103 lines
3.2 KiB
Go
103 lines
3.2 KiB
Go
package handlers
|
|
|
|
import (
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
|
|
"custom-start-page/internal/auth"
|
|
"custom-start-page/internal/middleware"
|
|
)
|
|
|
|
// TestRedirectFlow_UnauthenticatedToLogin tests that unauthenticated users are redirected to login
|
|
func TestRedirectFlow_UnauthenticatedToLogin(t *testing.T) {
|
|
// Setup
|
|
mockSessionStore := &MockSessionStore{shouldError: true}
|
|
|
|
// Create middleware
|
|
requireAuth := middleware.RequireAuth(mockSessionStore)
|
|
|
|
// Create dashboard handler
|
|
mockDashboardTemplate := createMockDashboardTemplate()
|
|
dashboardHandler := &DashboardHandler{templates: mockDashboardTemplate}
|
|
|
|
// Wrap dashboard handler with auth middleware
|
|
protectedHandler := requireAuth(http.HandlerFunc(dashboardHandler.HandleDashboard))
|
|
|
|
// Create request to dashboard
|
|
req := httptest.NewRequest(http.MethodGet, "/dashboard", nil)
|
|
w := httptest.NewRecorder()
|
|
|
|
// Execute
|
|
protectedHandler.ServeHTTP(w, req)
|
|
|
|
// Assert - should redirect to login
|
|
if w.Code != http.StatusSeeOther {
|
|
t.Errorf("Expected status 303, got %d", w.Code)
|
|
}
|
|
|
|
location := w.Header().Get("Location")
|
|
if location != "/login" {
|
|
t.Errorf("Expected redirect to /login, got %s", location)
|
|
}
|
|
}
|
|
|
|
// TestRedirectFlow_AuthenticatedToDashboard tests that authenticated users accessing login are redirected to dashboard
|
|
func TestRedirectFlow_AuthenticatedToDashboard(t *testing.T) {
|
|
// Setup
|
|
mockSessionStore := &MockSessionStore{userID: "test-user-123"}
|
|
oauthService := auth.NewOAuthService("test-client-id", "test-secret", "http://localhost/callback", auth.NewMemoryStateStore())
|
|
userService := auth.NewUserService(nil)
|
|
mockTemplate := createMockTemplate()
|
|
authHandler := NewAuthHandlerWithTemplates(oauthService, userService, mockSessionStore, mockTemplate)
|
|
|
|
// Create request to login page
|
|
req := httptest.NewRequest(http.MethodGet, "/login", nil)
|
|
w := httptest.NewRecorder()
|
|
|
|
// Execute
|
|
authHandler.HandleLogin(w, req)
|
|
|
|
// Assert - should redirect to dashboard
|
|
if w.Code != http.StatusTemporaryRedirect {
|
|
t.Errorf("Expected status 307, got %d", w.Code)
|
|
}
|
|
|
|
location := w.Header().Get("Location")
|
|
if location != "/dashboard" {
|
|
t.Errorf("Expected redirect to /dashboard, got %s", location)
|
|
}
|
|
}
|
|
|
|
// TestRedirectFlow_LogoutToLogin tests that logout redirects to login
|
|
func TestRedirectFlow_LogoutToLogin(t *testing.T) {
|
|
// Setup
|
|
mockSessionStore := &MockSessionStore{userID: "test-user-123"}
|
|
oauthService := auth.NewOAuthService("test-client-id", "test-secret", "http://localhost/callback", auth.NewMemoryStateStore())
|
|
userService := auth.NewUserService(nil)
|
|
mockTemplate := createMockTemplate()
|
|
authHandler := NewAuthHandlerWithTemplates(oauthService, userService, mockSessionStore, mockTemplate)
|
|
|
|
// Create logout request
|
|
req := httptest.NewRequest(http.MethodPost, "/logout", nil)
|
|
w := httptest.NewRecorder()
|
|
|
|
// Execute
|
|
authHandler.HandleLogout(w, req)
|
|
|
|
// Assert - should redirect to login
|
|
if w.Code != http.StatusTemporaryRedirect {
|
|
t.Errorf("Expected status 307, got %d", w.Code)
|
|
}
|
|
|
|
location := w.Header().Get("Location")
|
|
if location != "/login" {
|
|
t.Errorf("Expected redirect to /login, got %s", location)
|
|
}
|
|
|
|
// Verify session was destroyed
|
|
if mockSessionStore.userID != "" {
|
|
t.Error("Expected session to be destroyed after logout")
|
|
}
|
|
}
|