.get("/users/me")
.header(BearerAuth::new(token))
.dispatch()
.await;
assert_eq!(response.status(), Status::Ok);
assert_eq!(response.content_type(), Some(ContentType::JSON));
let resp = response.into_string().await.unwrap();
let json: serde_json::Value = serde_json::from_str(&resp).unwrap();
assert_eq!(json["username"], "piepkonijn");
});
}
#[test]
fn test_reject_invalid_credentials() {
run_test!(|client, _conn| {
let response = client
.post("/login")
.header(ContentType::JSON)
.body(r#"{"username": "piepkonijn", "password": "letmeinplease"}"#)
.dispatch()
.await;
assert_eq!(response.status(), Status::Forbidden);
// assert_eq!(response.content_type(), Some(ContentType::JSON));
});
}
|
