package AccessHandler import ( "bytes" "encoding/json" "io" "net/http" "net/http/httptest" "os" "testing" "gitea.tecamino.com/paadi/access-handler/models" "github.com/gin-gonic/gin" "github.com/go-playground/assert/v2" ) func TestDatabase(t *testing.T) { dbName := "user.db" if _, err := os.Stat(dbName); err == nil { t.Log("remove user.db to start test with empty database") if err := os.Remove(dbName); err != nil { t.Fatal(err) } } t.Log("start access handler test") t.Log("initialize accessHandler") accessHandler, err := NewAccessHandler(".", nil) if err != nil { t.Fatal(err) } r := gin.Default() accessHandler.SetMiddlewareLogger(r) r.POST("/users/add", accessHandler.AddUser) r.GET("/users", accessHandler.GetUser) r.GET("/roles", accessHandler.GetRole) r.POST("/roles/add", accessHandler.AddRole) type request struct { Log string Name string Method string Path string Payload any Cookie *http.Cookie ignoreError bool } var requests []request requests = append(requests, request{Log: "add another user", Name: "add user", Method: "POST", Path: "/users/add", Payload: models.User{ Name: "guest", Password: "passwordd1", Role: "admin", Email: "guest@gmail.com", }, ignoreError: true}, request{Log: "Get all users", Name: "get all users", Method: "GET", Path: "/users"}, request{Log: "Get user id 1", Name: "get user id 1", Method: "GET", Path: "/users?id=1"}, request{Log: "Add new role", Name: "add new role", Method: "POST", Path: "/roles/add", Payload: models.Role{ Role: "testRole", }, ignoreError: true}, request{Log: "Get all roles", Name: "get all roles", Method: "GET", Path: "/roles"}, request{Log: "Get all role id 1", Name: "get role id 1", Method: "GET", Path: "/roles?id=1"}, ) for _, request := range requests { if request.Log != "" { t.Log(request.Log) } var bodyReader io.Reader if request.Payload != nil { jsonBytes, _ := json.Marshal(request.Payload) bodyReader = bytes.NewBuffer(jsonBytes) } req, _ := http.NewRequest(request.Method, request.Path, bodyReader) if request.Cookie != nil { req.AddCookie(request.Cookie) // attach refresh_token cookie } w := httptest.NewRecorder() r.ServeHTTP(w, req) t.Log(request.Name+" response:", w.Body.String()) if !request.ignoreError { assert.Equal(t, http.StatusOK, w.Code) } } // t.Log("get user id 1") // result, err := accessHandler.GetUserByKey("user_name", "admin", false) // if err != nil { // t.Fatal(err) // } // t.Log(result) // t.Log("get user by key") // result, err = accessHandler.GetUserByKey("password", "passwordd", false) // if err != nil { // t.Fatal(err) // } // t.Log(result) // t.Log("get user by key and like") // result, err = accessHandler.GetUserByKey("user_name", "a*", true) // if err != nil { // t.Fatal(err) // } // t.Log(result) // var user_name string = "admin1" // if len(result) > 0 { // if result[0].Name == user_name { // user_name = "admin" // } // t.Log("update user to ", user_name) // accessHandler.UpdateUserByKey(models.User{ // Name: user_name, // }, "user_name", result[0].Name) // } // t.Log("read user again") // result, err = accessHandler.GetUserByKey("user_name", "a*", true) // if err != nil { // t.Fatal(err) // } // t.Log(result) // t.Log("delete user id 1") // err = accessHandler.DeleteUserByKey("user_name", user_name, false) // if err != nil { // t.Fatal(err) // } // t.Log("read user again") // result, err = accessHandler.GetUserById(0) // if err != nil { // t.Fatal(err) // } // t.Log(result) // t.Log("read admin permissions") // result1, err := accessHandler.GetRoleByKey("role", "admin", false) // if err != nil { // t.Fatal(err) // } // t.Log(result1) } func TestLoginAndAuthorization(t *testing.T) { gin.SetMode(gin.TestMode) // Setup your AccessHandler and router aH, err := NewAccessHandler(".", nil) if err != nil { t.Fatal(err) } r := gin.Default() aH.SetMiddlewareLogger(r) r.POST("/login", aH.Login) r.POST("/login/refresh", aH.Refresh) r.GET("/login/me", aH.Me) r.GET("/logout", aH.Logout) middleware := r.Group("", aH.AuthMiddleware()) auth := middleware.Group("/members", aH.AuthorizeRole("")) auth.GET("", func(ctx *gin.Context) { ctx.JSON(http.StatusOK, "ok") }) // ---- Step 1: Perform login ---- user := models.User{ Name: "guest", Password: "passwordd1", } jsonBody, _ := json.Marshal(user) req, _ := http.NewRequest(http.MethodPost, "/login", bytes.NewBuffer(jsonBody)) req.Header.Set("Content-Type", "application/json") w := httptest.NewRecorder() r.ServeHTTP(w, req) t.Log("Login response:", w.Body.String()) assert.Equal(t, http.StatusOK, w.Code) // ---- Step 2: Extract cookies ---- cookies := w.Result().Cookies() var accessCookie *http.Cookie var refreshCookie *http.Cookie for _, c := range cookies { switch c.Name { case "refresh_token": refreshCookie = c case "access_token": accessCookie = c } } if refreshCookie == nil { t.Fatal("refresh_token cookie not found") } type request struct { Name string Method string Path string Cookie *http.Cookie } var requests []request requests = append(requests, request{Name: "Refresh", Method: "POST", Path: "/login/refresh", Cookie: refreshCookie}, request{Name: "Me", Method: "GET", Path: "/login/me", Cookie: accessCookie}, request{Name: "Authorization", Method: "GET", Path: "/members", Cookie: accessCookie}, request{Name: "Logout", Method: "GET", Path: "/logout", Cookie: refreshCookie}, ) for _, request := range requests { req, _ := http.NewRequest(request.Method, request.Path, nil) if request.Cookie != nil { req.AddCookie(request.Cookie) // attach refresh_token cookie } w := httptest.NewRecorder() r.ServeHTTP(w, req) t.Log(request.Name+" response:", w.Body.String()) assert.Equal(t, http.StatusOK, w.Code) } }