60 lines
1.4 KiB
Go
60 lines
1.4 KiB
Go
package middleware
|
|
|
|
import (
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
jwtHelper "goaresv3/pkg/jwt"
|
|
)
|
|
|
|
func TestAuthRequiredValidBearerPasses(t *testing.T) {
|
|
gin.SetMode(gin.TestMode)
|
|
t.Setenv("JWT_SECRET", "test-secret-1234567890")
|
|
|
|
token, err := jwtHelper.GenerateAccessToken(7, "u@example.com", "user7")
|
|
if err != nil {
|
|
t.Fatalf("failed to generate token: %v", err)
|
|
}
|
|
|
|
r := gin.New()
|
|
r.GET("/protected", AuthRequired(), func(c *gin.Context) {
|
|
c.JSON(http.StatusOK, gin.H{"ok": true})
|
|
})
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/protected", nil)
|
|
req.Header.Set("Authorization", "Bearer "+token)
|
|
w := httptest.NewRecorder()
|
|
r.ServeHTTP(w, req)
|
|
|
|
if w.Code != http.StatusOK {
|
|
t.Fatalf("expected 200, got %d", w.Code)
|
|
}
|
|
}
|
|
|
|
func TestAuthRequiredRawTokenRejected(t *testing.T) {
|
|
gin.SetMode(gin.TestMode)
|
|
t.Setenv("JWT_SECRET", "test-secret-1234567890")
|
|
|
|
token, err := jwtHelper.GenerateAccessToken(7, "u@example.com", "user7")
|
|
if err != nil {
|
|
t.Fatalf("failed to generate token: %v", err)
|
|
}
|
|
|
|
r := gin.New()
|
|
r.GET("/protected", AuthRequired(), func(c *gin.Context) {
|
|
c.JSON(http.StatusOK, gin.H{"ok": true})
|
|
})
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/protected", nil)
|
|
req.Header.Set("Authorization", token)
|
|
w := httptest.NewRecorder()
|
|
r.ServeHTTP(w, req)
|
|
|
|
if w.Code != http.StatusUnauthorized {
|
|
t.Fatalf("expected 401, got %d", w.Code)
|
|
}
|
|
}
|