diff options
author | 6543 <6543@obermui.de> | 2020-04-13 21:02:48 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-04-13 22:02:48 +0300 |
commit | ad5c43ae5d90dc92a5ce173894c72b5f6c248bc0 (patch) | |
tree | 7e19d9bd69dc739190d6c5f8cbead58a34c4b85e /integrations | |
parent | 980ef242519ff02d7c66f7ceac5b7d731bb9c1ec (diff) | |
download | gitea-ad5c43ae5d90dc92a5ce173894c72b5f6c248bc0.tar.gz gitea-ad5c43ae5d90dc92a5ce173894c72b5f6c248bc0.zip |
Reject duplicate AccessToken names (#10994)
* make sure duplicate token names cannot be used
* add check to api routes too
* add @lunny s suggestion
* fix & don't forget User.ID
* AccessTokenByNameExists() return error too
* unique token for each test
* fix lint
Signed-off-by: 6543 <6543@obermui.de>
Co-authored-by: Lanre Adelowo <yo@lanre.wtf>
Diffstat (limited to 'integrations')
-rw-r--r-- | integrations/integration_test.go | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/integrations/integration_test.go b/integrations/integration_test.go index 138d751859..c6a4169751 100644 --- a/integrations/integration_test.go +++ b/integrations/integration_test.go @@ -330,14 +330,18 @@ func loginUserWithPassword(t testing.TB, userName, password string) *TestSession return session } +//token has to be unique this counter take care of +var tokenCounter int64 + func getTokenForLoggedInUser(t testing.TB, session *TestSession) string { t.Helper() + tokenCounter++ req := NewRequest(t, "GET", "/user/settings/applications") resp := session.MakeRequest(t, req, http.StatusOK) doc := NewHTMLParser(t, resp.Body) req = NewRequestWithValues(t, "POST", "/user/settings/applications", map[string]string{ "_csrf": doc.GetCSRF(), - "name": "api-testing-token", + "name": fmt.Sprintf("api-testing-token-%d", tokenCounter), }) resp = session.MakeRequest(t, req, http.StatusFound) req = NewRequest(t, "GET", "/user/settings/applications") |