server/test/session_test.go

package test

import (
	"fmt"
	"strings"
	"testing"

	"github.com/authorizerdev/authorizer/server/constants"
	"github.com/authorizerdev/authorizer/server/db"
	"github.com/authorizerdev/authorizer/server/envstore"
	"github.com/authorizerdev/authorizer/server/graph/model"
	"github.com/authorizerdev/authorizer/server/resolvers"
	"github.com/authorizerdev/authorizer/server/sessionstore"
	"github.com/stretchr/testify/assert"
)

func sessionTests(t *testing.T, s TestSetup) {
	t.Helper()
	t.Run(`should allow access to profile with session only`, func(t *testing.T) {
		req, ctx := createContext(s)
		email := "session." + s.TestInfo.Email

		resolvers.SignupResolver(ctx, model.SignUpInput{
			Email:           email,
			Password:        s.TestInfo.Password,
			ConfirmPassword: s.TestInfo.Password,
		})

		_, err := resolvers.SessionResolver(ctx, &model.SessionQueryInput{})
		assert.NotNil(t, err, "unauthorized")

		verificationRequest, err := db.Provider.GetVerificationRequestByEmail(email, constants.VerificationTypeBasicAuthSignup)
		verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
			Token: verificationRequest.Token,
		})

		sessions := sessionstore.GetUserSessions(verifyRes.User.ID)
		cookie := ""
		token := *verifyRes.AccessToken
		// set all they keys in cookie one of them should be session cookie
		for key := range sessions {
			if key != token {
				cookie += fmt.Sprintf("%s=%s;", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session", key)
			}
		}
		cookie = strings.TrimSuffix(cookie, ";")

		req.Header.Set("Cookie", cookie)

		_, err = resolvers.SessionResolver(ctx, &model.SessionQueryInput{})
		assert.Nil(t, err)

		cleanData(email)
	})
}
feat: add tests for all resolvers 2021-12-24 06:27:39 +05:30			`package test`

			`import (`
Add _admin_signup mutation 2022-01-09 17:35:37 +05:30			`"fmt"`
fix: auth flow 2022-03-02 17:42:31 +05:30			`"strings"`
feat: add tests for all resolvers 2021-12-24 06:27:39 +05:30			`"testing"`

Add _admin_signup mutation 2022-01-09 17:35:37 +05:30			`"github.com/authorizerdev/authorizer/server/constants"`
feat: add tests for all resolvers 2021-12-24 06:27:39 +05:30			`"github.com/authorizerdev/authorizer/server/db"`
Feat/dashboard (#105) 2022-01-17 11:32:13 +05:30			`"github.com/authorizerdev/authorizer/server/envstore"`
feat: add tests for all resolvers 2021-12-24 06:27:39 +05:30			`"github.com/authorizerdev/authorizer/server/graph/model"`
			`"github.com/authorizerdev/authorizer/server/resolvers"`
Implement refresh token logic with fingerprint + rotation 2022-01-23 01:24:41 +05:30			`"github.com/authorizerdev/authorizer/server/sessionstore"`
feat: add tests for all resolvers 2021-12-24 06:27:39 +05:30			`"github.com/stretchr/testify/assert"`
			`)`

Feat/dashboard (#105) 2022-01-17 11:32:13 +05:30			`func sessionTests(t *testing.T, s TestSetup) {`
			`t.Helper()`
feat: add tests for all resolvers 2021-12-24 06:27:39 +05:30			t.Run(`should allow access to profile with session only`, func(t *testing.T) {
			`req, ctx := createContext(s)`
			`email := "session." + s.TestInfo.Email`

Feat/dashboard (#105) 2022-01-17 11:32:13 +05:30			`resolvers.SignupResolver(ctx, model.SignUpInput{`
feat: add tests for all resolvers 2021-12-24 06:27:39 +05:30			`Email: email,`
			`Password: s.TestInfo.Password,`
			`ConfirmPassword: s.TestInfo.Password,`
			`})`

feat(server): add is_valid_jwt query 2022-01-24 00:32:06 +05:30			`_, err := resolvers.SessionResolver(ctx, &model.SessionQueryInput{})`
feat: add tests for all resolvers 2021-12-24 06:27:39 +05:30			`assert.NotNil(t, err, "unauthorized")`

fix: update to use db.Provider 2022-01-21 13:34:04 +05:30			`verificationRequest, err := db.Provider.GetVerificationRequestByEmail(email, constants.VerificationTypeBasicAuthSignup)`
Feat/dashboard (#105) 2022-01-17 11:32:13 +05:30			`verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{`
feat: add tests for all resolvers 2021-12-24 06:27:39 +05:30			`Token: verificationRequest.Token,`
			`})`

Implement refresh token logic with fingerprint + rotation 2022-01-23 01:24:41 +05:30			`sessions := sessionstore.GetUserSessions(verifyRes.User.ID)`
fix: auth flow 2022-03-02 17:42:31 +05:30			`cookie := ""`
feat: add tests for all resolvers 2021-12-24 06:27:39 +05:30			`token := *verifyRes.AccessToken`
fix: auth flow 2022-03-02 17:42:31 +05:30			`// set all they keys in cookie one of them should be session cookie`
			`for key := range sessions {`
			`if key != token {`
			`cookie += fmt.Sprintf("%s=%s;", envstore.EnvStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"_session", key)`
			`}`
			`}`
			`cookie = strings.TrimSuffix(cookie, ";")`
Add _admin_signup mutation 2022-01-09 17:35:37 +05:30
Implement refresh token logic with fingerprint + rotation 2022-01-23 01:24:41 +05:30			`req.Header.Set("Cookie", cookie)`

feat(server): add is_valid_jwt query 2022-01-24 00:32:06 +05:30			`_, err = resolvers.SessionResolver(ctx, &model.SessionQueryInput{})`
feat: add tests for all resolvers 2021-12-24 06:27:39 +05:30			`assert.Nil(t, err)`

			`cleanData(email)`
			`})`
			`}`