add tests; add authentication cookie

2023-04-03 22:03:45 +02:00
parent 38d757cf4a
commit 387d93bbaf
4 changed files with 82 additions and 52 deletions
--- a/src/rest/auth.rs
+++ b/src/rest/auth.rs
@ -38,7 +38,7 @@ async fn login(
 ) -> Flash<Redirect> {
    let user = User::login(db, login.name.clone(), login.password.clone()).await;

-    //TODO: be able to use for find_by_name. This would get rid of the following match clause.
+    //TODO: be able to use ? for login. This would get rid of the following match clause.
    let user = match user {
        Ok(user) => user,
        Err(_) => {
@ -47,7 +47,7 @@ async fn login(
    };

    let user_json: String = format!("{}", json!(user));
-    cookies.add_private(Cookie::new("user", user_json));
+    cookies.add_private(Cookie::new("loggedin_user", user_json));

    Flash::success(Redirect::to("/"), "Login erfolgreich")
 }
--- a/src/rest/mod.rs
+++ b/src/rest/mod.rs
@ -1,48 +1,51 @@
-use rocket::{get, routes, Build, Rocket};
+use rocket::{catch, catchers, get, response::Redirect, routes, Build, Rocket};
 use rocket_dyn_templates::{context, Template};
 use sqlx::SqlitePool;

+use crate::model::user::User;
+
 mod auth;

 #[get("/")]
-fn index() -> Template {
+fn index(_user: User) -> Template {
    Template::render("index", context! {})
 }

+#[catch(401)] //unauthorized
+fn unauthorized_error() -> Redirect {
+    Redirect::to("/auth")
+}
+
 pub fn start(db: SqlitePool) -> Rocket<Build> {
    rocket::build()
        .manage(db)
        .mount("/", routes![index])
        .mount("/auth", auth::routes())
+        .register("/", catchers![unauthorized_error])
        .attach(Template::fairing())
 }

-//#[cfg(test)]
-//mod test {
-//    use super::start;
-//    use rocket::http::Status;
-//    use rocket::local::asynchronous::Client;
-//    use rocket::uri;
-//    use sqlx::SqlitePool;
-//
-//    #[sqlx::test]
-//    fn hello_world() {
-//        let pool = SqlitePool::connect(":memory:").await.unwrap();
-//        sqlx::query_file!("./migration.sql")
-//            .execute(&pool)
-//            .await
-//            .unwrap();
-//        sqlx::query_file!("./seeds.sql")
-//            .execute(&pool)
-//            .await
-//            .unwrap();
-//
-//        let client = Client::tracked(start())
-//            .await
-//            .expect("valid rocket instance");
-//        let response = client.get(uri!(super::index)).dispatch().await;
-//
-//        assert_eq!(response.status(), Status::Ok);
-//        assert_eq!(response.into_string().await, Some("Hello, world!".into()));
-//    }
-//}
+#[cfg(test)]
+mod test {
+    use crate::testdb;
+
+    use super::start;
+    use rocket::http::Status;
+    use rocket::local::asynchronous::Client;
+    use rocket::uri;
+    use sqlx::SqlitePool;
+
+    #[sqlx::test]
+    fn test_not_logged_in() {
+        let pool = testdb!();
+
+        let client = Client::tracked(start(pool))
+            .await
+            .expect("valid rocket instance");
+        let response = client.get(uri!(super::index)).dispatch().await;
+
+        assert_eq!(response.status(), Status::SeeOther);
+        let location = response.headers().get("Location").next().unwrap();
+        assert_eq!(location, "/auth");
+    }
+}