Feat/dashboard (#105)

server/test/admin_login_test.go

@@ -0,0 +1,29 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func adminLoginTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should complete admin login`, func(t *testing.T) {
+		_, ctx := createContext(s)
+		_, err := resolvers.AdminLoginResolver(ctx, model.AdminLoginInput{
+			AdminSecret: "admin_test",
+		})
+
+		assert.NotNil(t, err)
+
+		_, err = resolvers.AdminLoginResolver(ctx, model.AdminLoginInput{
+			AdminSecret: envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminSecret).(string),
+		})
+
+		assert.Nil(t, err)
+	})
+}

server/test/admin_logout_test.go

@@ -0,0 +1,28 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/stretchr/testify/assert"
+)
+
+func adminLogoutTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should get admin session`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		_, err := resolvers.AdminLogoutResolver(ctx)
+		assert.NotNil(t, err)
+
+		h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminSecret).(string))
+		assert.Nil(t, err)
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminCookieName).(string), h))
+		_, err = resolvers.AdminLogoutResolver(ctx)
+
+		assert.Nil(t, err)
+	})
+}

server/test/admin_session_test.go

@@ -0,0 +1,30 @@
+package test
+
+import (
+	"fmt"
+	"log"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/stretchr/testify/assert"
+)
+
+func adminSessionTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should get admin session`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		_, err := resolvers.AdminSessionResolver(ctx)
+		log.Println("error:", err)
+		assert.NotNil(t, err)
+
+		h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminSecret).(string))
+		assert.Nil(t, err)
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminCookieName).(string), h))
+		_, err = resolvers.AdminSessionResolver(ctx)
+
+		assert.Nil(t, err)
+	})
+}

server/test/admin_signup_test.go

@@ -0,0 +1,32 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/google/uuid"
+	"github.com/stretchr/testify/assert"
+)
+
+func adminSignupTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should complete admin login`, func(t *testing.T) {
+		_, ctx := createContext(s)
+		_, err := resolvers.AdminSignupResolver(ctx, model.AdminSignupInput{
+			AdminSecret: "admin",
+		})
+
+		assert.NotNil(t, err)
+		// reset env for test to pass
+		envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.EnvKeyAdminSecret, "")
+
+		_, err = resolvers.AdminSignupResolver(ctx, model.AdminSignupInput{
+			AdminSecret: uuid.New().String(),
+		})
+
+		assert.Nil(t, err)
+	})
+}

server/test/config_test.go

@@ -0,0 +1,31 @@
+package test
+
+import (
+	"fmt"
+	"log"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/stretchr/testify/assert"
+)
+
+func configTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should get config`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		_, err := resolvers.ConfigResolver(ctx)
+		log.Println("error:", err)
+		assert.NotNil(t, err)
+
+		h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminSecret).(string))
+		assert.Nil(t, err)
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminCookieName).(string), h))
+		res, err := resolvers.ConfigResolver(ctx)
+
+		assert.Nil(t, err)
+		assert.Equal(t, *res.AdminSecret, envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminSecret).(string))
+	})
+}

server/test/cors_test.go

@@ -0,0 +1,27 @@
+package test
+
+import (
+	"net/http"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestCors(t *testing.T) {
+	allowedOrigin := "http://localhost:8080" // The allowed origin that you want to check
+	notAllowedOrigin := "http://myapp.com"
+
+	s := testSetup()
+	defer s.Server.Close()
+	client := &http.Client{}
+
+	req, _ := createContext(s)
+	req.Header.Add("Origin", allowedOrigin)
+	res, _ := client.Do(req)
+
+	// You should get your origin (or a * depending on your config) if the
+	// passed origin is allowed.
+	o := res.Header.Get("Access-Control-Allow-Origin")
+	assert.NotEqual(t, o, notAllowedOrigin, "Origins should not match")
+	assert.Equal(t, o, allowedOrigin, "Origins do match")
+}

server/test/delete_user_test.go

@@ -0,0 +1,41 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/stretchr/testify/assert"
+)
+
+func deleteUserTest(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should delete users with admin secret only`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		email := "delete_user." + s.TestInfo.Email
+		resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		_, err := resolvers.DeleteUserResolver(ctx, model.DeleteUserInput{
+			Email: email,
+		})
+		assert.NotNil(t, err, "unauthorized")
+
+		h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminSecret).(string))
+		assert.Nil(t, err)
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminCookieName).(string), h))
+
+		_, err = resolvers.DeleteUserResolver(ctx, model.DeleteUserInput{
+			Email: email,
+		})
+		assert.Nil(t, err)
+		cleanData(email)
+	})
+}

server/test/env_test.go

@@ -0,0 +1,29 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/env"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestEnvs(t *testing.T) {
+	envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.EnvKeyEnvPath, "../../.env.sample")
+	env.InitEnv()
+	store := envstore.EnvInMemoryStoreObj.GetEnvStoreClone()
+
+	assert.Equal(t, store[constants.EnvKeyAdminSecret].(string), "admin")
+	assert.Equal(t, store[constants.EnvKeyEnv].(string), "production")
+	assert.False(t, store[constants.EnvKeyDisableEmailVerification].(bool))
+	assert.False(t, store[constants.EnvKeyDisableMagicLinkLogin].(bool))
+	assert.False(t, store[constants.EnvKeyDisableBasicAuthentication].(bool))
+	assert.Equal(t, store[constants.EnvKeyJwtType].(string), "HS256")
+	assert.Equal(t, store[constants.EnvKeyJwtSecret].(string), "random_string")
+	assert.Equal(t, store[constants.EnvKeyJwtRoleClaim].(string), "role")
+	assert.EqualValues(t, store[constants.EnvKeyRoles].([]string), []string{"user"})
+	assert.EqualValues(t, store[constants.EnvKeyDefaultRoles].([]string), []string{"user"})
+	assert.EqualValues(t, store[constants.EnvKeyProtectedRoles].([]string), []string{"admin"})
+	assert.EqualValues(t, store[constants.EnvKeyAllowedOrigins].([]string), []string{"*"})
+}

server/test/forgot_password_test.go

@@ -0,0 +1,36 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func forgotPasswordTest(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should run forgot password`, func(t *testing.T) {
+		_, ctx := createContext(s)
+		email := "forgot_password." + s.TestInfo.Email
+		_, err := resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		_, err = resolvers.ForgotPasswordResolver(ctx, model.ForgotPasswordInput{
+			Email: email,
+		})
+		assert.Nil(t, err, "no errors for forgot password")
+
+		verificationRequest, err := db.Mgr.GetVerificationByEmail(email, constants.VerificationTypeForgotPassword)
+		assert.Nil(t, err)
+
+		assert.Equal(t, verificationRequest.Identifier, constants.VerificationTypeForgotPassword)
+
+		cleanData(email)
+	})
+}

server/test/login_test.go

@@ -0,0 +1,59 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func loginTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should login`, func(t *testing.T) {
+		_, ctx := createContext(s)
+		email := "login." + s.TestInfo.Email
+		_, err := resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		_, err = resolvers.LoginResolver(ctx, model.LoginInput{
+			Email:    email,
+			Password: s.TestInfo.Password,
+		})
+
+		assert.NotNil(t, err, "should fail because email is not verified")
+
+		verificationRequest, err := db.Mgr.GetVerificationByEmail(email, constants.VerificationTypeBasicAuthSignup)
+		resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
+			Token: verificationRequest.Token,
+		})
+
+		_, err = resolvers.LoginResolver(ctx, model.LoginInput{
+			Email:    email,
+			Password: s.TestInfo.Password,
+			Roles:    []string{"test"},
+		})
+		assert.NotNil(t, err, "invalid roles")
+
+		_, err = resolvers.LoginResolver(ctx, model.LoginInput{
+			Email:    email,
+			Password: s.TestInfo.Password + "s",
+		})
+		assert.NotNil(t, err, "invalid password")
+
+		loginRes, err := resolvers.LoginResolver(ctx, model.LoginInput{
+			Email:    email,
+			Password: s.TestInfo.Password,
+		})
+
+		assert.Nil(t, err, "login successful")
+		assert.NotNil(t, loginRes.AccessToken, "access token should not be empty")
+
+		cleanData(email)
+	})
+}

server/test/logout_test.go

@@ -0,0 +1,38 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func logoutTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should logout user`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		email := "logout." + s.TestInfo.Email
+
+		_, err := resolvers.MagicLinkLoginResolver(ctx, model.MagicLinkLoginInput{
+			Email: email,
+		})
+
+		verificationRequest, err := db.Mgr.GetVerificationByEmail(email, constants.VerificationTypeMagicLinkLogin)
+		verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
+			Token: verificationRequest.Token,
+		})
+
+		token := *verifyRes.AccessToken
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyCookieName).(string), token))
+		_, err = resolvers.LogoutResolver(ctx)
+		assert.Nil(t, err)
+		_, err = resolvers.ProfileResolver(ctx)
+		assert.NotNil(t, err, "unauthorized")
+		cleanData(email)
+	})
+}

server/test/magic_link_login_test.go

@@ -0,0 +1,38 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func magicLinkLoginTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should login with magic link`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		email := "magic_link_login." + s.TestInfo.Email
+
+		_, err := resolvers.MagicLinkLoginResolver(ctx, model.MagicLinkLoginInput{
+			Email: email,
+		})
+		assert.Nil(t, err)
+
+		verificationRequest, err := db.Mgr.GetVerificationByEmail(email, constants.VerificationTypeMagicLinkLogin)
+		verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
+			Token: verificationRequest.Token,
+		})
+
+		token := *verifyRes.AccessToken
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyCookieName).(string), token))
+		_, err = resolvers.ProfileResolver(ctx)
+		assert.Nil(t, err)
+
+		cleanData(email)
+	})
+}

server/test/meta_test.go

@@ -0,0 +1,24 @@
+package test
+
+import (
+	"context"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func metaTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should get meta information`, func(t *testing.T) {
+		ctx := context.Background()
+		meta, err := resolvers.MetaResolver(ctx)
+		assert.Nil(t, err)
+		assert.False(t, meta.IsFacebookLoginEnabled)
+		assert.False(t, meta.IsGoogleLoginEnabled)
+		assert.False(t, meta.IsGithubLoginEnabled)
+		assert.True(t, meta.IsEmailVerificationEnabled)
+		assert.True(t, meta.IsBasicAuthenticationEnabled)
+		assert.True(t, meta.IsMagicLinkLoginEnabled)
+	})
+}

server/test/profile_test.go

@@ -0,0 +1,45 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func profileTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should get profile only with token`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		email := "profile." + s.TestInfo.Email
+
+		resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		_, err := resolvers.ProfileResolver(ctx)
+		assert.NotNil(t, err, "unauthorized")
+
+		verificationRequest, err := db.Mgr.GetVerificationByEmail(email, constants.VerificationTypeBasicAuthSignup)
+		verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
+			Token: verificationRequest.Token,
+		})
+
+		token := *verifyRes.AccessToken
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyCookieName).(string), token))
+		profileRes, err := resolvers.ProfileResolver(ctx)
+		assert.Nil(t, err)
+
+		newEmail := *&profileRes.Email
+		assert.Equal(t, email, newEmail, "emails should be equal")
+
+		cleanData(email)
+	})
+}

server/test/resend_verify_email_test.go

@@ -0,0 +1,32 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func resendVerifyEmailTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should resend verification email`, func(t *testing.T) {
+		_, ctx := createContext(s)
+		email := "resend_verify_email." + s.TestInfo.Email
+		_, err := resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		_, err = resolvers.ResendVerifyEmailResolver(ctx, model.ResendVerifyEmailInput{
+			Email:      email,
+			Identifier: constants.VerificationTypeBasicAuthSignup,
+		})
+
+		assert.Nil(t, err)
+
+		cleanData(email)
+	})
+}

server/test/reset_password_test.go

@@ -0,0 +1,50 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func resetPasswordTest(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should reset password`, func(t *testing.T) {
+		email := "reset_password." + s.TestInfo.Email
+		_, ctx := createContext(s)
+		_, err := resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		_, err = resolvers.ForgotPasswordResolver(ctx, model.ForgotPasswordInput{
+			Email: email,
+		})
+		assert.Nil(t, err, "no errors for forgot password")
+
+		verificationRequest, err := db.Mgr.GetVerificationByEmail(email, constants.VerificationTypeForgotPassword)
+		assert.Nil(t, err, "should get forgot password request")
+
+		_, err = resolvers.ResetPasswordResolver(ctx, model.ResetPasswordInput{
+			Token:           verificationRequest.Token,
+			Password:        "test1",
+			ConfirmPassword: "test",
+		})
+
+		assert.NotNil(t, err, "passowrds don't match")
+
+		_, err = resolvers.ResetPasswordResolver(ctx, model.ResetPasswordInput{
+			Token:           verificationRequest.Token,
+			Password:        "test1",
+			ConfirmPassword: "test1",
+		})
+
+		assert.Nil(t, err, "password changed successfully")
+
+		cleanData(email)
+	})
+}

server/test/resolvers_test.go

@@ -0,0 +1,65 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/env"
+	"github.com/authorizerdev/authorizer/server/envstore"
+)
+
+func TestResolvers(t *testing.T) {
+	databases := map[string]string{
+		constants.DbTypeSqlite: "../../data.db",
+		// constants.DbTypeArangodb: "http://localhost:8529",
+		// constants.DbTypeMongodb:  "mongodb://localhost:27017",
+	}
+	envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.EnvKeyVersion, "test")
+	for dbType, dbURL := range databases {
+		envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.EnvKeyDatabaseURL, dbURL)
+		envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.EnvKeyDatabaseType, dbType)
+
+		env.InitEnv()
+		db.InitDB()
+
+		// clean the persisted config for test to use fresh config
+		config, err := db.Mgr.GetConfig()
+		if err == nil {
+			config.Config = []byte{}
+			db.Mgr.UpdateConfig(config)
+		}
+		env.PersistEnv()
+
+		s := testSetup()
+		defer s.Server.Close()
+
+		t.Run("should pass tests for "+dbType, func(t *testing.T) {
+			// admin tests
+			adminSignupTests(t, s)
+			verificationRequestsTest(t, s)
+			usersTest(t, s)
+			deleteUserTest(t, s)
+			updateUserTest(t, s)
+			adminLoginTests(t, s)
+			adminLogoutTests(t, s)
+			adminSessionTests(t, s)
+			updateConfigTests(t, s)
+			configTests(t, s)
+
+			// user tests
+			loginTests(t, s)
+			signupTests(t, s)
+			forgotPasswordTest(t, s)
+			resendVerifyEmailTests(t, s)
+			resetPasswordTest(t, s)
+			verifyEmailTest(t, s)
+			sessionTests(t, s)
+			profileTests(t, s)
+			updateProfileTests(t, s)
+			magicLinkLoginTests(t, s)
+			logoutTests(t, s)
+			metaTests(t, s)
+		})
+	}
+}

server/test/session_test.go

@@ -0,0 +1,46 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func sessionTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should allow access to profile with session only`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		email := "session." + s.TestInfo.Email
+
+		resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		_, err := resolvers.SessionResolver(ctx, []string{})
+		assert.NotNil(t, err, "unauthorized")
+
+		verificationRequest, err := db.Mgr.GetVerificationByEmail(email, constants.VerificationTypeBasicAuthSignup)
+		verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
+			Token: verificationRequest.Token,
+		})
+
+		token := *verifyRes.AccessToken
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyCookieName).(string), token))
+
+		sessionRes, err := resolvers.SessionResolver(ctx, []string{})
+		assert.Nil(t, err)
+
+		newToken := *sessionRes.AccessToken
+		assert.Equal(t, token, newToken, "tokens should be equal")
+
+		cleanData(email)
+	})
+}

server/test/signup_test.go

@@ -0,0 +1,48 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func signupTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should complete the signup and check duplicates`, func(t *testing.T) {
+		_, ctx := createContext(s)
+		email := "signup." + s.TestInfo.Email
+		res, err := resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password + "s",
+		})
+		assert.NotNil(t, err, "invalid password errors")
+
+		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		user := *res.User
+		assert.Equal(t, email, user.Email)
+		assert.Nil(t, res.AccessToken, "access token should be nil")
+
+		res, err = resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		assert.NotNil(t, err, "should throw duplicate email error")
+
+		verificationRequest, err := db.Mgr.GetVerificationByEmail(email, constants.VerificationTypeBasicAuthSignup)
+		assert.Nil(t, err)
+		assert.Equal(t, email, verificationRequest.Email)
+		cleanData(email)
+	})
+}

server/test/test.go

@@ -0,0 +1,95 @@
+package test
+
+import (
+	"context"
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+	"time"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/env"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/handlers"
+	"github.com/authorizerdev/authorizer/server/middlewares"
+	"github.com/authorizerdev/authorizer/server/session"
+	"github.com/gin-contrib/location"
+	"github.com/gin-gonic/gin"
+)
+
+// common user data to share across tests
+type TestData struct {
+	Email    string
+	Password string
+}
+
+type TestSetup struct {
+	GinEngine  *gin.Engine
+	GinContext *gin.Context
+	Server     *httptest.Server
+	TestInfo   TestData
+}
+
+func cleanData(email string) {
+	verificationRequest, err := db.Mgr.GetVerificationByEmail(email, constants.VerificationTypeBasicAuthSignup)
+	if err == nil {
+		err = db.Mgr.DeleteVerificationRequest(verificationRequest)
+	}
+
+	verificationRequest, err = db.Mgr.GetVerificationByEmail(email, constants.VerificationTypeForgotPassword)
+	if err == nil {
+		err = db.Mgr.DeleteVerificationRequest(verificationRequest)
+	}
+
+	verificationRequest, err = db.Mgr.GetVerificationByEmail(email, constants.VerificationTypeUpdateEmail)
+	if err == nil {
+		err = db.Mgr.DeleteVerificationRequest(verificationRequest)
+	}
+
+	dbUser, err := db.Mgr.GetUserByEmail(email)
+	if err == nil {
+		db.Mgr.DeleteUser(dbUser)
+		db.Mgr.DeleteUserSession(dbUser.ID)
+	}
+}
+
+func createContext(s TestSetup) (*http.Request, context.Context) {
+	req, _ := http.NewRequest(
+		"POST",
+		"http://"+s.Server.Listener.Addr().String()+"/graphql",
+		nil,
+	)
+
+	ctx := context.WithValue(req.Context(), "GinContextKey", s.GinContext)
+	s.GinContext.Request = req
+	return req, ctx
+}
+
+func testSetup() TestSetup {
+	testData := TestData{
+		Email:    fmt.Sprintf("%d_authorizer_tester@yopmail.com", time.Now().Unix()),
+		Password: "test",
+	}
+
+	envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.EnvKeyEnvPath, "../../.env.sample")
+	env.InitEnv()
+	session.InitSession()
+
+	w := httptest.NewRecorder()
+	c, r := gin.CreateTestContext(w)
+	r.Use(location.Default())
+	r.Use(middlewares.GinContextToContextMiddleware())
+	r.Use(middlewares.CORSMiddleware())
+
+	r.POST("/graphql", handlers.GraphqlHandler())
+
+	server := httptest.NewServer(r)
+
+	return TestSetup{
+		GinEngine:  r,
+		GinContext: c,
+		Server:     server,
+		TestInfo:   testData,
+	}
+}

server/test/update_config_test.go

@@ -0,0 +1,44 @@
+package test
+
+import (
+	"fmt"
+	"log"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/stretchr/testify/assert"
+)
+
+func updateConfigTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should update configs`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		originalAppURL := envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAppURL).(string)
+
+		data := model.UpdateConfigInput{}
+		_, err := resolvers.UpdateConfigResolver(ctx, data)
+		log.Println("error:", err)
+		assert.NotNil(t, err)
+
+		h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminSecret).(string))
+		assert.Nil(t, err)
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminCookieName).(string), h))
+		newURL := "https://test.com"
+		data = model.UpdateConfigInput{
+			AppURL: &newURL,
+		}
+		_, err = resolvers.UpdateConfigResolver(ctx, data)
+		log.Println("error:", err)
+		assert.Nil(t, err)
+		assert.Equal(t, envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAppURL).(string), newURL)
+		data = model.UpdateConfigInput{
+			AppURL: &originalAppURL,
+		}
+		_, err = resolvers.UpdateConfigResolver(ctx, data)
+		assert.Nil(t, err)
+	})
+}

server/test/update_profile_test.go

@@ -0,0 +1,56 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func updateProfileTests(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should update the profile with access token only`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		email := "update_profile." + s.TestInfo.Email
+
+		resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		fName := "samani"
+		_, err := resolvers.UpdateProfileResolver(ctx, model.UpdateProfileInput{
+			FamilyName: &fName,
+		})
+		assert.NotNil(t, err, "unauthorized")
+
+		verificationRequest, err := db.Mgr.GetVerificationByEmail(email, constants.VerificationTypeBasicAuthSignup)
+		verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
+			Token: verificationRequest.Token,
+		})
+
+		token := *verifyRes.AccessToken
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyCookieName).(string), token))
+		_, err = resolvers.UpdateProfileResolver(ctx, model.UpdateProfileInput{
+			FamilyName: &fName,
+		})
+		assert.Nil(t, err)
+
+		newEmail := "new_" + email
+		_, err = resolvers.UpdateProfileResolver(ctx, model.UpdateProfileInput{
+			Email: &newEmail,
+		})
+		assert.Nil(t, err)
+		_, err = resolvers.ProfileResolver(ctx)
+		assert.NotNil(t, err, "unauthorized")
+
+		cleanData(newEmail)
+		cleanData(email)
+	})
+}

server/test/update_user_test.go

@@ -0,0 +1,46 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/stretchr/testify/assert"
+)
+
+func updateUserTest(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should update the user with admin secret only`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		email := "update_user." + s.TestInfo.Email
+		signupRes, _ := resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		user := *signupRes.User
+		adminRole := "admin"
+		userRole := "user"
+		newRoles := []*string{&adminRole, &userRole}
+		_, err := resolvers.UpdateUserResolver(ctx, model.UpdateUserInput{
+			ID:    user.ID,
+			Roles: newRoles,
+		})
+		assert.NotNil(t, err, "unauthorized")
+
+		h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminSecret).(string))
+		assert.Nil(t, err)
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminCookieName).(string), h))
+		_, err = resolvers.UpdateUserResolver(ctx, model.UpdateUserInput{
+			ID:    user.ID,
+			Roles: newRoles,
+		})
+		assert.Nil(t, err)
+		cleanData(email)
+	})
+}

server/test/urls_test.go

@@ -0,0 +1,27 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestGetHostName(t *testing.T) {
+	authorizer_url := "http://test.herokuapp.com:80"
+
+	host, port := utils.GetHostParts(authorizer_url)
+	expectedHost := "test.herokuapp.com"
+
+	assert.Equal(t, host, expectedHost, "hostname should be equal")
+	assert.Equal(t, port, "80", "port should be 80")
+}
+
+func TestGetDomainName(t *testing.T) {
+	authorizer_url := "http://test.herokuapp.com"
+
+	got := utils.GetDomainName(authorizer_url)
+	want := "herokuapp.com"
+
+	assert.Equal(t, got, want, "domain name should be equal")
+}

server/test/users_test.go

@@ -0,0 +1,39 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/stretchr/testify/assert"
+)
+
+func usersTest(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should get users list with admin secret only`, func(t *testing.T) {
+		req, ctx := createContext(s)
+		email := "users." + s.TestInfo.Email
+		resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		users, err := resolvers.UsersResolver(ctx)
+		assert.NotNil(t, err, "unauthorized")
+
+		h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminSecret).(string))
+		assert.Nil(t, err)
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminCookieName).(string), h))
+		users, err = resolvers.UsersResolver(ctx)
+		assert.Nil(t, err)
+		rLen := len(users)
+		assert.GreaterOrEqual(t, rLen, 1)
+
+		cleanData(email)
+	})
+}

server/test/validator_test.go

@@ -0,0 +1,43 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestIsValidEmail(t *testing.T) {
+	validEmail := "lakhan@gmail.com"
+	invalidEmail1 := "lakhan"
+	invalidEmail2 := "lakhan.me"
+
+	assert.True(t, utils.IsValidEmail(validEmail), "it should be valid email")
+	assert.False(t, utils.IsValidEmail(invalidEmail1), "it should be invalid email")
+	assert.False(t, utils.IsValidEmail(invalidEmail2), "it should be invalid email")
+}
+
+func TestIsValidOrigin(t *testing.T) {
+	// don't use portocal(http/https) for ALLOWED_ORIGINS while testing,
+	// as we trim them off while running the main function
+	envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.EnvKeyAllowedOrigins, []string{"localhost:8080", "*.google.com", "*.google.in", "*abc.*"})
+	assert.False(t, utils.IsValidOrigin("http://myapp.com"), "it should be invalid origin")
+	assert.False(t, utils.IsValidOrigin("http://appgoogle.com"), "it should be invalid origin")
+	assert.True(t, utils.IsValidOrigin("http://app.google.com"), "it should be valid origin")
+	assert.False(t, utils.IsValidOrigin("http://app.google.ind"), "it should be invalid origin")
+	assert.True(t, utils.IsValidOrigin("http://app.google.in"), "it should be valid origin")
+	assert.True(t, utils.IsValidOrigin("http://xyx.abc.com"), "it should be valid origin")
+	assert.True(t, utils.IsValidOrigin("http://xyx.abc.in"), "it should be valid origin")
+	assert.True(t, utils.IsValidOrigin("http://xyxabc.in"), "it should be valid origin")
+	assert.True(t, utils.IsValidOrigin("http://localhost:8080"), "it should be valid origin")
+	envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.EnvKeyAllowedOrigins, []string{"*"})
+}
+
+func TestIsValidIdentifier(t *testing.T) {
+	assert.False(t, utils.IsValidVerificationIdentifier("test"), "it should be invalid identifier")
+	assert.True(t, utils.IsValidVerificationIdentifier(constants.VerificationTypeBasicAuthSignup), "it should be valid identifier")
+	assert.True(t, utils.IsValidVerificationIdentifier(constants.VerificationTypeUpdateEmail), "it should be valid identifier")
+	assert.True(t, utils.IsValidVerificationIdentifier(constants.VerificationTypeForgotPassword), "it should be valid identifier")
+}

server/test/verification_requests_test.go

@@ -0,0 +1,42 @@
+package test
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/envstore"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/authorizerdev/authorizer/server/utils"
+	"github.com/stretchr/testify/assert"
+)
+
+func verificationRequestsTest(t *testing.T, s TestSetup) {
+	t.Helper()
+
+	t.Run(`should get verification requests with admin secret only`, func(t *testing.T) {
+		req, ctx := createContext(s)
+
+		email := "verification_requests." + s.TestInfo.Email
+		resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		requests, err := resolvers.VerificationRequestsResolver(ctx)
+		assert.NotNil(t, err, "unauthorized")
+
+		h, err := utils.EncryptPassword(envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminSecret).(string))
+		assert.Nil(t, err)
+		req.Header.Set("Cookie", fmt.Sprintf("%s=%s", envstore.EnvInMemoryStoreObj.GetEnvVariable(constants.EnvKeyAdminCookieName).(string), h))
+		requests, err = resolvers.VerificationRequestsResolver(ctx)
+
+		assert.Nil(t, err)
+		rLen := len(requests)
+		assert.GreaterOrEqual(t, rLen, 1)
+
+		cleanData(email)
+	})
+}

server/test/verify_email_test.go

@@ -0,0 +1,39 @@
+package test
+
+import (
+	"testing"
+
+	"github.com/authorizerdev/authorizer/server/constants"
+	"github.com/authorizerdev/authorizer/server/db"
+	"github.com/authorizerdev/authorizer/server/graph/model"
+	"github.com/authorizerdev/authorizer/server/resolvers"
+	"github.com/stretchr/testify/assert"
+)
+
+func verifyEmailTest(t *testing.T, s TestSetup) {
+	t.Helper()
+	t.Run(`should verify email`, func(t *testing.T) {
+		_, ctx := createContext(s)
+		email := "verify_email." + s.TestInfo.Email
+		res, err := resolvers.SignupResolver(ctx, model.SignUpInput{
+			Email:           email,
+			Password:        s.TestInfo.Password,
+			ConfirmPassword: s.TestInfo.Password,
+		})
+
+		user := *res.User
+		assert.Equal(t, email, user.Email)
+		assert.Nil(t, res.AccessToken, "access token should be nil")
+		verificationRequest, err := db.Mgr.GetVerificationByEmail(email, constants.VerificationTypeBasicAuthSignup)
+		assert.Nil(t, err)
+		assert.Equal(t, email, verificationRequest.Email)
+
+		verifyRes, err := resolvers.VerifyEmailResolver(ctx, model.VerifyEmailInput{
+			Token: verificationRequest.Token,
+		})
+		assert.Nil(t, err)
+		assert.NotEqual(t, verifyRes.AccessToken, "", "access token should not be empty")
+
+		cleanData(email)
+	})
+}