architex/test/controllers/auth_controller_test.exs

136 lines
4.4 KiB
Elixir
Raw Normal View History

2021-07-13 15:08:07 +00:00
defmodule MatrixServerWeb.AuthControllerTest do
use MatrixServerWeb.ConnCase
2021-07-13 17:35:02 +00:00
import Ecto.Query
alias MatrixServer.{Repo, Device, Factory}
2021-07-13 15:08:07 +00:00
alias MatrixServerWeb.Endpoint
2021-07-13 17:35:02 +00:00
@basic_params %{
"username" => "user",
"password" => "lemmein",
"auth" => %{"type" => "m.login.dummy"}
}
2021-07-13 15:08:07 +00:00
describe "register endpoint" do
test "renders the auth flow when no auth parameter is given", %{conn: conn} do
conn = post(conn, Routes.auth_path(conn, :register))
assert %{"flows" => flows, "params" => _} = json_response(conn, 401)
assert is_list(flows)
end
test "registers account with minimal information", %{conn: conn} do
2021-07-13 17:35:02 +00:00
conn = post_json(conn, Routes.auth_path(Endpoint, :register), @basic_params)
2021-07-13 15:08:07 +00:00
user_id = MatrixServer.get_mxid("user")
assert %{"access_token" => _, "device_id" => _, "user_id" => ^user_id} =
json_response(conn, 200)
end
2021-07-13 17:35:02 +00:00
test "registers and sets device id", %{conn: conn} do
params = Map.put(@basic_params, :device_id, "android")
conn = post_json(conn, Routes.auth_path(Endpoint, :register), params)
assert %{"device_id" => "android"} = json_response(conn, 200)
end
test "registers and sets display name", %{conn: conn} do
params = Map.put(@basic_params, :initial_device_display_name, "My Android")
conn = post_json(conn, Routes.auth_path(Endpoint, :register), params)
assert json_response(conn, 200)
assert Repo.one!(from d in Device, select: d.display_name) == "My Android"
end
test "rejects account if localpart is already in use", %{conn: conn} do
Factory.insert(:account, localpart: "sneed")
conn =
post_json(conn, Routes.auth_path(Endpoint, :register), %{
@basic_params
| "username" => "sneed"
})
assert %{"errcode" => "M_USER_IN_USE"} = json_response(conn, 400)
end
test "obeys inhibit_login parameter", %{conn: conn} do
params = Map.put(@basic_params, :inhibit_login, "true")
conn = post_json(conn, Routes.auth_path(Endpoint, :register), params)
assert response = json_response(conn, 200)
refute Map.has_key?(response, "access_token")
refute Map.has_key?(response, "device_id")
end
test "generates localpart if omitted", %{conn: conn} do
params = Map.delete(@basic_params, "username")
conn = post_json(conn, Routes.auth_path(Endpoint, :register), params)
assert %{"user_id" => _} = json_response(conn, 200)
end
test "rejects invalid usernames", %{conn: conn} do
conn =
post_json(conn, Routes.auth_path(Endpoint, :register), %{
@basic_params
| "username" => "User1"
})
assert %{"errcode" => "M_INVALID_USERNAME"} = json_response(conn, 400)
end
2021-07-13 15:08:07 +00:00
end
2021-07-13 21:16:56 +00:00
@basic_params %{
"type" => "m.login.password",
"identifier" => %{
"type" => "m.id.user",
"user" => "sneed"
},
"password" => "lemmein"
}
describe "login endpoint" do
test "renders the list of login types", %{conn: conn} do
conn = get(conn, Routes.auth_path(Endpoint, :login))
assert %{"flows" => flows} = json_response(conn, 200)
assert is_list(flows)
end
test "logs a user in with password and matrix user id", %{conn: conn} do
Factory.insert(:account, localpart: "sneed", password_hash: Bcrypt.hash_pwd_salt("lemmein"))
conn = post_json(conn, Routes.auth_path(Endpoint, :login), @basic_params)
assert %{"user_id" => _, "access_token" => _, "device_id" => _} = json_response(conn, 200)
conn =
recycle(conn)
|> post_json(Routes.auth_path(Endpoint, :login), %{
@basic_params
| "identifier" => %{"type" => "m.id.user", "user" => MatrixServer.get_mxid("sneed")}
})
assert %{"user_id" => _, "access_token" => _, "device_id" => _} = json_response(conn, 200)
end
test "handles unknown matrix user id", %{conn: conn} do
conn = post_json(conn, Routes.auth_path(Endpoint, :login), @basic_params)
assert %{"errcode" => "M_FORBIDDEN"} = json_response(conn, 400)
end
test "handles wrong password", %{conn: conn} do
Factory.insert(:account, localpart: "sneed", password_hash: Bcrypt.hash_pwd_salt("surprise"))
2021-07-17 15:38:20 +00:00
2021-07-13 21:16:56 +00:00
conn = post_json(conn, Routes.auth_path(Endpoint, :login), @basic_params)
assert %{"errcode" => "M_FORBIDDEN"} = json_response(conn, 400)
end
# TODO: Test display name
# TODO: Test device recycling
end
2021-07-13 15:08:07 +00:00
end