defmodule Pleroma.Plugs.AuthenticationPlugTest do use Pleroma.Web.ConnCase, async: true alias Pleroma.Plugs.AuthenticationPlug defp fetch_nil(_name) do {:ok, nil} end @user %{ id: 1, name: "dude", password_hash: Comeonin.Pbkdf2.hashpwsalt("guy") } defp fetch_user(_name) do {:ok, @user} end defp basic_auth_enc(username, password) do "Basic " <> Base.encode64("#{username}:#{password}") end describe "without an authorization header" do test "it halts the application" do conn = build_conn() |> AuthenticationPlug.call(%{}) assert conn.status == 403 assert conn.halted == true end test "it assigns a nil user if the 'optional' option is used" do conn = build_conn() |> AuthenticationPlug.call(%{optional: true}) assert %{ user: nil } == conn.assigns end end describe "with an authorization header for a nonexisting user" do test "it halts the application" do conn = build_conn() |> AuthenticationPlug.call(%{fetcher: &fetch_nil/1}) assert conn.status == 403 assert conn.halted == true end test "it assigns a nil user if the 'optional' option is used" do conn = build_conn() |> AuthenticationPlug.call(%{optional: true, fetcher: &fetch_nil/1 }) assert %{ user: nil } == conn.assigns end end describe "with an incorrect authorization header for a enxisting user" do test "it halts the application" do opts = %{ fetcher: &fetch_user/1 } header = basic_auth_enc("dude", "man") conn = build_conn() |> put_req_header("authorization", header) |> AuthenticationPlug.call(opts) assert conn.status == 403 assert conn.halted == true end test "it assigns a nil user if the 'optional' option is used" do opts = %{ optional: true, fetcher: &fetch_user/1 } header = basic_auth_enc("dude", "man") conn = build_conn() |> put_req_header("authorization", header) |> AuthenticationPlug.call(opts) assert %{ user: nil } == conn.assigns end end describe "with a correct authorization header for an existing user" do test "it assigns the user" do opts = %{ optional: true, fetcher: &fetch_user/1 } header = basic_auth_enc("dude", "guy") conn = build_conn() |> put_req_header("authorization", header) |> AuthenticationPlug.call(opts) assert %{ user: @user } == conn.assigns assert conn.halted == false end end end