diff options
| author | Zach Berwaldt <zberwaldt@tutamail.com> | 2024-03-07 19:16:07 -0500 |
|---|---|---|
| committer | Zach Berwaldt <zberwaldt@tutamail.com> | 2024-03-07 19:16:07 -0500 |
| commit | 6651daca670664f3de8af9c7bcb74b1e7c6c6be9 (patch) | |
| tree | f1bb35ef8b0e1d498842a17b84c87c6ee996274e /api/cmd/main_test.go | |
| parent | 5fa57845052655883120ba4d19a85d8756fb8d8c (diff) | |
Add CORS middleware and authentication middleware to the API server.
The `setupRouter` function in `main.go` now includes a CORS middleware and a token authentication middleware. The CORS middleware allows cross-origin resource sharing by setting the appropriate response headers. The token authentication middleware checks for the presence of an `Authorization` header with a valid bearer token. If the token is missing or invalid, an unauthorized response is returned.
In addition to these changes, a new test file `main_test.go` has been added to test the `/api/v1/auth` route. This test suite includes two test cases: one for successful authentication and one for failed authentication.
Update go.mod to include new dependencies.
The `go.mod` file has been modified to include two new dependencies: `github.com/spf13/viper` and `github.com/stretchr/testify`.
Ignore go.sum changes.
Ignore changes in the `go.sum` file, as they only include updates to existing dependencies.
Diffstat (limited to 'api/cmd/main_test.go')
| -rw-r--r-- | api/cmd/main_test.go | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/api/cmd/main_test.go b/api/cmd/main_test.go new file mode 100644 index 0000000..8d0df8d --- /dev/null +++ b/api/cmd/main_test.go | |||
| @@ -0,0 +1,56 @@ | |||
| 1 | package main | ||
| 2 | |||
| 3 | import ( | ||
| 4 | "encoding/json" | ||
| 5 | "log" | ||
| 6 | "net/http" | ||
| 7 | "net/http/httptest" | ||
| 8 | "testing" | ||
| 9 | |||
| 10 | "github.com/spf13/viper" | ||
| 11 | "github.com/stretchr/testify/assert" | ||
| 12 | ) | ||
| 13 | |||
| 14 | func getTestUserCredentials() (string, string) { | ||
| 15 | viper.SetConfigName(".env") | ||
| 16 | viper.AddConfigPath(".") | ||
| 17 | err := viper.ReadInConfig() | ||
| 18 | if err != nil { | ||
| 19 | log.Fatalf("Error while reading config file %s", err) | ||
| 20 | } | ||
| 21 | |||
| 22 | testUser := viper.GetString("TEST_USER") | ||
| 23 | testPass := viper.GetString("TEST_PASS") | ||
| 24 | return testUser, testPass | ||
| 25 | } | ||
| 26 | |||
| 27 | func TestAuthRoute(t *testing.T) { | ||
| 28 | router := setupRouter() | ||
| 29 | |||
| 30 | username, password := getTestUserCredentials() | ||
| 31 | |||
| 32 | w := httptest.NewRecorder() | ||
| 33 | req, _ := http.NewRequest("POST", "/api/v1/auth", nil) | ||
| 34 | req.SetBasicAuth(username, password) | ||
| 35 | router.ServeHTTP(w, req) | ||
| 36 | |||
| 37 | assert.Equal(t, http.StatusOK, w.Code, "response should return a 200 code") | ||
| 38 | |||
| 39 | var response map[string]interface{} | ||
| 40 | _ = json.Unmarshal(w.Body.Bytes(), &response) | ||
| 41 | _, exists := response["token"] | ||
| 42 | assert.True(t, exists, "response should return a token") | ||
| 43 | } | ||
| 44 | |||
| 45 | func TestAuthRouteFailure(t *testing.T) { | ||
| 46 | router := setupRouter() | ||
| 47 | |||
| 48 | w := httptest.NewRecorder() | ||
| 49 | req, _ := http.NewRequest("POST", "/api/v1/auth", nil) | ||
| 50 | req.SetBasicAuth("asdf", "asdf") | ||
| 51 | router.ServeHTTP(w, req) | ||
| 52 | |||
| 53 | assert.Equal(t, http.StatusUnauthorized, w.Code, "should return a 401 code") | ||
| 54 | } | ||
| 55 | |||
| 56 | func Test \ No newline at end of file | ||