Add tests for login
This commit is contained in:
parent
6b9c9333b8
commit
585de861d6
4 changed files with 94 additions and 34 deletions
|
@ -4,7 +4,7 @@ defmodule MatrixServer.Account do
|
||||||
import Ecto.{Changeset, Query}
|
import Ecto.{Changeset, Query}
|
||||||
|
|
||||||
alias MatrixServer.{Repo, Account, Device}
|
alias MatrixServer.{Repo, Account, Device}
|
||||||
alias MatrixServerWeb.API.Register
|
alias MatrixServerWeb.API.{Register, Login}
|
||||||
alias Ecto.Multi
|
alias Ecto.Multi
|
||||||
|
|
||||||
@max_mxid_length 255
|
@max_mxid_length 255
|
||||||
|
@ -53,17 +53,20 @@ defmodule MatrixServer.Account do
|
||||||
|> Multi.run(:device_with_access_token, &Device.insert_new_access_token/2)
|
|> Multi.run(:device_with_access_token, &Device.insert_new_access_token/2)
|
||||||
end
|
end
|
||||||
|
|
||||||
def login(%{localpart: localpart, password: password} = params) do
|
def login(%Login{} = api) do
|
||||||
|
localpart = try_get_localpart(api.identifier.user)
|
||||||
|
|
||||||
fn repo ->
|
fn repo ->
|
||||||
case repo.one(from a in Account, where: a.localpart == ^localpart) do
|
case repo.one(from a in Account, where: a.localpart == ^localpart) do
|
||||||
%Account{password_hash: hash} = account ->
|
%Account{password_hash: hash} = account ->
|
||||||
if Bcrypt.verify_pass(password, hash) do
|
if Bcrypt.verify_pass(api.password, hash) do
|
||||||
device_id = Map.get(params, :device_id, Device.generate_device_id(localpart))
|
case Device.login(api, account) do
|
||||||
access_token = Device.generate_access_token(localpart, device_id)
|
{:ok, device} ->
|
||||||
|
device
|
||||||
|
|
||||||
case Device.login(account, device_id, access_token, params) do
|
{:error, _cs} ->
|
||||||
{:ok, device} -> device
|
IO.inspect(_cs)
|
||||||
{:error, _cs} -> repo.rollback(:forbidden)
|
repo.rollback(:forbidden)
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
repo.rollback(:forbidden)
|
repo.rollback(:forbidden)
|
||||||
|
@ -97,4 +100,13 @@ defmodule MatrixServer.Account do
|
||||||
# Subtract the "@" and ":" in the MXID.
|
# Subtract the "@" and ":" in the MXID.
|
||||||
@max_mxid_length - 2 - String.length(MatrixServer.server_name())
|
@max_mxid_length - 2 - String.length(MatrixServer.server_name())
|
||||||
end
|
end
|
||||||
|
|
||||||
|
defp try_get_localpart("@" <> rest = user_id) do
|
||||||
|
case String.split(rest, ":") do
|
||||||
|
[localpart, _] -> localpart
|
||||||
|
_ -> user_id
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
defp try_get_localpart(localpart), do: localpart
|
||||||
end
|
end
|
||||||
|
|
|
@ -4,6 +4,7 @@ defmodule MatrixServer.Device do
|
||||||
import Ecto.{Changeset, Query}
|
import Ecto.{Changeset, Query}
|
||||||
|
|
||||||
alias MatrixServer.{Account, Device, Repo}
|
alias MatrixServer.{Account, Device, Repo}
|
||||||
|
alias MatrixServerWeb.API.Login
|
||||||
|
|
||||||
@primary_key false
|
@primary_key false
|
||||||
schema "devices" do
|
schema "devices" do
|
||||||
|
@ -49,22 +50,29 @@ defmodule MatrixServer.Device do
|
||||||
"#{localpart}_#{time_string}"
|
"#{localpart}_#{time_string}"
|
||||||
end
|
end
|
||||||
|
|
||||||
def login(account, device_id, access_token, params) do
|
def login(%Login{} = api, account) do
|
||||||
|
device_id = api.device_id || generate_device_id(account.localpart)
|
||||||
|
access_token = generate_access_token(account.localpart, device_id)
|
||||||
|
|
||||||
update_query =
|
update_query =
|
||||||
from(d in Device)
|
from(d in Device)
|
||||||
|> update(set: [access_token: ^access_token, device_id: ^device_id])
|
|> update(set: [access_token: ^access_token, device_id: ^device_id])
|
||||||
|
|> then(fn q ->
|
||||||
|
if api.initial_device_display_name do
|
||||||
|
update(q, set: [display_name: ^api.initial_device_display_name])
|
||||||
|
else
|
||||||
|
q
|
||||||
|
end
|
||||||
|
end)
|
||||||
|
|
||||||
update_query =
|
device_params = %{
|
||||||
if params[:display_name] != nil do
|
device_id: device_id,
|
||||||
update(update_query, set: [display_name: ^params.display_name])
|
display_name: api.initial_device_display_name
|
||||||
else
|
}
|
||||||
update_query
|
|
||||||
end
|
|
||||||
|
|
||||||
Ecto.build_assoc(account, :devices)
|
Ecto.build_assoc(account, :devices)
|
||||||
|> Map.put(:device_id, device_id)
|
|> Device.changeset(device_params)
|
||||||
|> Map.put(:access_token, access_token)
|
|> put_change(:access_token, access_token)
|
||||||
|> Device.changeset(params)
|
|
||||||
|> Repo.insert(on_conflict: update_query, conflict_target: [:localpart, :device_id])
|
|> Repo.insert(on_conflict: update_query, conflict_target: [:localpart, :device_id])
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -73,23 +73,13 @@ defmodule MatrixServerWeb.AuthController do
|
||||||
) do
|
) do
|
||||||
case Login.changeset(params) do
|
case Login.changeset(params) do
|
||||||
%Changeset{valid?: true} = cs ->
|
%Changeset{valid?: true} = cs ->
|
||||||
input =
|
api = apply_changes(cs)
|
||||||
apply_changes(cs)
|
# input =
|
||||||
|> Map.from_struct()
|
# apply_changes(cs)
|
||||||
|> MatrixServer.maybe_update_map(:initial_device_display_name, :display_name)
|
# |> Map.from_struct()
|
||||||
|> MatrixServer.maybe_update_map(:identifier, :localpart, fn
|
# |> MatrixServer.maybe_update_map(:initial_device_display_name, :display_name)
|
||||||
%{user: "@" <> rest} ->
|
|
||||||
case String.split(rest) do
|
|
||||||
[localpart, _] -> localpart
|
|
||||||
# Empty string will never match in the database.
|
|
||||||
_ -> ""
|
|
||||||
end
|
|
||||||
|
|
||||||
%{user: user} ->
|
case Account.login(api) |> Repo.transaction() do
|
||||||
user
|
|
||||||
end)
|
|
||||||
|
|
||||||
case Account.login(input) |> Repo.transaction() do
|
|
||||||
{:ok, device} ->
|
{:ok, device} ->
|
||||||
data = %{
|
data = %{
|
||||||
user_id: MatrixServer.get_mxid(device.localpart),
|
user_id: MatrixServer.get_mxid(device.localpart),
|
||||||
|
|
|
@ -81,4 +81,54 @@ defmodule MatrixServerWeb.AuthControllerTest do
|
||||||
assert %{"errcode" => "M_INVALID_USERNAME"} = json_response(conn, 400)
|
assert %{"errcode" => "M_INVALID_USERNAME"} = json_response(conn, 400)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@basic_params %{
|
||||||
|
"type" => "m.login.password",
|
||||||
|
"identifier" => %{
|
||||||
|
"type" => "m.id.user",
|
||||||
|
"user" => "sneed"
|
||||||
|
},
|
||||||
|
"password" => "lemmein"
|
||||||
|
}
|
||||||
|
|
||||||
|
describe "login endpoint" do
|
||||||
|
test "renders the list of login types", %{conn: conn} do
|
||||||
|
conn = get(conn, Routes.auth_path(Endpoint, :login))
|
||||||
|
|
||||||
|
assert %{"flows" => flows} = json_response(conn, 200)
|
||||||
|
assert is_list(flows)
|
||||||
|
end
|
||||||
|
|
||||||
|
test "logs a user in with password and matrix user id", %{conn: conn} do
|
||||||
|
Factory.insert(:account, localpart: "sneed", password_hash: Bcrypt.hash_pwd_salt("lemmein"))
|
||||||
|
conn = post_json(conn, Routes.auth_path(Endpoint, :login), @basic_params)
|
||||||
|
|
||||||
|
assert %{"user_id" => _, "access_token" => _, "device_id" => _} = json_response(conn, 200)
|
||||||
|
|
||||||
|
conn =
|
||||||
|
recycle(conn)
|
||||||
|
|> post_json(Routes.auth_path(Endpoint, :login), %{
|
||||||
|
@basic_params
|
||||||
|
| "identifier" => %{"type" => "m.id.user", "user" => MatrixServer.get_mxid("sneed")}
|
||||||
|
})
|
||||||
|
|
||||||
|
assert %{"user_id" => _, "access_token" => _, "device_id" => _} = json_response(conn, 200)
|
||||||
|
end
|
||||||
|
|
||||||
|
test "handles unknown matrix user id", %{conn: conn} do
|
||||||
|
conn = post_json(conn, Routes.auth_path(Endpoint, :login), @basic_params)
|
||||||
|
|
||||||
|
assert %{"errcode" => "M_FORBIDDEN"} = json_response(conn, 400)
|
||||||
|
end
|
||||||
|
|
||||||
|
test "handles wrong password", %{conn: conn} do
|
||||||
|
Factory.insert(:account, localpart: "sneed", password_hash: Bcrypt.hash_pwd_salt("surprise"))
|
||||||
|
conn = post_json(conn, Routes.auth_path(Endpoint, :login), @basic_params)
|
||||||
|
|
||||||
|
assert %{"errcode" => "M_FORBIDDEN"} = json_response(conn, 400)
|
||||||
|
end
|
||||||
|
|
||||||
|
# TODO: Test display name
|
||||||
|
# TODO: Test device recycling
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue