You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

create_no_session_test.go 3.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119
  1. // Copyright 2019 The Gitea Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package integrations
  5. import (
  6. "io/ioutil"
  7. "net/http"
  8. "net/http/httptest"
  9. "os"
  10. "path/filepath"
  11. "testing"
  12. "code.gitea.io/gitea/modules/json"
  13. "code.gitea.io/gitea/modules/setting"
  14. "code.gitea.io/gitea/modules/util"
  15. "code.gitea.io/gitea/routers"
  16. "gitea.com/go-chi/session"
  17. "github.com/stretchr/testify/assert"
  18. )
  19. func getSessionID(t *testing.T, resp *httptest.ResponseRecorder) string {
  20. cookies := resp.Result().Cookies()
  21. found := false
  22. sessionID := ""
  23. for _, cookie := range cookies {
  24. if cookie.Name == setting.SessionConfig.CookieName {
  25. sessionID = cookie.Value
  26. found = true
  27. }
  28. }
  29. assert.True(t, found)
  30. assert.NotEmpty(t, sessionID)
  31. return sessionID
  32. }
  33. func sessionFile(tmpDir, sessionID string) string {
  34. return filepath.Join(tmpDir, sessionID[0:1], sessionID[1:2], sessionID)
  35. }
  36. func sessionFileExist(t *testing.T, tmpDir, sessionID string) bool {
  37. sessionFile := sessionFile(tmpDir, sessionID)
  38. _, err := os.Lstat(sessionFile)
  39. if err != nil {
  40. if os.IsNotExist(err) {
  41. return false
  42. }
  43. assert.NoError(t, err)
  44. }
  45. return true
  46. }
  47. func TestSessionFileCreation(t *testing.T) {
  48. defer prepareTestEnv(t)()
  49. oldSessionConfig := setting.SessionConfig.ProviderConfig
  50. defer func() {
  51. setting.SessionConfig.ProviderConfig = oldSessionConfig
  52. c = routers.NormalRoutes()
  53. }()
  54. var config session.Options
  55. err := json.Unmarshal([]byte(oldSessionConfig), &config)
  56. assert.NoError(t, err)
  57. config.Provider = "file"
  58. // Now create a temporaryDirectory
  59. tmpDir, err := ioutil.TempDir("", "sessions")
  60. assert.NoError(t, err)
  61. defer func() {
  62. if _, err := os.Stat(tmpDir); !os.IsNotExist(err) {
  63. _ = util.RemoveAll(tmpDir)
  64. }
  65. }()
  66. config.ProviderConfig = tmpDir
  67. newConfigBytes, err := json.Marshal(config)
  68. assert.NoError(t, err)
  69. setting.SessionConfig.ProviderConfig = string(newConfigBytes)
  70. c = routers.NormalRoutes()
  71. t.Run("NoSessionOnViewIssue", func(t *testing.T) {
  72. defer PrintCurrentTest(t)()
  73. req := NewRequest(t, "GET", "/user2/repo1/issues/1")
  74. resp := MakeRequest(t, req, http.StatusOK)
  75. sessionID := getSessionID(t, resp)
  76. // We're not logged in so there should be no session
  77. assert.False(t, sessionFileExist(t, tmpDir, sessionID))
  78. })
  79. t.Run("CreateSessionOnLogin", func(t *testing.T) {
  80. defer PrintCurrentTest(t)()
  81. req := NewRequest(t, "GET", "/user/login")
  82. resp := MakeRequest(t, req, http.StatusOK)
  83. sessionID := getSessionID(t, resp)
  84. // We're not logged in so there should be no session
  85. assert.False(t, sessionFileExist(t, tmpDir, sessionID))
  86. doc := NewHTMLParser(t, resp.Body)
  87. req = NewRequestWithValues(t, "POST", "/user/login", map[string]string{
  88. "_csrf": doc.GetCSRF(),
  89. "user_name": "user2",
  90. "password": userPassword,
  91. })
  92. resp = MakeRequest(t, req, http.StatusFound)
  93. sessionID = getSessionID(t, resp)
  94. assert.FileExists(t, sessionFile(tmpDir, sessionID))
  95. })
  96. }