summaryrefslogtreecommitdiffstats
path: root/rust/tests
diff options
context:
space:
mode:
authorBryan Newbold <bnewbold@robocracy.org>2019-04-09 11:42:35 -0700
committerBryan Newbold <bnewbold@robocracy.org>2019-04-09 11:42:38 -0700
commitf3192742ec0b3e99155622ef505c55c260b3bdb0 (patch)
treef7b7278e0ae49cb88f40cda0e20f0fa6791ec3c0 /rust/tests
parentaaee1355c86479ea5612d4f14f4da4e5d063d14e (diff)
downloadfatcat-f3192742ec0b3e99155622ef505c55c260b3bdb0.tar.gz
fatcat-f3192742ec0b3e99155622ef505c55c260b3bdb0.zip
rust: fix macaroon expiry check
There were two bugs with this code: the expiry timestamps were getting enclosed in double-quotes (which caused parse bugs), and the actual caveat check itself was backwards (expires < now instead of expires > now). An underlying issue was that these caveats weren't actually getting checked in the tests. Should fix a bug where users don't get auth'd correctly when logging in via mechanisms other than tokens.
Diffstat (limited to 'rust/tests')
-rw-r--r--rust/tests/test_auth.rs7
1 files changed, 7 insertions, 0 deletions
diff --git a/rust/tests/test_auth.rs b/rust/tests/test_auth.rs
index c0d81753..2faf78ec 100644
--- a/rust/tests/test_auth.rs
+++ b/rust/tests/test_auth.rs
@@ -34,6 +34,13 @@ fn test_auth_db() {
let editor_row = c.parse_macaroon_token(&conn, &token, None).unwrap();
assert_eq!(editor_row.id, editor_id.to_uuid());
+ // create token w/ expiration
+ let token = c.create_token(editor_id, Some(chrono::Duration::days(1))).unwrap();
+
+ // verify token w/ expiration
+ let editor_row = c.parse_macaroon_token(&conn, &token, None).unwrap();
+ assert_eq!(editor_row.id, editor_id.to_uuid());
+
// revoke token
auth::revoke_tokens(&conn, editor_id).unwrap();