mirror of
https://github.com/AdguardTeam/AdGuardHome.git
synced 2024-11-17 19:08:25 -07:00
e8c1f5c8d3
Merge in DNS/adguard-home from 2508-ip-conversion to master Updates #2508. Squashed commit of the following: commit 3f64709fbc73ef74c11b910997be1e9bc337193c Merge: 5ac7faaaa0d67aa251Author: Eugene Burkov <e.burkov@adguard.com> Date: Wed Jan 13 16:21:34 2021 +0300 Merge branch 'master' into 2508-ip-conversion commit 5ac7faaaa9dda570fdb872acad5d13d078f46b64 Author: Eugene Burkov <e.burkov@adguard.com> Date: Wed Jan 13 12:00:11 2021 +0300 all: replace conditions with appropriate functions in tests commit 9e3fa9a115ed23024c57dd5192d5173477ddbf71 Merge: db992a42abba74859eAuthor: Eugene Burkov <e.burkov@adguard.com> Date: Wed Jan 13 10:47:10 2021 +0300 Merge branch 'master' into 2508-ip-conversion commit db992a42a2c6f315421e78a6a0492e2bfb3ce89d Author: Eugene Burkov <e.burkov@adguard.com> Date: Tue Jan 12 18:55:53 2021 +0300 sysutil: fix linux tests commit f629b15d62349323ce2da05e68dc9cc0b5f6e194 Author: Eugene Burkov <e.burkov@adguard.com> Date: Tue Jan 12 18:41:20 2021 +0300 all: improve code quality commit 3bf03a75524040738562298bd1de6db536af130f Author: Eugene Burkov <e.burkov@adguard.com> Date: Tue Jan 12 17:33:26 2021 +0300 sysutil: fix linux net.IP conversion commit 5d5b6994916923636e635588631b63b7e7b74e5f Author: Eugene Burkov <e.burkov@adguard.com> Date: Tue Jan 12 14:57:26 2021 +0300 dnsforward: remove redundant net.IP <-> string conversion commit 0b955d99b7fad40942f21d1dd8734adb99126195 Author: Eugene Burkov <e.burkov@adguard.com> Date: Mon Jan 11 18:04:25 2021 +0300 dhcpd: remove net.IP <-> string conversion
187 lines
4.3 KiB
Go
187 lines
4.3 KiB
Go
package home
|
|
|
|
import (
|
|
"encoding/hex"
|
|
"net/http"
|
|
"net/url"
|
|
"os"
|
|
"path/filepath"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/AdguardTeam/AdGuardHome/internal/testutil"
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestMain(m *testing.M) {
|
|
testutil.DiscardLogOutput(m)
|
|
}
|
|
|
|
func prepareTestDir() string {
|
|
const dir = "./agh-test"
|
|
_ = os.RemoveAll(dir)
|
|
_ = os.MkdirAll(dir, 0o755)
|
|
return dir
|
|
}
|
|
|
|
func TestAuth(t *testing.T) {
|
|
dir := prepareTestDir()
|
|
defer func() { _ = os.RemoveAll(dir) }()
|
|
fn := filepath.Join(dir, "sessions.db")
|
|
|
|
users := []User{
|
|
{Name: "name", PasswordHash: "$2y$05$..vyzAECIhJPfaQiOK17IukcQnqEgKJHy0iETyYqxn3YXJl8yZuo2"},
|
|
}
|
|
a := InitAuth(fn, nil, 60)
|
|
s := session{}
|
|
|
|
user := User{Name: "name"}
|
|
a.UserAdd(&user, "password")
|
|
|
|
assert.Equal(t, checkSessionNotFound, a.checkSession("notfound"))
|
|
a.RemoveSession("notfound")
|
|
|
|
sess, err := getSession(&users[0])
|
|
assert.Nil(t, err)
|
|
sessStr := hex.EncodeToString(sess)
|
|
|
|
now := time.Now().UTC().Unix()
|
|
// check expiration
|
|
s.expire = uint32(now)
|
|
a.addSession(sess, &s)
|
|
assert.Equal(t, checkSessionExpired, a.checkSession(sessStr))
|
|
|
|
// add session with TTL = 2 sec
|
|
s = session{}
|
|
s.expire = uint32(time.Now().UTC().Unix() + 2)
|
|
a.addSession(sess, &s)
|
|
assert.Equal(t, checkSessionOK, a.checkSession(sessStr))
|
|
|
|
a.Close()
|
|
|
|
// load saved session
|
|
a = InitAuth(fn, users, 60)
|
|
|
|
// the session is still alive
|
|
assert.Equal(t, checkSessionOK, a.checkSession(sessStr))
|
|
// reset our expiration time because checkSession() has just updated it
|
|
s.expire = uint32(time.Now().UTC().Unix() + 2)
|
|
a.storeSession(sess, &s)
|
|
a.Close()
|
|
|
|
u := a.UserFind("name", "password")
|
|
assert.NotEmpty(t, u.Name)
|
|
|
|
time.Sleep(3 * time.Second)
|
|
|
|
// load and remove expired sessions
|
|
a = InitAuth(fn, users, 60)
|
|
assert.Equal(t, checkSessionNotFound, a.checkSession(sessStr))
|
|
|
|
a.Close()
|
|
os.Remove(fn)
|
|
}
|
|
|
|
// implements http.ResponseWriter
|
|
type testResponseWriter struct {
|
|
hdr http.Header
|
|
statusCode int
|
|
}
|
|
|
|
func (w *testResponseWriter) Header() http.Header {
|
|
return w.hdr
|
|
}
|
|
|
|
func (w *testResponseWriter) Write([]byte) (int, error) {
|
|
return 0, nil
|
|
}
|
|
|
|
func (w *testResponseWriter) WriteHeader(statusCode int) {
|
|
w.statusCode = statusCode
|
|
}
|
|
|
|
func TestAuthHTTP(t *testing.T) {
|
|
dir := prepareTestDir()
|
|
defer func() { _ = os.RemoveAll(dir) }()
|
|
fn := filepath.Join(dir, "sessions.db")
|
|
|
|
users := []User{
|
|
{Name: "name", PasswordHash: "$2y$05$..vyzAECIhJPfaQiOK17IukcQnqEgKJHy0iETyYqxn3YXJl8yZuo2"},
|
|
}
|
|
Context.auth = InitAuth(fn, users, 60)
|
|
|
|
handlerCalled := false
|
|
handler := func(_ http.ResponseWriter, _ *http.Request) {
|
|
handlerCalled = true
|
|
}
|
|
handler2 := optionalAuth(handler)
|
|
w := testResponseWriter{}
|
|
w.hdr = make(http.Header)
|
|
r := http.Request{}
|
|
r.Header = make(http.Header)
|
|
r.Method = "GET"
|
|
|
|
// get / - we're redirected to login page
|
|
r.URL = &url.URL{Path: "/"}
|
|
handlerCalled = false
|
|
handler2(&w, &r)
|
|
assert.Equal(t, http.StatusFound, w.statusCode)
|
|
assert.NotEmpty(t, w.hdr.Get("Location"))
|
|
assert.False(t, handlerCalled)
|
|
|
|
// go to login page
|
|
loginURL := w.hdr.Get("Location")
|
|
r.URL = &url.URL{Path: loginURL}
|
|
handlerCalled = false
|
|
handler2(&w, &r)
|
|
assert.True(t, handlerCalled)
|
|
|
|
// perform login
|
|
cookie, err := Context.auth.httpCookie(loginJSON{Name: "name", Password: "password"})
|
|
assert.Nil(t, err)
|
|
assert.NotEmpty(t, cookie)
|
|
|
|
// get /
|
|
handler2 = optionalAuth(handler)
|
|
w.hdr = make(http.Header)
|
|
r.Header.Set("Cookie", cookie)
|
|
r.URL = &url.URL{Path: "/"}
|
|
handlerCalled = false
|
|
handler2(&w, &r)
|
|
assert.True(t, handlerCalled)
|
|
r.Header.Del("Cookie")
|
|
|
|
// get / with basic auth
|
|
handler2 = optionalAuth(handler)
|
|
w.hdr = make(http.Header)
|
|
r.URL = &url.URL{Path: "/"}
|
|
r.SetBasicAuth("name", "password")
|
|
handlerCalled = false
|
|
handler2(&w, &r)
|
|
assert.True(t, handlerCalled)
|
|
r.Header.Del("Authorization")
|
|
|
|
// get login page with a valid cookie - we're redirected to /
|
|
handler2 = optionalAuth(handler)
|
|
w.hdr = make(http.Header)
|
|
r.Header.Set("Cookie", cookie)
|
|
r.URL = &url.URL{Path: loginURL}
|
|
handlerCalled = false
|
|
handler2(&w, &r)
|
|
assert.NotEmpty(t, w.hdr.Get("Location"))
|
|
assert.False(t, handlerCalled)
|
|
r.Header.Del("Cookie")
|
|
|
|
// get login page with an invalid cookie
|
|
handler2 = optionalAuth(handler)
|
|
w.hdr = make(http.Header)
|
|
r.Header.Set("Cookie", "bad")
|
|
r.URL = &url.URL{Path: loginURL}
|
|
handlerCalled = false
|
|
handler2(&w, &r)
|
|
assert.True(t, handlerCalled)
|
|
r.Header.Del("Cookie")
|
|
|
|
Context.auth.Close()
|
|
}
|