summaryrefslogtreecommitdiff
path: root/users/test/unit
diff options
context:
space:
mode:
Diffstat (limited to 'users/test/unit')
-rw-r--r--users/test/unit/user_test.rb11
-rw-r--r--users/test/unit/warden_strategy_secure_remote_password_test.rb63
2 files changed, 69 insertions, 5 deletions
diff --git a/users/test/unit/user_test.rb b/users/test/unit/user_test.rb
index 822ef33..cce11c2 100644
--- a/users/test/unit/user_test.rb
+++ b/users/test/unit/user_test.rb
@@ -5,6 +5,7 @@ class UserTest < ActiveSupport::TestCase
include SRP::Util
setup do
@attribs = User.valid_attributes_hash
+ User.find_by_login(@attribs[:login]).try(:destroy)
@user = User.new(@attribs)
end
@@ -19,18 +20,18 @@ class UserTest < ActiveSupport::TestCase
end
test "test require alphanumerical for login" do
- @user.login = "qwär"
+ @user.login = "qw#r"
assert !@user.valid?
end
- test "find_by_param gets User by login" do
+ test "find_by_param gets User by id" do
@user.save
- assert_equal @user, User.find_by_param(@user.login)
+ assert_equal @user, User.find_by_param(@user.id)
@user.destroy
end
- test "to_param gives user login" do
- assert_equal @user.login, @user.to_param
+ test "to_param gives user id" do
+ assert_equal @user.id, @user.to_param
end
test "verifier returns number for the hex in password_verifier" do
diff --git a/users/test/unit/warden_strategy_secure_remote_password_test.rb b/users/test/unit/warden_strategy_secure_remote_password_test.rb
new file mode 100644
index 0000000..319809a
--- /dev/null
+++ b/users/test/unit/warden_strategy_secure_remote_password_test.rb
@@ -0,0 +1,63 @@
+class WardenStrategySecureRemotePasswordTest < ActiveSupport::TestCase
+
+# TODO : turn this into sth. real
+=begin
+ setup do
+ @user = stub :login => "me", :id => 123
+ @client_hex = 'a123'
+ @client_rnd = @client_hex.hex
+ @server_hex = 'b123'
+ @server_rnd = @server_hex.hex
+ @server_rnd_exp = 'e123'.hex
+ @salt = 'stub user salt'
+ @server_handshake = stub :aa => @client_rnd, :bb => @server_rnd, :b => @server_rnd_exp
+ @server_auth = 'adfe'
+ end
+
+
+ test "should perform handshake" do
+ @user.expects(:initialize_auth).
+ with(@client_rnd).
+ returns(@server_handshake)
+ @server_handshake.expects(:to_json).
+ returns({'B' => @server_hex, 'salt' => @salt}.to_json)
+ User.expects(:find_by_param).with(@user.login).returns(@user)
+ assert_equal @server_handshake, session[:handshake]
+ assert_response :success
+ assert_json_response :B => @server_hex, :salt => @salt
+ end
+
+ test "should report user not found" do
+ unknown = "login_that_does_not_exist"
+ User.expects(:find_by_param).with(unknown).raises(RECORD_NOT_FOUND)
+ post :create, :login => unknown
+ assert_response :success
+ assert_json_error "login" => ["unknown user"]
+ end
+
+ test "should authorize" do
+ session[:handshake] = @server_handshake
+ @server_handshake.expects(:authenticate!).
+ with(@client_rnd).
+ returns(@user)
+ @server_handshake.expects(:to_json).
+ returns({:M2 => @server_auth}.to_json)
+ post :update, :id => @user.login, :client_auth => @client_hex
+ assert_nil session[:handshake]
+ assert_json_response :M2 => @server_auth
+ assert_equal @user.id, session[:user_id]
+ end
+
+ test "should report wrong password" do
+ session[:handshake] = @server_handshake
+ @server_handshake.expects(:authenticate!).
+ with(@client_rnd).
+ raises(WRONG_PASSWORD)
+ post :update, :id => @user.login, :client_auth => @client_hex
+ assert_nil session[:handshake]
+ assert_nil session[:user_id]
+ assert_json_error "password" => ["wrong password"]
+ end
+
+=end
+end