286 lines
9.4 KiB
Go
286 lines
9.4 KiB
Go
package main
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"github.com/pagefaultgames/rogueserver/api/account"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
"io"
|
|
"net"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"net/url"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/pagefaultgames/rogueserver/api"
|
|
"github.com/pagefaultgames/rogueserver/db"
|
|
"github.com/testcontainers/testcontainers-go"
|
|
"github.com/testcontainers/testcontainers-go/modules/mariadb"
|
|
)
|
|
|
|
func TestRogueServer(t *testing.T) {
|
|
if testing.Short() {
|
|
t.Skip("skipping test in short mode")
|
|
}
|
|
|
|
setupDB(t)
|
|
apiURL := runServer(t)
|
|
|
|
username := "user1234"
|
|
oldPassword := "password1234"
|
|
newPassword := "password12345"
|
|
t.Run("/account", func(t *testing.T) {
|
|
t.Run("/account/register", func(t *testing.T) {
|
|
t.Run("invalid username", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/register", nil, url.Values{"username": {""}, "password": {"password"}})
|
|
resp.assertStringResponse(t, http.StatusInternalServerError, "invalid username\n")
|
|
})
|
|
|
|
t.Run("invalid password", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/register", nil, url.Values{"username": {"username"}, "password": {"1"}})
|
|
resp.assertStringResponse(t, http.StatusInternalServerError, "invalid password\n")
|
|
})
|
|
t.Run("register", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/register", nil, url.Values{"username": {username}, "password": {oldPassword}})
|
|
resp.assertStringResponse(t, http.StatusOK, "")
|
|
})
|
|
t.Run("fail when register called for already registered user", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/register", nil, url.Values{"username": {username}, "password": {oldPassword}})
|
|
resp.assertStringResponse(t, http.StatusInternalServerError, "failed to add account record: Error 1062 (23000): Duplicate entry 'user1234' for key 'username'\n")
|
|
})
|
|
|
|
})
|
|
|
|
var token string
|
|
t.Run("/account/login", func(t *testing.T) {
|
|
t.Run("invalid username", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/login", nil, url.Values{"username": {""}, "password": {"password"}})
|
|
resp.assertStringResponse(t, http.StatusInternalServerError, "invalid username\n")
|
|
})
|
|
t.Run("invalid password", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/login", nil, url.Values{"username": {"username"}, "password": {"1"}})
|
|
resp.assertStringResponse(t, http.StatusInternalServerError, "invalid password\n")
|
|
})
|
|
|
|
t.Run("user do not exist", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/login", nil, url.Values{"username": {"notexist"}, "password": {"123456"}})
|
|
resp.assertStringResponse(t, http.StatusInternalServerError, "account doesn't exist\n")
|
|
})
|
|
|
|
t.Run("bad password", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/login", nil, url.Values{"username": {username}, "password": {"badpassword"}})
|
|
resp.assertStringResponse(t, http.StatusInternalServerError, "password doesn't match\n")
|
|
})
|
|
|
|
t.Run("login successfully", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/login", nil, url.Values{"username": {username}, "password": {oldPassword}})
|
|
resp.assertStatusCode(t, http.StatusOK)
|
|
var accountResp account.LoginResponse
|
|
resp.unmarshalJSON(t, &accountResp)
|
|
assert.NotEmpty(t, accountResp.Token)
|
|
token = accountResp.Token
|
|
})
|
|
})
|
|
|
|
t.Run("/account/info", func(t *testing.T) {
|
|
t.Run("missing token", func(t *testing.T) {
|
|
resp := getHTTP(t, apiURL, "/account/info", nil)
|
|
resp.assertStringResponse(t, http.StatusBadRequest, "missing token\n")
|
|
})
|
|
|
|
t.Run("bad token", func(t *testing.T) {
|
|
resp := getHTTP(t, apiURL, "/account/info", authHeader("foo"))
|
|
resp.assertStringResponse(t, http.StatusBadRequest, "failed to decode token: illegal base64 data at input byte 0\n")
|
|
})
|
|
|
|
t.Run("success", func(t *testing.T) {
|
|
resp := getHTTP(t, apiURL, "/account/info", authHeader(token))
|
|
resp.assertJSONResponse(t, http.StatusOK, `{"username":"user1234","lastSessionSlot":-1}`)
|
|
})
|
|
})
|
|
|
|
t.Run("/account/logout", func(t *testing.T) {
|
|
t.Run("missing token", func(t *testing.T) {
|
|
resp := getHTTP(t, apiURL, "/account/logout", nil)
|
|
resp.assertStringResponse(t, http.StatusBadRequest, "missing token\n")
|
|
})
|
|
|
|
t.Run("bad token", func(t *testing.T) {
|
|
resp := getHTTP(t, apiURL, "/account/logout", authHeader("foo"))
|
|
resp.assertStringResponse(t, http.StatusBadRequest, "failed to decode token: illegal base64 data at input byte 0\n")
|
|
})
|
|
t.Run("success", func(t *testing.T) {
|
|
resp := getHTTP(t, apiURL, "/account/logout", authHeader(token))
|
|
resp.assertStatusCode(t, http.StatusOK)
|
|
})
|
|
|
|
t.Run("do nothing on second logout", func(t *testing.T) {
|
|
resp := getHTTP(t, apiURL, "/account/logout", authHeader(token))
|
|
resp.assertStatusCode(t, http.StatusOK)
|
|
})
|
|
})
|
|
|
|
t.Run("/account/changepw", func(t *testing.T) {
|
|
t.Run("missing token", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/changepw", nil, url.Values{"password": {newPassword}})
|
|
resp.assertStringResponse(t, http.StatusBadRequest, "missing token\n")
|
|
})
|
|
|
|
t.Run("bad token", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/changepw", authHeader("foo"), url.Values{"password": {newPassword}})
|
|
resp.assertStringResponse(t, http.StatusBadRequest, "failed to decode token: illegal base64 data at input byte 0\n")
|
|
})
|
|
|
|
t.Run("fail on unlogged token", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/changepw", authHeader(token), url.Values{"password": {newPassword}})
|
|
resp.assertStringResponse(t, http.StatusBadRequest, "failed to validate token: sql: no rows in result set\n")
|
|
})
|
|
|
|
t.Run("login successfully once again", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/login", nil, url.Values{"username": {username}, "password": {oldPassword}})
|
|
resp.assertStatusCode(t, http.StatusOK)
|
|
var accountResp account.LoginResponse
|
|
resp.unmarshalJSON(t, &accountResp)
|
|
assert.NotEmpty(t, accountResp.Token)
|
|
token = accountResp.Token
|
|
})
|
|
|
|
t.Run("bad password", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/changepw", authHeader(token), url.Values{"password": {"123"}})
|
|
resp.assertStringResponse(t, http.StatusInternalServerError, "invalid password\n")
|
|
})
|
|
|
|
t.Run("success", func(t *testing.T) {
|
|
resp := postHttpForm(t, apiURL, "/account/changepw", authHeader(token), url.Values{"password": {newPassword}})
|
|
resp.assertStatusCode(t, http.StatusOK)
|
|
})
|
|
})
|
|
})
|
|
}
|
|
|
|
func authHeader(token string) map[string]string {
|
|
return map[string]string{"Authorization": token}
|
|
}
|
|
|
|
type response struct {
|
|
code int
|
|
headers http.Header
|
|
body string
|
|
}
|
|
|
|
func (r response) assertStatusCode(t *testing.T, expectedStatus int) {
|
|
t.Helper()
|
|
assert.Equal(t, expectedStatus, r.code)
|
|
}
|
|
|
|
func (r response) assertStringResponse(t *testing.T, expectedStatus int, expectedBody string) {
|
|
t.Helper()
|
|
assert.Equal(t, expectedStatus, r.code)
|
|
assert.Equal(t, expectedBody, r.body)
|
|
}
|
|
|
|
func (r response) assertJSONResponse(t *testing.T, expectedStatus int, expectedBody string) {
|
|
t.Helper()
|
|
assert.Equal(t, expectedStatus, r.code)
|
|
assert.JSONEq(t, expectedBody, r.body)
|
|
}
|
|
|
|
func (r response) unmarshalJSON(t *testing.T, v any) {
|
|
t.Helper()
|
|
require.NoError(t, json.Unmarshal([]byte(r.body), &v))
|
|
}
|
|
|
|
func postHttpForm(t *testing.T, apiURL string, p string, headers map[string]string, form url.Values) response {
|
|
t.Helper()
|
|
u := joinPathToAPIURL(t, apiURL, p)
|
|
req, err := http.NewRequest(http.MethodPost, u, strings.NewReader(form.Encode()))
|
|
require.NoError(t, err)
|
|
|
|
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
|
|
for k, v := range headers {
|
|
req.Header.Set(k, v)
|
|
}
|
|
|
|
resp, err := http.DefaultClient.Do(req)
|
|
require.NoError(t, err)
|
|
defer resp.Body.Close()
|
|
|
|
return readResponse(t, resp)
|
|
}
|
|
|
|
func getHTTP(t *testing.T, apiURL string, p string, headers map[string]string) response {
|
|
t.Helper()
|
|
u := joinPathToAPIURL(t, apiURL, p)
|
|
req, err := http.NewRequest(http.MethodGet, u, nil)
|
|
require.NoError(t, err)
|
|
|
|
for k, v := range headers {
|
|
req.Header.Set(k, v)
|
|
}
|
|
|
|
resp, err := http.DefaultClient.Do(req)
|
|
require.NoError(t, err)
|
|
defer resp.Body.Close()
|
|
|
|
return readResponse(t, resp)
|
|
}
|
|
|
|
func joinPathToAPIURL(t *testing.T, apiURL string, p string) string {
|
|
u, err := url.JoinPath(apiURL, p)
|
|
require.NoError(t, err)
|
|
return u
|
|
}
|
|
|
|
func readResponse(t *testing.T, resp *http.Response) response {
|
|
t.Helper()
|
|
respBody, err := io.ReadAll(resp.Body)
|
|
require.NoError(t, err)
|
|
|
|
return response{
|
|
code: resp.StatusCode,
|
|
headers: resp.Header,
|
|
body: string(respBody),
|
|
}
|
|
}
|
|
|
|
func runServer(t *testing.T) string {
|
|
mux := http.NewServeMux()
|
|
require.NoError(t, api.Init(mux))
|
|
|
|
handler := prodHandler(mux)
|
|
s := httptest.NewServer(handler)
|
|
t.Cleanup(s.Close)
|
|
return s.URL
|
|
}
|
|
|
|
func setupDB(t *testing.T) {
|
|
t.Helper()
|
|
ctx := context.Background()
|
|
|
|
const dbName = "pokeroguedb"
|
|
const username = "pokerogue"
|
|
const password = "pokerogue"
|
|
|
|
c, err := mariadb.RunContainer(ctx,
|
|
testcontainers.WithImage("mariadb:11"),
|
|
mariadb.WithDatabase(dbName),
|
|
mariadb.WithUsername(username),
|
|
mariadb.WithPassword(password),
|
|
)
|
|
require.NoError(t, err)
|
|
|
|
t.Cleanup(func() {
|
|
require.NoError(t, c.Terminate(ctx))
|
|
})
|
|
port, err := c.MappedPort(ctx, "3306/tcp")
|
|
require.NoError(t, err)
|
|
|
|
host, err := c.Host(ctx)
|
|
require.NoError(t, err)
|
|
|
|
err = db.Init(username, password, "tcp", net.JoinHostPort(host, port.Port()), dbName)
|
|
require.NoError(t, err)
|
|
}
|