api endpoints migrated to use auth middleware

2026-02-12 18:45:41 +00:00 · 2021-05-01 23:39:52 +05:30
parent 191e9658ec
commit a82d61ed27
10 changed files with 102 additions and 52 deletions
--- a/src/api/v1/tests/auth.rs
+++ b/src/api/v1/tests/auth.rs
@@ -130,7 +130,9 @@ async fn auth_works() {
            .to_request(),
    )
    .await;
-    assert_eq!(signout_resp.status(), StatusCode::FOUND);
+    assert_eq!(signout_resp.status(), StatusCode::OK);
+    let headers = signout_resp.headers();
+    assert_eq!(headers.get(header::LOCATION).unwrap(), "/login");
 }

 #[actix_rt::test]
--- a/src/api/v1/tests/mod.rs
+++ b/src/api/v1/tests/mod.rs
@@ -16,3 +16,4 @@
 */

 mod auth;
+mod protected;
--- a/src/api/v1/tests/protected.rs
+++ b/src/api/v1/tests/protected.rs
@@ -0,0 +1,75 @@
+/*
+* Copyright (C) 2021  Aravinth Manivannan <realaravinth@batsense.net>
+*
+* This program is free software: you can redistribute it and/or modify
+* it under the terms of the GNU Affero General Public License as
+* published by the Free Software Foundation, either version 3 of the
+* License, or (at your option) any later version.
+*
+* This program is distributed in the hope that it will be useful,
+* but WITHOUT ANY WARRANTY; without even the implied warranty of
+* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+* GNU Affero General Public License for more details.
+*
+* You should have received a copy of the GNU Affero General Public License
+* along with this program.  If not, see <https://www.gnu.org/licenses/>.
+*/
+
+use actix_web::http::StatusCode;
+use actix_web::test;
+
+use crate::data::Data;
+use crate::*;
+
+use crate::tests::*;
+
+#[actix_rt::test]
+async fn protected_routes_work() {
+    const NAME: &str = "testuser619";
+    const PASSWORD: &str = "longpassword2";
+    const EMAIL: &str = "testuser119@a.com2";
+
+    let _post_protected_urls = [
+        "/api/v1/account/secret/",
+        "/api/v1/account/email/",
+        "/api/v1/account/delete",
+        "/api/v1/mcaptcha/levels/add",
+        "/api/v1/mcaptcha/levels/update",
+        "/api/v1/mcaptcha/levels/delete",
+        "/api/v1/mcaptcha/levels/get",
+        "/api/v1/mcaptcha/domain/token/duration/update",
+        "/api/v1/mcaptcha/domain/token/duration/get",
+        "/api/v1/mcaptcha/add",
+        "/api/v1/mcaptcha/update/key",
+        "/api/v1/mcaptcha/get",
+        "/api/v1/mcaptcha/delete",
+    ];
+
+    let get_protected_urls = ["/logout"];
+
+    {
+        let data = Data::new().await;
+        delete_user(NAME, &data).await;
+    }
+
+    let (data, _, signin_resp) = register_and_signin(NAME, EMAIL, PASSWORD).await;
+    let cookies = get_cookie!(signin_resp);
+    let mut app = get_app!(data).await;
+
+    for url in get_protected_urls.iter() {
+        let resp =
+            test::call_service(&mut app, test::TestRequest::get().uri(url).to_request()).await;
+        assert_eq!(resp.status(), StatusCode::FOUND);
+
+        let authenticated_resp = test::call_service(
+            &mut app,
+            test::TestRequest::get()
+                .uri(url)
+                .cookie(cookies.clone())
+                .to_request(),
+        )
+        .await;
+
+        assert_eq!(authenticated_resp.status(), StatusCode::OK);
+    }
+}