basic auth unittests

4 files changed, 55 insertions, 6 deletions

diff --git a/rust/src/api_helpers.rs b/rust/src/api_helpers.rs
index da208c0a..3c5a2e17 100644
--- a/rust/src/api_helpers.rs
+++ b/rust/src/api_helpers.rs
@@ -294,7 +294,7 @@ pub fn accept_editgroup(editgroup_id: FatCatId, conn: &DbConn) -> Result<Changel
     Ok(entry)
 }
 
-#[derive(Clone, Copy, PartialEq)]
+#[derive(Clone, Copy, PartialEq, Debug)]
 pub struct FatCatId(Uuid);
 
 impl ToString for FatCatId {
diff --git a/rust/src/auth.rs b/rust/src/auth.rs
index 8e9a6309..0fe21ebe 100644
--- a/rust/src/auth.rs
+++ b/rust/src/auth.rs
@@ -58,10 +58,7 @@ impl AuthConfectionary {
             DUMMY_KEY.to_vec())
     }
 
-    pub fn create_token(&self, conn: &DbConn, editor_id: FatCatId, expires: Option<DateTime<Utc>>) -> Result<String> {
-        let _ed: EditorRow = editor::table
-            .find(&editor_id.to_uuid())
-            .get_result(conn)?;
+    pub fn create_token(&self, editor_id: FatCatId, expires: Option<DateTime<Utc>>) -> Result<String> {
         let mut mac = Macaroon::create(&self.location, &self.key, &self.identifier).expect("Macaroon creation");
         mac.add_first_party_caveat(&format!("editor_id = {}", editor_id.to_string()));
         // TODO: put created one second in the past to prevent timing synchronization glitches?
diff --git a/rust/src/bin/fatcat-auth.rs b/rust/src/bin/fatcat-auth.rs
index 4b90da74..5a8f0f98 100644
--- a/rust/src/bin/fatcat-auth.rs
+++ b/rust/src/bin/fatcat-auth.rs
@@ -106,7 +106,11 @@ fn run() -> Result<()> {
         },
         ("create-token", Some(subm)) => {
             let editor_id = FatCatId::from_str(subm.value_of("editor-id").unwrap())?;
-            println!("{}", confectionary.create_token(&db_conn, editor_id, None)?);
+            // check that editor exists
+            let _ed: fatcat::database_models::EditorRow = fatcat::database_schema::editor::table
+                .find(&editor_id.to_uuid())
+                .get_result(&db_conn)?;
+            println!("{}", confectionary.create_token(editor_id, None)?);
         },
         ("inspect-token", Some(subm)) => {
             confectionary.inspect_token(&db_conn, subm.value_of("token").unwrap())?;
diff --git a/rust/tests/test_auth.rs b/rust/tests/test_auth.rs
new file mode 100644
index 00000000..45956036
--- /dev/null
+++ b/rust/tests/test_auth.rs
@@ -0,0 +1,48 @@
+
+extern crate fatcat;
+extern crate uuid;
+extern crate chrono;
+
+use std::str::FromStr;
+use chrono::prelude::*;
+use fatcat::auth::*;
+use fatcat::api_helpers::*;
+
+#[test]
+fn test_macaroons() {
+    // Test everything we can without connecting to database
+ 
+    let c = fatcat::auth::AuthConfectionary::new_dummy();
+    let editor_id = FatCatId::from_str("q3nouwy3nnbsvo3h5klxsx4a7y").unwrap();
+
+    // create token w/o expiration
+    c.create_token(editor_id, None).unwrap();
+
+    // create token w/ expiration
+    let tomorrow = Utc::now() + chrono::Duration::days(1);
+    c.create_token(editor_id, Some(tomorrow)).unwrap();
+}
+
+
+#[test]
+fn test_auth_db() {
+    // Test things that require database
+
+    let server = fatcat::test_server().unwrap();
+    let conn = server.db_pool.get().expect("db_pool error");
+    let c = fatcat::auth::AuthConfectionary::new_dummy();
+    let editor_id = FatCatId::from_str("aaaaaaaaaaaabkvkaaaaaaaaae").unwrap();
+
+    // create token
+    let token = c.create_token(editor_id, None).unwrap();
+
+    // verify token
+    let editor_row = c.parse_macaroon_token(&conn, &token).unwrap();
+    assert_eq!(editor_row.id, editor_id.to_uuid());
+    
+    // revoke token
+    revoke_tokens(&conn, editor_id);
+
+    // verification should fail
+    assert!(c.parse_macaroon_token(&conn, &token).is_err());
+}