adding test for missing secret key
This commit is contained in:
shockrah
parent
0d146f5dc1
commit
6dfc6ed687
@ -27,7 +27,7 @@ fn valid_user(secret: &str, row: &Option<(VarChar, VarChar, BigInt, Integer, UBi
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub async fn wall_entry(path: &str, pool: &Pool, params: &mut serde_json::Value) -> Result<AuthReason, mysql_async::error::Error> {
|
pub async fn wall_entry(path: &str, pool: &Pool, params: &serde_json::Value) -> Result<AuthReason, mysql_async::error::Error> {
|
||||||
// Start by Checking if the api key is in our keystore
|
// Start by Checking if the api key is in our keystore
|
||||||
if routes::is_open(path) {
|
if routes::is_open(path) {
|
||||||
Ok(AuthReason::OpenAuth)
|
Ok(AuthReason::OpenAuth)
|
||||||
@ -67,3 +67,33 @@ pub fn generate_secret() -> String {
|
|||||||
encode_config(buf,URL_SAFE)
|
encode_config(buf,URL_SAFE)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#[cfg(test)]
|
||||||
|
mod auth_tests {
|
||||||
|
use crate::testing::get_pool;
|
||||||
|
use serde_json::Value;
|
||||||
|
use mysql_async::prelude::Queryable;
|
||||||
|
|
||||||
|
#[tokio::test]
|
||||||
|
async fn missing_key() {
|
||||||
|
let pool = get_pool();
|
||||||
|
let conn = pool.get_conn().await.unwrap();
|
||||||
|
let conn = conn.drop_exec(
|
||||||
|
r#"INSERT INTO members (id, secret, name, joindate, status,permissions)
|
||||||
|
VALUES(1, "abc", "bsname", 1,0,0)
|
||||||
|
"#,
|
||||||
|
()).await.unwrap();
|
||||||
|
|
||||||
|
let params: Value = serde_json::from_str(r#"
|
||||||
|
{
|
||||||
|
"id": 1
|
||||||
|
}
|
||||||
|
"#).unwrap();
|
||||||
|
|
||||||
|
let result = super::wall_entry("/channels/list", &pool, ¶ms).await;
|
||||||
|
let _ = conn.drop_exec(r#"DELETE FROM members WHERE secret = "abc""#,()).await;
|
||||||
|
assert_eq!(true, result.is_ok());
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user