fix: fix controller tests

2026-05-08 13:28:12 +00:00 · 2026-05-04 20:07:03 +03:00
parent 004df2f852
commit c932817757
6 changed files with 154 additions and 117 deletions
@@ -10,14 +10,14 @@ import (

 	"github.com/gin-gonic/gin"
 	"github.com/pquerna/otp/totp"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	"github.com/tinyauthapp/tinyauth/internal/bootstrap"
-	"github.com/tinyauthapp/tinyauth/internal/config"
 	"github.com/tinyauthapp/tinyauth/internal/controller"
+	"github.com/tinyauthapp/tinyauth/internal/model"
 	"github.com/tinyauthapp/tinyauth/internal/repository"
 	"github.com/tinyauthapp/tinyauth/internal/service"
 	"github.com/tinyauthapp/tinyauth/internal/utils/tlog"
-	"github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/require"
 )

 func TestUserController(t *testing.T) {
@@ -25,7 +25,7 @@ func TestUserController(t *testing.T) {
 	tempDir := t.TempDir()

 	authServiceCfg := service.AuthServiceConfig{
-		Users: []config.User{
+		LocalUsers: []model.LocalUser{
 			{
 				Username: "testuser",
 				Password: "$2a$10$ZwVYQH07JX2zq7Fjkt3gU.BjwvvwPeli4OqOno04RQIv0P7usBrXa", // password
@@ -33,12 +33,12 @@ func TestUserController(t *testing.T) {
 			{
 				Username:   "totpuser",
 				Password:   "$2a$10$ZwVYQH07JX2zq7Fjkt3gU.BjwvvwPeli4OqOno04RQIv0P7usBrXa", // password
-				TotpSecret: "JPIEBDKJH6UGWJMX66RR3S55UFP2SGKK",
+				TOTPSecret: "JPIEBDKJH6UGWJMX66RR3S55UFP2SGKK",
 			},
 			{
 				Username: "attruser",
 				Password: "$2a$10$ZwVYQH07JX2zq7Fjkt3gU.BjwvvwPeli4OqOno04RQIv0P7usBrXa", // password
-				Attributes: config.UserAttributes{
+				Attributes: model.UserAttributes{
 					Name:  "Alice Smith",
 					Email: "alice@example.com",
 				},
@@ -46,8 +46,8 @@ func TestUserController(t *testing.T) {
 			{
 				Username:   "attrtotpuser",
 				Password:   "$2a$10$ZwVYQH07JX2zq7Fjkt3gU.BjwvvwPeli4OqOno04RQIv0P7usBrXa", // password
-				TotpSecret: "JPIEBDKJH6UGWJMX66RR3S55UFP2SGKK",
-				Attributes: config.UserAttributes{
+				TOTPSecret: "JPIEBDKJH6UGWJMX66RR3S55UFP2SGKK",
+				Attributes: model.UserAttributes{
 					Name:  "Bob Jones",
 					Email: "bob@example.com",
 				},
@@ -61,7 +61,54 @@ func TestUserController(t *testing.T) {
 	}

 	userControllerCfg := controller.UserControllerConfig{
-		CookieDomain: "example.com",
+		CookieDomain:      "example.com",
+		SessionCookieName: "tinyauth-session",
+	}
+
+	totpCtx := func(c *gin.Context) {
+		c.Set("context", &model.UserContext{
+			Authenticated: true,
+			Provider:      model.ProviderLocal,
+			Local: &model.LocalContext{
+				BaseContext: model.BaseContext{
+					Username: "totpuser",
+					Name:     "Totpuser",
+					Email:    "totpuser@example.com",
+				},
+				TOTPPending: true,
+				TOTPEnabled: true,
+			},
+		})
+	}
+
+	totpAttrCtx := func(c *gin.Context) {
+		c.Set("context", &model.UserContext{
+			Authenticated: true,
+			Provider:      model.ProviderLocal,
+			Local: &model.LocalContext{
+				BaseContext: model.BaseContext{
+					Username: "attrtotpuser",
+					Name:     "Bob Jones",
+					Email:    "bob@example.com",
+				},
+				TOTPPending: true,
+				TOTPEnabled: true,
+			},
+		})
+	}
+
+	simpleCtx := func(c *gin.Context) {
+		c.Set("context", &model.UserContext{
+			Authenticated: true,
+			Provider:      model.ProviderLocal,
+			Local: &model.LocalContext{
+				BaseContext: model.BaseContext{
+					Username: "testuser",
+					Name:     "Test User",
+					Email:    "testuser@example.com",
+				},
+			},
+		})
 	}

 	type testCase struct {
@@ -188,7 +235,9 @@ func TestUserController(t *testing.T) {
 		},
 		{
 			description: "Should be able to logout",
-			middlewares: []gin.HandlerFunc{},
+			middlewares: []gin.HandlerFunc{
+				simpleCtx,
+			},
 			run: func(t *testing.T, router *gin.Engine, recorder *httptest.ResponseRecorder) {
 				// First login to get a session cookie
 				loginReq := controller.LoginRequest{
@@ -204,9 +253,10 @@ func TestUserController(t *testing.T) {
 				router.ServeHTTP(recorder, req)

 				assert.Equal(t, 200, recorder.Code)
-				assert.Len(t, recorder.Result().Cookies(), 1)
+				cookies := recorder.Result().Cookies()
+				assert.Len(t, cookies, 1)

-				cookie := recorder.Result().Cookies()[0]
+				cookie := cookies[0]
 				assert.Equal(t, "tinyauth-session", cookie.Name)

 				// Now logout using the session cookie
@@ -217,17 +267,20 @@ func TestUserController(t *testing.T) {
 				router.ServeHTTP(recorder, req)

 				assert.Equal(t, 200, recorder.Code)
-				assert.Len(t, recorder.Result().Cookies(), 1)
+				cookies = recorder.Result().Cookies()
+				assert.Len(t, cookies, 1)

-				logoutCookie := recorder.Result().Cookies()[0]
-				assert.Equal(t, "tinyauth-session", logoutCookie.Name)
-				assert.Equal(t, "", logoutCookie.Value)
-				assert.Equal(t, -1, logoutCookie.MaxAge) // MaxAge -1 means delete cookie
+				cookie = cookies[0]
+				assert.Equal(t, "tinyauth-session", cookie.Name)
+				assert.Equal(t, "", cookie.Value)
+				assert.Equal(t, -1, cookie.MaxAge) // MaxAge -1 means delete cookie
 			},
 		},
 		{
 			description: "Should be able to login with totp",
-			middlewares: []gin.HandlerFunc{},
+			middlewares: []gin.HandlerFunc{
+				totpCtx,
+			},
 			run: func(t *testing.T, router *gin.Engine, recorder *httptest.ResponseRecorder) {
 				code, err := totp.GenerateCode("JPIEBDKJH6UGWJMX66RR3S55UFP2SGKK", time.Now())
 				assert.NoError(t, err)
@@ -258,7 +311,9 @@ func TestUserController(t *testing.T) {
 		},
 		{
 			description: "Totp should rate limit on multiple invalid attempts",
-			middlewares: []gin.HandlerFunc{},
+			middlewares: []gin.HandlerFunc{
+				totpCtx,
+			},
 			run: func(t *testing.T, router *gin.Engine, recorder *httptest.ResponseRecorder) {
 				for range 3 {
 					totpReq := controller.TotpRequest{
@@ -328,7 +383,9 @@ func TestUserController(t *testing.T) {
 		},
 		{
 			description: "TOTP completion uses name and email from user attributes",
-			middlewares: []gin.HandlerFunc{},
+			middlewares: []gin.HandlerFunc{
+				totpAttrCtx,
+			},
 			run: func(t *testing.T, router *gin.Engine, recorder *httptest.ResponseRecorder) {
 				code, err := totp.GenerateCode("JPIEBDKJH6UGWJMX66RR3S55UFP2SGKK", time.Now())
 				require.NoError(t, err)
@@ -349,9 +406,9 @@ func TestUserController(t *testing.T) {
 		},
 	}

-	oauthBrokerCfgs := make(map[string]config.OAuthServiceConfig)
+	oauthBrokerCfgs := make(map[string]model.OAuthServiceConfig)

-	app := bootstrap.NewBootstrapApp(config.Config{})
+	app := bootstrap.NewBootstrapApp(model.Config{})

 	db, err := app.SetupDatabase(path.Join(tempDir, "tinyauth.db"))
 	require.NoError(t, err)
@@ -379,33 +436,6 @@ func TestUserController(t *testing.T) {
 		authService.ClearRateLimitsTestingOnly()
 	}

-	setTotpMiddlewareOverrides := map[string]config.UserContext{
-		"Should be able to login with totp": {
-			Username:    "totpuser",
-			Name:        "Totpuser",
-			Email:       "totpuser@example.com",
-			Provider:    "local",
-			TotpPending: true,
-			TotpEnabled: true,
-		},
-		"Totp should rate limit on multiple invalid attempts": {
-			Username:    "totpuser",
-			Name:        "Totpuser",
-			Email:       "totpuser@example.com",
-			Provider:    "local",
-			TotpPending: true,
-			TotpEnabled: true,
-		},
-		"TOTP completion uses name and email from user attributes": {
-			Username:    "attrtotpuser",
-			Name:        "Bob Jones",
-			Email:       "bob@example.com",
-			Provider:    "local",
-			TotpPending: true,
-			TotpEnabled: true,
-		},
-	}
-
 	for _, test := range tests {
 		beforeEach()
 		t.Run(test.description, func(t *testing.T) {
@@ -415,15 +445,6 @@ func TestUserController(t *testing.T) {
 				router.Use(middleware)
 			}

-			// Gin is stupid and doesn't allow setting a middleware after the groups
-			// so we need to do some stupid overrides here
-			if ctx, ok := setTotpMiddlewareOverrides[test.description]; ok {
-				ctx := ctx
-				router.Use(func(c *gin.Context) {
-					c.Set("context", &ctx)
-				})
-			}
-
 			group := router.Group("/api")
 			gin.SetMode(gin.TestMode)