2018-12-23 13:11:29 -07:00
|
|
|
# Pleroma: A lightweight social networking server
|
2020-03-03 15:44:49 -07:00
|
|
|
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
2018-12-23 13:11:29 -07:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
2020-06-23 09:16:47 -06:00
|
|
|
defmodule Pleroma.Web.Plugs.LegacyAuthenticationPlugTest do
|
2019-05-17 01:25:20 -06:00
|
|
|
use Pleroma.Web.ConnCase
|
2018-09-05 10:17:33 -06:00
|
|
|
|
2019-07-22 13:54:22 -06:00
|
|
|
import Pleroma.Factory
|
|
|
|
|
2020-06-24 04:07:47 -06:00
|
|
|
alias Pleroma.User
|
2020-06-24 01:01:40 -06:00
|
|
|
alias Pleroma.Web.Plugs.LegacyAuthenticationPlug
|
2020-06-24 00:57:27 -06:00
|
|
|
alias Pleroma.Web.Plugs.OAuthScopesPlug
|
2020-06-24 00:42:36 -06:00
|
|
|
alias Pleroma.Web.Plugs.PlugHelper
|
2018-09-05 10:17:33 -06:00
|
|
|
|
|
|
|
setup do
|
2019-07-22 13:54:22 -06:00
|
|
|
user =
|
|
|
|
insert(:user,
|
|
|
|
password: "password",
|
|
|
|
password_hash:
|
|
|
|
"$6$9psBWV8gxkGOZWBz$PmfCycChoxeJ3GgGzwvhlgacb9mUoZ.KUXNCssekER4SJ7bOK53uXrHNb2e4i8yPFgSKyzaW9CcmrDXWIEMtD1"
|
|
|
|
)
|
2018-09-05 10:17:33 -06:00
|
|
|
|
|
|
|
%{user: user}
|
|
|
|
end
|
|
|
|
|
|
|
|
test "it does nothing if a user is assigned", %{conn: conn, user: user} do
|
|
|
|
conn =
|
|
|
|
conn
|
|
|
|
|> assign(:auth_credentials, %{username: "dude", password: "password"})
|
|
|
|
|> assign(:auth_user, user)
|
|
|
|
|> assign(:user, %User{})
|
|
|
|
|
|
|
|
ret_conn =
|
|
|
|
conn
|
|
|
|
|> LegacyAuthenticationPlug.call(%{})
|
|
|
|
|
|
|
|
assert ret_conn == conn
|
|
|
|
end
|
|
|
|
|
2019-07-22 13:54:22 -06:00
|
|
|
@tag :skip_on_mac
|
2020-04-17 12:21:10 -06:00
|
|
|
test "if `auth_user` is present and password is correct, " <>
|
|
|
|
"it authenticates the user, resets the password, marks OAuthScopesPlug as skipped",
|
2018-09-05 14:30:14 -06:00
|
|
|
%{
|
|
|
|
conn: conn,
|
|
|
|
user: user
|
|
|
|
} do
|
2018-09-05 10:17:33 -06:00
|
|
|
conn =
|
|
|
|
conn
|
|
|
|
|> assign(:auth_credentials, %{username: "dude", password: "password"})
|
|
|
|
|> assign(:auth_user, user)
|
|
|
|
|
2019-07-22 13:54:22 -06:00
|
|
|
conn = LegacyAuthenticationPlug.call(conn, %{})
|
|
|
|
|
|
|
|
assert conn.assigns.user.id == user.id
|
2020-04-17 12:21:10 -06:00
|
|
|
assert PlugHelper.plug_skipped?(conn, OAuthScopesPlug)
|
2018-09-05 10:17:33 -06:00
|
|
|
end
|
|
|
|
|
2019-07-22 13:54:22 -06:00
|
|
|
@tag :skip_on_mac
|
2018-09-05 10:17:33 -06:00
|
|
|
test "it does nothing if the password is wrong", %{
|
|
|
|
conn: conn,
|
|
|
|
user: user
|
|
|
|
} do
|
|
|
|
conn =
|
|
|
|
conn
|
|
|
|
|> assign(:auth_credentials, %{username: "dude", password: "wrong_password"})
|
|
|
|
|> assign(:auth_user, user)
|
|
|
|
|
|
|
|
ret_conn =
|
|
|
|
conn
|
|
|
|
|> LegacyAuthenticationPlug.call(%{})
|
|
|
|
|
|
|
|
assert conn == ret_conn
|
|
|
|
end
|
|
|
|
|
|
|
|
test "with no credentials or user it does nothing", %{conn: conn} do
|
|
|
|
ret_conn =
|
|
|
|
conn
|
|
|
|
|> LegacyAuthenticationPlug.call(%{})
|
|
|
|
|
|
|
|
assert ret_conn == conn
|
|
|
|
end
|
|
|
|
end
|