numerus/test/login_attempt.sql

-- Test login_attempt
set client_min_messages to warning;
create extension if not exists pgtap;
reset client_min_messages;

begin;

select plan(29);

set search_path to auth, public;

select has_table('login_attempt');
select has_pk('login_attempt');
select table_privs_are('login_attempt', 'guest', array []::text[]);
select table_privs_are('login_attempt', 'invoicer', array []::text[]);
select table_privs_are('login_attempt', 'admin', array []::text[]);
select table_privs_are('login_attempt', 'authenticator', array []::text[]);

select has_column('login_attempt', 'attempt_id');
select col_is_pk('login_attempt', 'attempt_id');
select col_type_is('login_attempt', 'attempt_id', 'bigint');
select col_not_null('login_attempt', 'attempt_id');
select col_has_default('login_attempt', 'attempt_id');
select col_default_is('login_attempt', 'attempt_id', 'nextval(''login_attempt_attempt_id_seq''::regclass)');

select has_column('login_attempt', 'user_name');
select col_type_is('login_attempt', 'user_name', 'text');
select col_not_null('login_attempt', 'user_name');
select col_hasnt_default('login_attempt', 'user_name');

select has_column('login_attempt', 'ip_address');
select col_type_is('login_attempt', 'ip_address', 'inet');
select col_is_null('login_attempt', 'ip_address');
select col_hasnt_default('login_attempt', 'ip_address');

select has_column('login_attempt', 'success');
select col_type_is('login_attempt', 'success', 'boolean');
select col_not_null('login_attempt', 'success');
select col_hasnt_default('login_attempt', 'success');

select has_column('login_attempt', 'attempted_at');
select col_type_is('login_attempt', 'attempted_at', 'timestamp with time zone');
select col_not_null('login_attempt', 'attempted_at');
select col_has_default('login_attempt', 'attempted_at');
select col_default_is('login_attempt', 'attempted_at', 'CURRENT_TIMESTAMP');

select *
from finish();

rollback;
Implement login cookie, its verification, and logout At first i thought that i would need to implement sessions, the ones that keep small files onto the disk, to know which user is talking to the server, but then i realized that, for now at least, i only need a very large number, plus the email address, to be used as a lookup, and that can be stored in the user table, in a separate schema. Had to change login to avoid raising exceptions when login failed because i now keep a record of login attemps, and functions are always run in a single transaction, thus the exception would prevent me to insert into login_attempt. Even if i use a separate procedure, i could not keep the records. I did not want to add a parameter to the logout function because i was afraid that it could be called from separate users. I do not know whether it is possible with the current approach, since the settings variable is also set by the same applications; time will tell. 2023-01-17 19:48:50 +00:00			`-- Test login_attempt`
			`set client_min_messages to warning;`
			`create extension if not exists pgtap;`
			`reset client_min_messages;`

			`begin;`

			`select plan(29);`

			`set search_path to auth, public;`

			`select has_table('login_attempt');`
			`select has_pk('login_attempt');`
			`select table_privs_are('login_attempt', 'guest', array []::text[]);`
			`select table_privs_are('login_attempt', 'invoicer', array []::text[]);`
			`select table_privs_are('login_attempt', 'admin', array []::text[]);`
			`select table_privs_are('login_attempt', 'authenticator', array []::text[]);`

			`select has_column('login_attempt', 'attempt_id');`
			`select col_is_pk('login_attempt', 'attempt_id');`
			`select col_type_is('login_attempt', 'attempt_id', 'bigint');`
			`select col_not_null('login_attempt', 'attempt_id');`
			`select col_has_default('login_attempt', 'attempt_id');`
			`select col_default_is('login_attempt', 'attempt_id', 'nextval(''login_attempt_attempt_id_seq''::regclass)');`

			`select has_column('login_attempt', 'user_name');`
			`select col_type_is('login_attempt', 'user_name', 'text');`
			`select col_not_null('login_attempt', 'user_name');`
			`select col_hasnt_default('login_attempt', 'user_name');`

			`select has_column('login_attempt', 'ip_address');`
			`select col_type_is('login_attempt', 'ip_address', 'inet');`
			`select col_is_null('login_attempt', 'ip_address');`
			`select col_hasnt_default('login_attempt', 'ip_address');`

			`select has_column('login_attempt', 'success');`
			`select col_type_is('login_attempt', 'success', 'boolean');`
			`select col_not_null('login_attempt', 'success');`
			`select col_hasnt_default('login_attempt', 'success');`

			`select has_column('login_attempt', 'attempted_at');`
			`select col_type_is('login_attempt', 'attempted_at', 'timestamp with time zone');`
			`select col_not_null('login_attempt', 'attempted_at');`
			`select col_has_default('login_attempt', 'attempted_at');`
Change CURRENT_TIMESTAMP parameter for col_default_is It turns out i have been years doing this wrong: you are supposed to pass that value as a text, like 'CURRENT_TIMESTAMP', not like the keyword so that it returns the current timestamp as a timestamptz. However, i have been doing it wrong because of a bug in previous versions of pgTAP[0], that did not take into account keywords such as CURRENT_TIMESTAMP or CURRENT_DATE and was comparing their actual values, not the names, therefore i thought that i misread the documentation. Only now have discovered this because Debian 12 upgraded pgTAP version to 1.2.0. [0]: https://github.com/theory/pgtap/issues/244 2023-06-15 11:55:15 +00:00			`select col_default_is('login_attempt', 'attempted_at', 'CURRENT_TIMESTAMP');`
Implement login cookie, its verification, and logout At first i thought that i would need to implement sessions, the ones that keep small files onto the disk, to know which user is talking to the server, but then i realized that, for now at least, i only need a very large number, plus the email address, to be used as a lookup, and that can be stored in the user table, in a separate schema. Had to change login to avoid raising exceptions when login failed because i now keep a record of login attemps, and functions are always run in a single transaction, thus the exception would prevent me to insert into login_attempt. Even if i use a separate procedure, i could not keep the records. I did not want to add a parameter to the logout function because i was afraid that it could be called from separate users. I do not know whether it is possible with the current approach, since the settings variable is also set by the same applications; time will tell. 2023-01-17 19:48:50 +00:00
			`select *`
			`from finish();`

			`rollback;`