package Auth_test import ( "bytes" "encoding/json" "net/http" "testing" "git.tovijaeschke.xyz/tovi/Capsule/Backend/Api/Auth" "git.tovijaeschke.xyz/tovi/Capsule/Backend/Database" "git.tovijaeschke.xyz/tovi/Capsule/Backend/Tests" ) func Test_ChangePassword(t *testing.T) { client, ts, err := Tests.InitTestEnv() defer ts.Close() if err != nil { t.Errorf("Expected nil, recieved %s", err.Error()) return } d := struct { OldPassword string `json:"old_password"` NewPassword string `json:"new_password"` NewPasswordConfirm string `json:"new_password_confirm"` PrivateKey string `json:"private_key"` }{ OldPassword: "password", NewPassword: "password1", NewPasswordConfirm: "password1", PrivateKey: "", } jsonStr, _ := json.Marshal(d) req, _ := http.NewRequest("POST", ts.URL+"/api/v1/auth/change_password", bytes.NewBuffer(jsonStr)) req.Header.Set("Content-Type", "application/json") resp, err := client.Do(req) if err != nil { t.Errorf("Expected nil, recieved %s", err.Error()) return } if resp.StatusCode != http.StatusNoContent { t.Errorf("Expected %d, recieved %d", http.StatusNoContent, resp.StatusCode) return } u, err := Database.GetUserByUsername("test") if err != nil { t.Errorf("Expected nil, recieved %s", err.Error()) return } if !Auth.CheckPasswordHash("password1", u.Password) { t.Errorf("Failed to verify the password has been changed") } } func Test_ChangePasswordMismatchConfirmFails(t *testing.T) { client, ts, err := Tests.InitTestEnv() defer ts.Close() if err != nil { t.Errorf("Expected nil, recieved %s", err.Error()) return } d := struct { OldPassword string `json:"old_password"` NewPassword string `json:"new_password"` NewPasswordConfirm string `json:"new_password_confirm"` PrivateKey string `json:"private_key"` }{ OldPassword: "password", NewPassword: "password1", NewPasswordConfirm: "password2", PrivateKey: "", } jsonStr, _ := json.Marshal(d) req, _ := http.NewRequest("POST", ts.URL+"/api/v1/auth/change_password", bytes.NewBuffer(jsonStr)) req.Header.Set("Content-Type", "application/json") resp, err := client.Do(req) if err != nil { t.Errorf("Expected nil, recieved %s", err.Error()) return } if resp.StatusCode != http.StatusUnprocessableEntity { t.Errorf("Expected %d, recieved %d", http.StatusUnprocessableEntity, resp.StatusCode) } } func Test_ChangePasswordInvalidCurrentPasswordFails(t *testing.T) { client, ts, err := Tests.InitTestEnv() defer ts.Close() if err != nil { t.Errorf("Expected nil, recieved %s", err.Error()) return } d := struct { OldPassword string `json:"old_password"` NewPassword string `json:"new_password"` NewPasswordConfirm string `json:"new_password_confirm"` PrivateKey string `json:"private_key"` }{ OldPassword: "password2", NewPassword: "password1", NewPasswordConfirm: "password1", PrivateKey: "", } jsonStr, _ := json.Marshal(d) req, _ := http.NewRequest("POST", ts.URL+"/api/v1/auth/change_password", bytes.NewBuffer(jsonStr)) req.Header.Set("Content-Type", "application/json") resp, err := client.Do(req) if err != nil { t.Errorf("Expected nil, recieved %s", err.Error()) return } if resp.StatusCode != http.StatusForbidden { t.Errorf("Expected %d, recieved %d", http.StatusForbidden, resp.StatusCode) } }