mirror of
https://github.com/Xevion/Pac-Man.git
synced 2025-12-05 23:15:40 -06:00
56 lines
1.8 KiB
Rust
56 lines
1.8 KiB
Rust
mod common;
|
|
use crate::common::test_context;
|
|
use cookie::Cookie;
|
|
use pacman_server::{data::user as user_repo, session};
|
|
|
|
use pretty_assertions::assert_eq;
|
|
|
|
#[tokio::test]
|
|
async fn test_session_management() {
|
|
let context = test_context().use_database(true).call().await;
|
|
|
|
// 1. Create a user and link a provider account
|
|
let user = user_repo::create_user(&context.app_state.db, Some("test@example.com"))
|
|
.await
|
|
.unwrap();
|
|
let provider_account = user_repo::link_oauth_account(
|
|
&context.app_state.db,
|
|
user.id,
|
|
"test_provider",
|
|
"123",
|
|
Some("test@example.com"),
|
|
Some("testuser"),
|
|
None,
|
|
None,
|
|
)
|
|
.await
|
|
.unwrap();
|
|
|
|
// 2. Create a session token for the user
|
|
let auth_user = pacman_server::auth::provider::AuthUser {
|
|
id: provider_account.provider_user_id,
|
|
username: provider_account.username.unwrap(),
|
|
name: provider_account.display_name,
|
|
email: user.email,
|
|
email_verified: true,
|
|
avatar_url: provider_account.avatar_url,
|
|
};
|
|
let token = session::create_jwt_for_user("test_provider", &auth_user, &context.app_state.jwt_encoding_key);
|
|
|
|
// 3. Make a request to the protected route WITH the session, expect success
|
|
let response = context
|
|
.server
|
|
.get("/profile")
|
|
.add_cookie(Cookie::new(session::SESSION_COOKIE_NAME, token))
|
|
.await;
|
|
assert_eq!(response.status_code(), 200);
|
|
|
|
// 4. Sign out
|
|
let response = context.server.get("/logout").await;
|
|
assert_eq!(response.status_code(), 302); // Redirect after logout
|
|
|
|
// 5. Make a request to the protected route without a session, expect failure
|
|
let response = context.server.get("/profile").await;
|
|
assert_eq!(response.status_code(), 401); // Unauthorized without session
|
|
}
|