badguardhome/internal/home/auth_test.go
Eugene Burkov 3045da1742 Pull request: 2271 handle nolint
Merge in DNS/adguard-home from 2271-handle-nolint to master

Closes #2271.

Squashed commit of the following:

commit fde5c8795ac79e1f7d02ba8c8e369b5a724a000e
Merge: fc2acd898 642dcd647
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Fri Nov 20 17:12:28 2020 +0300

    Merge branch 'master' into 2271-handle-nolint

commit fc2acd89871de08c39e80ace9e5bb8a7acb7afba
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Tue Nov 17 11:55:29 2020 +0300

    dnsforward: fix test output strings

commit c4ebae6ea9c293bad239519c44ca5a6c576bb921
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Mon Nov 16 22:43:20 2020 +0300

    dnsfilter: make package pass tests

commit f2d98c6acabd8977f3b1b361987eaa31eb6eb9ad
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Mon Nov 16 20:05:00 2020 +0300

    querylog: make decoding pass tests

commit ab5850d24c50d53b8393f2de448cc340241351d7
Merge: 6ed2066bf 8a9c6e8a0
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Mon Nov 16 19:48:31 2020 +0300

    Merge branch 'master' into 2271-handle-nolint

commit 6ed2066bf567e13dd14cfa16fc7b109b59fa39ef
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Mon Nov 16 18:13:45 2020 +0300

    home: fix tests naming

commit af691081fb02b7500a746b16492f01f7f9befe9a
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Mon Nov 16 12:15:49 2020 +0300

    home: impove code quality

commit 2914cd3cd23ef2a1964116baab9187d89b377f86
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Wed Nov 11 15:46:39 2020 +0300

    * querylog: remove useless check

commit 9996840650e784ccc76d1f29964560435ba27dc7
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Wed Nov 11 13:18:34 2020 +0300

    * all: fix noticed defects

commit 2b15293e59337f70302fbc0db81ebb26bee0bed2
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Tue Nov 10 20:15:53 2020 +0300

    * stats: remove last nolint directive

commit b2e1ddf7b58196a2fdbf879f084edb41ca1aa1eb
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Tue Nov 10 18:35:41 2020 +0300

    * all: remove another nolint directive

commit c6fc5cfcc9c95ab9e570a95ab41c3e5c0125e62e
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Tue Nov 10 18:11:28 2020 +0300

    * querylog: remove nolint directive

commit 226ddbf2c92f737f085b44a4ddf6daec7b602153
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Tue Nov 10 16:35:26 2020 +0300

    * home: remove nolint directive

commit 2ea3086ad41e9003282add7e996ae722d72d878b
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Tue Nov 10 16:13:57 2020 +0300

    * home: reduce cyclomatic complexity of run function

commit f479b480c48e0bb832ddef8f57586f56b8a55bab
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Tue Nov 10 15:35:46 2020 +0300

    * home: use crypto/rand instead of math/rand

commit a28d4a53e3b930136b036606fc7e78404f1d208b
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Tue Nov 10 14:11:07 2020 +0300

    * dnsforward: remove gocyclo nolint directive

commit 64a0a324cc2b20614ceec3ccc6505e960fe526e9
Author: Eugene Burkov <e.burkov@adguard.com>
Date:   Tue Nov 10 11:45:49 2020 +0300

    all *: remove some nolint directives

    Updates #2271.
2020-11-20 17:32:41 +03:00

187 lines
4.3 KiB
Go

package home
import (
"encoding/hex"
"net/http"
"net/url"
"os"
"path/filepath"
"testing"
"time"
"github.com/AdguardTeam/AdGuardHome/internal/testutil"
"github.com/stretchr/testify/assert"
)
func TestMain(m *testing.M) {
testutil.DiscardLogOutput(m)
}
func prepareTestDir() string {
const dir = "./agh-test"
_ = os.RemoveAll(dir)
_ = os.MkdirAll(dir, 0755)
return dir
}
func TestAuth(t *testing.T) {
dir := prepareTestDir()
defer func() { _ = os.RemoveAll(dir) }()
fn := filepath.Join(dir, "sessions.db")
users := []User{
User{Name: "name", PasswordHash: "$2y$05$..vyzAECIhJPfaQiOK17IukcQnqEgKJHy0iETyYqxn3YXJl8yZuo2"},
}
a := InitAuth(fn, nil, 60)
s := session{}
user := User{Name: "name"}
a.UserAdd(&user, "password")
assert.True(t, a.CheckSession("notfound") == -1)
a.RemoveSession("notfound")
sess, err := getSession(&users[0])
assert.Nil(t, err)
sessStr := hex.EncodeToString(sess)
now := time.Now().UTC().Unix()
// check expiration
s.expire = uint32(now)
a.addSession(sess, &s)
assert.True(t, a.CheckSession(sessStr) == 1)
// add session with TTL = 2 sec
s = session{}
s.expire = uint32(time.Now().UTC().Unix() + 2)
a.addSession(sess, &s)
assert.True(t, a.CheckSession(sessStr) == 0)
a.Close()
// load saved session
a = InitAuth(fn, users, 60)
// the session is still alive
assert.True(t, a.CheckSession(sessStr) == 0)
// reset our expiration time because CheckSession() has just updated it
s.expire = uint32(time.Now().UTC().Unix() + 2)
a.storeSession(sess, &s)
a.Close()
u := a.UserFind("name", "password")
assert.True(t, len(u.Name) != 0)
time.Sleep(3 * time.Second)
// load and remove expired sessions
a = InitAuth(fn, users, 60)
assert.True(t, a.CheckSession(sessStr) == -1)
a.Close()
os.Remove(fn)
}
// implements http.ResponseWriter
type testResponseWriter struct {
hdr http.Header
statusCode int
}
func (w *testResponseWriter) Header() http.Header {
return w.hdr
}
func (w *testResponseWriter) Write([]byte) (int, error) {
return 0, nil
}
func (w *testResponseWriter) WriteHeader(statusCode int) {
w.statusCode = statusCode
}
func TestAuthHTTP(t *testing.T) {
dir := prepareTestDir()
defer func() { _ = os.RemoveAll(dir) }()
fn := filepath.Join(dir, "sessions.db")
users := []User{
User{Name: "name", PasswordHash: "$2y$05$..vyzAECIhJPfaQiOK17IukcQnqEgKJHy0iETyYqxn3YXJl8yZuo2"},
}
Context.auth = InitAuth(fn, users, 60)
handlerCalled := false
handler := func(w http.ResponseWriter, r *http.Request) {
handlerCalled = true
}
handler2 := optionalAuth(handler)
w := testResponseWriter{}
w.hdr = make(http.Header)
r := http.Request{}
r.Header = make(http.Header)
r.Method = "GET"
// get / - we're redirected to login page
r.URL = &url.URL{Path: "/"}
handlerCalled = false
handler2(&w, &r)
assert.True(t, w.statusCode == http.StatusFound)
assert.True(t, w.hdr.Get("Location") != "")
assert.True(t, !handlerCalled)
// go to login page
loginURL := w.hdr.Get("Location")
r.URL = &url.URL{Path: loginURL}
handlerCalled = false
handler2(&w, &r)
assert.True(t, handlerCalled)
// perform login
cookie, err := Context.auth.httpCookie(loginJSON{Name: "name", Password: "password"})
assert.Nil(t, err)
assert.True(t, cookie != "")
// get /
handler2 = optionalAuth(handler)
w.hdr = make(http.Header)
r.Header.Set("Cookie", cookie)
r.URL = &url.URL{Path: "/"}
handlerCalled = false
handler2(&w, &r)
assert.True(t, handlerCalled)
r.Header.Del("Cookie")
// get / with basic auth
handler2 = optionalAuth(handler)
w.hdr = make(http.Header)
r.URL = &url.URL{Path: "/"}
r.SetBasicAuth("name", "password")
handlerCalled = false
handler2(&w, &r)
assert.True(t, handlerCalled)
r.Header.Del("Authorization")
// get login page with a valid cookie - we're redirected to /
handler2 = optionalAuth(handler)
w.hdr = make(http.Header)
r.Header.Set("Cookie", cookie)
r.URL = &url.URL{Path: loginURL}
handlerCalled = false
handler2(&w, &r)
assert.True(t, w.hdr.Get("Location") != "")
assert.True(t, !handlerCalled)
r.Header.Del("Cookie")
// get login page with an invalid cookie
handler2 = optionalAuth(handler)
w.hdr = make(http.Header)
r.Header.Set("Cookie", "bad")
r.URL = &url.URL{Path: loginURL}
handlerCalled = false
handler2(&w, &r)
assert.True(t, handlerCalled)
r.Header.Del("Cookie")
Context.auth.Close()
}