]>
Commit | Line | Data |
---|---|---|
12aa0bc6 MG |
1 | #!/usr/bin/perl |
2 | use strict; | |
3 | use warnings; | |
4 | ||
9d9f4067 | 5 | use Test::More tests => 61; |
12aa0bc6 MG |
6 | BEGIN { $ENV{EMAIL_SENDER_TRANSPORT} = 'Test' } |
7 | BEGIN { use_ok('Plack::Middleware::Auth::Complex') }; | |
8 | ||
9 | use HTTP::Request::Common; | |
10 | use MIME::Base64 qw/encode_base64/; | |
11 | use Plack::Test; | |
12 | ||
13 | sub app { | |
14 | my ($env) = shift; | |
15 | [200, [], [$env->{REMOTE_USER} || 'Anon']] | |
16 | } | |
17 | ||
18 | my $auth; | |
19 | ||
20 | sub set_auth { | |
21 | my ($user, $pass) = @_; | |
22 | $auth = 'Basic ' . encode_base64 "$user:$pass" | |
23 | } | |
24 | ||
25 | sub is_http { | |
26 | my ($resp, $code, $body, $name) = @_; | |
27 | is $resp->code, $code, "$name - code"; | |
28 | is $resp->content, $body, "$name - body"; | |
29 | } | |
30 | ||
31 | my $create_table = 'CREATE TABLE users (id TEXT PRIMARY KEY, passphrase TEXT, email TEXT)'; | |
32 | my $ac = Plack::Middleware::Auth::Complex->new({ | |
4c1b8033 MG |
33 | dbi_connect => ['dbi:SQLite:dbname=:memory:'], |
34 | post_connect_cb => sub { shift->{dbh}->do($create_table) }, | |
35 | register_url => '/register', | |
36 | passwd_url => '/passwd', | |
37 | request_reset_url => '/request-reset', | |
38 | reset_url => '/reset', | |
39 | cache_max_age => 0, | |
12aa0bc6 MG |
40 | }); |
41 | ||
42 | my $app = $ac->wrap(\&app); | |
43 | my @register_args = (username => 'user', password => 'password', confirm_password => 'password', email => 'user@example.org'); | |
44 | my @passwd_args = (password => 'password', new_password => 'newpassword', confirm_new_password => 'newpassword'); | |
45 | my @reset_args = (username => 'user', new_password => 'password', confirm_new_password => 'password', token => '???:???'); | |
46 | ||
47 | test_psgi $app, sub { | |
48 | my ($cb) = @_; | |
49 | is_http $cb->(GET '/'), 200, 'Anon', 'GET /'; | |
50 | is_http $cb->(POST '/'), 200, 'Anon', 'POST /'; | |
51 | is_http $cb->(GET '/register'), 200, 'Anon', 'GET /register'; | |
52 | set_auth 'user', 'password'; | |
9d9f4067 | 53 | is_http $cb->(GET '/', Authorization => 'Hello'), 200, 'Anon', 'GET / with invalid Authorization'; |
12aa0bc6 MG |
54 | is_http $cb->(GET '/', Authorization => $auth), 200, 'Anon', 'GET / with bad user/pass'; |
55 | is_http $cb->(POST '/register'), 400, 'Missing parameter username', 'POST /register with no parameters'; | |
1f7bfc27 | 56 | is_http $cb->(POST '/register', [@register_args, username => '???'] ), 400, 'Username must match (?^as:^\w{2,20}$)', 'POST /register with bad username'; |
12aa0bc6 MG |
57 | is_http $cb->(POST '/register', [@register_args, password => '???'] ), 400, 'The two passwords do not match', 'POST /register with different passwords'; |
58 | is_http $cb->(POST '/register', \@register_args), 200, 'Registered successfully', 'POST /register with correct parameters', | |
59 | is_http $cb->(POST '/register', \@register_args), 400, 'Username already in use', 'POST /register with existing user', | |
60 | is_http $cb->(GET '/', Authorization => $auth), 200, 'user', 'GET / with correct user/pass'; | |
61 | ||
62 | is_http $cb->(POST '/passwd'), 401, 'Authorization required', 'POST /passwd without authorization'; | |
63 | is_http $cb->(POST '/passwd', Authorization => $auth), 400, 'Missing parameter password', 'POST /passwd with no parameters'; | |
64 | is_http $cb->(POST '/passwd', [@passwd_args, password => '???'], Authorization => $auth), 400, 'Incorrect password', 'POST /passwd with incorrect old password'; | |
65 | is_http $cb->(POST '/passwd', [@passwd_args, new_password => '???'], Authorization => $auth), 400, 'The two passwords do not match', 'POST /passwd with different new passwords'; | |
66 | is_http $cb->(POST '/passwd', \@passwd_args, Authorization => $auth), 200, 'Password changed successfully', 'POST /passwd with correct parameters'; | |
67 | is_http $cb->(GET '/', Authorization => $auth), 200, 'Anon', 'GET / with bad user/pass'; | |
68 | set_auth 'user', 'newpassword'; | |
69 | is_http $cb->(GET '/', Authorization => $auth), 200, 'user', 'GET / with correct user/pass'; | |
70 | ||
71 | is_http $cb->(POST '/request-reset'), 500, 'Password resets are disabled', 'POST /request-reset with password resets disabled'; | |
72 | $ac->{mail_from} = 'nobody <nobody@example.org>'; | |
73 | is_http $cb->(POST '/request-reset'), 400, 'No such user', 'POST /request-reset with no username'; | |
74 | is_http $cb->(POST '/request-reset', [username => '???']), 400, 'No such user', 'POST /request-reset with inexistent username'; | |
75 | is_http $cb->(POST '/request-reset', [username => 'user']), 200, 'Email sent', 'POST /request-reset with correct user'; | |
76 | ||
77 | my ($mail) = Email::Sender::Simple->default_transport->deliveries; | |
78 | my ($token) = $mail->{email}->get_body =~ /token: (.*)$/m; | |
79 | chomp $token; # Remove final \n | |
80 | chop $token; # Remove final \r | |
81 | ||
82 | is_http $cb->(POST '/reset'), 400, 'Missing parameter username', 'POST /reset with no parameters'; | |
83 | is_http $cb->(POST '/reset', [@reset_args, username => '???']), 400, 'No such user', 'POST /reset with inexistent username'; | |
84 | is_http $cb->(POST '/reset', [@reset_args, new_password => '???']), 400, 'The two passwords do not match', 'POST /reset with different passwords'; | |
85 | is_http $cb->(POST '/reset', \@reset_args), 400, 'Bad reset token', 'POST /reset with bad token'; | |
86 | is_http $cb->(POST '/reset', [@reset_args, token => $ac->make_reset_hmac('user', 0) . ':0']), 400, 'Reset token has expired', 'POST /reset with expired token'; | |
87 | is_http $cb->(POST '/reset', [@reset_args, token => $token]), 200, 'Password reset successfully', 'POST /reset with correct token'; | |
88 | is_http $cb->(GET '/', Authorization => $auth), 200, 'Anon', 'GET / with bad user/pass'; | |
89 | set_auth 'user', 'password'; | |
90 | is_http $cb->(GET '/', Authorization => $auth), 200, 'user', 'GET / with correct user/pass'; | |
91 | } |