112 lines
4.2 KiB
MySQL
112 lines
4.2 KiB
MySQL
|
-- Test login
|
|||
|
set client_min_messages to warning;
|
|||
|
create extension if not exists pgtap;
|
|||
|
reset client_min_messages;
|
|||
|
|
|||
|
begin;
|
|||
|
|
|||
|
select plan(20);
|
|||
|
|
|||
|
set search_path to auth, tipus, public;
|
|||
|
|
|||
|
select has_function('tipus', 'login', array ['email', 'text', 'inet']);
|
|||
|
select function_lang_is('tipus', 'login', array ['email', 'text', 'inet'], 'plpgsql');
|
|||
|
select function_returns('tipus', 'login', array ['email', 'text', 'inet'], 'text');
|
|||
|
select is_definer('tipus', 'login', array ['email', 'text', 'inet']);
|
|||
|
select volatility_is('tipus', 'login', array ['email', 'text', 'inet'], 'volatile');
|
|||
|
select function_privs_are('tipus', 'login', array ['email', 'text', 'inet'], 'guest', array ['EXECUTE']);
|
|||
|
select function_privs_are('tipus', 'login', array ['email', 'text', 'inet'], 'publisher', array []::text[]);
|
|||
|
select function_privs_are('tipus', 'login', array ['email', 'text', 'inet'], 'admin', array []::text[]);
|
|||
|
select function_privs_are('tipus', 'login', array ['email', 'text', 'inet'], 'authenticator', array []::text[]);
|
|||
|
|
|||
|
set client_min_messages to warning;
|
|||
|
truncate auth."user" cascade;
|
|||
|
truncate auth.login_attempt cascade;
|
|||
|
reset client_min_messages;
|
|||
|
|
|||
|
insert into auth."user" (email, name, password, role)
|
|||
|
values ('info@tandem.blog', 'Tandem', 'test', 'publisher');
|
|||
|
|
|||
|
create temp table _login_test
|
|||
|
(
|
|||
|
result_num integer,
|
|||
|
cookie text not null
|
|||
|
);
|
|||
|
|
|||
|
select lives_ok(
|
|||
|
$$ insert into _login_test select 1, split_part(login('info@tandem.blog', 'test', '::1'::inet), '/', 1) $$,
|
|||
|
'Should login with a correct user and password'
|
|||
|
);
|
|||
|
|
|||
|
select isnt_empty(
|
|||
|
$$ select cookie from _login_test join "user" using (cookie) where email = 'info@tandem.blog' $$,
|
|||
|
'Should have returned the cookie that wrote to the user relation.'
|
|||
|
);
|
|||
|
|
|||
|
select results_eq(
|
|||
|
$$ select cookie_expires_at > current_timestamp from "user" where email = 'info@tandem.blog' $$,
|
|||
|
$$ values (true) $$,
|
|||
|
'Should have set an expiry date in the future.'
|
|||
|
);
|
|||
|
|
|||
|
select isnt_empty(
|
|||
|
$$ select cookie from _login_test where cookie in (select split_part(login('info@tandem.blog', 'test', '192.168.0.1'::inet), '/', 1)) $$,
|
|||
|
'Should return the same cookie if not expired yet.'
|
|||
|
);
|
|||
|
|
|||
|
update "user"
|
|||
|
set cookie_expires_at = current_timestamp - interval '1 hour'
|
|||
|
where email = 'info@tandem.blog';
|
|||
|
|
|||
|
select lives_ok(
|
|||
|
$$ insert into _login_test select 2, split_part(login('info@tandem.blog', 'test', '::1'::inet), '/', 1) $$,
|
|||
|
'Should login with a correct user and password even with an expired cookie'
|
|||
|
);
|
|||
|
|
|||
|
|
|||
|
select results_eq(
|
|||
|
$$ select count(distinct cookie)::integer from _login_test $$,
|
|||
|
$$ values (2) $$,
|
|||
|
'Should have returned a new cookie'
|
|||
|
);
|
|||
|
|
|||
|
select isnt_empty(
|
|||
|
$$ select cookie from _login_test join "user" using (cookie) where email = 'info@tandem.blog' and result_num = 2 $$,
|
|||
|
'Should have updated the user’s cookie.'
|
|||
|
);
|
|||
|
|
|||
|
select results_eq(
|
|||
|
$$ select cookie_expires_at > current_timestamp from "user" where email = 'info@tandem.blog' $$,
|
|||
|
$$ values(true) $$,
|
|||
|
'Should have set an expiry date in the future, again.'
|
|||
|
);
|
|||
|
|
|||
|
select is(
|
|||
|
login('info@tandem.blog'::email, 'mah password', '127.0.0.1'::inet),
|
|||
|
''::text,
|
|||
|
'Should not find any role with an invalid password'
|
|||
|
);
|
|||
|
|
|||
|
select is(
|
|||
|
login('nope@tandem.blog'::email, 'test'),
|
|||
|
''::text,
|
|||
|
'Should not find any role with an invalid email'
|
|||
|
);
|
|||
|
|
|||
|
select results_eq(
|
|||
|
'select user_name, ip_address, success, attempted_at from login_attempt order by attempt_id',
|
|||
|
$$ values ('info@tandem.blog', '::1'::inet, true, current_timestamp)
|
|||
|
, ('info@tandem.blog', '192.168.0.1'::inet, true, current_timestamp)
|
|||
|
, ('info@tandem.blog', '::1'::inet, true, current_timestamp)
|
|||
|
, ('info@tandem.blog', '127.0.0.1'::inet, false, current_timestamp)
|
|||
|
, ('nope@tandem.blog', null, false, current_timestamp)
|
|||
|
$$,
|
|||
|
'Should have recorded all login attempts.'
|
|||
|
);
|
|||
|
|
|||
|
|
|||
|
select *
|
|||
|
from finish();
|
|||
|
|
|||
|
rollback;
|