138 lines
3.4 KiB
Rust
138 lines
3.4 KiB
Rust
// Auth tests
|
|
// Supported by both HTTP and WS protocols
|
|
|
|
#[tokio::test]
|
|
async fn invalidate() {
|
|
let db = new_db().await;
|
|
db.use_ns(NS).use_db(Ulid::new().to_string()).await.unwrap();
|
|
db.invalidate().await.unwrap();
|
|
let error = db.create::<Option<RecordId>>(("user", "john")).await.unwrap_err();
|
|
assert!(error.to_string().contains("You don't have permission to perform this query type"));
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn signup_scope() {
|
|
let db = new_db().await;
|
|
let database = Ulid::new().to_string();
|
|
db.use_ns(NS).use_db(&database).await.unwrap();
|
|
let scope = Ulid::new().to_string();
|
|
let sql = format!(
|
|
"
|
|
DEFINE SCOPE {scope} SESSION 1s
|
|
SIGNUP ( CREATE user SET email = $email, pass = crypto::argon2::generate($pass) )
|
|
SIGNIN ( SELECT * FROM user WHERE email = $email AND crypto::argon2::compare(pass, $pass) )
|
|
"
|
|
);
|
|
let response = db.query(sql).await.unwrap();
|
|
response.check().unwrap();
|
|
db.signup(Scope {
|
|
namespace: NS,
|
|
database: &database,
|
|
scope: &scope,
|
|
params: AuthParams {
|
|
email: "john.doe@example.com",
|
|
pass: "password123",
|
|
},
|
|
})
|
|
.await
|
|
.unwrap();
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn signin_ns() {
|
|
let db = new_db().await;
|
|
db.use_ns(NS).use_db(Ulid::new().to_string()).await.unwrap();
|
|
let user = Ulid::new().to_string();
|
|
let pass = "password123";
|
|
let sql = format!("DEFINE LOGIN {user} ON NAMESPACE PASSWORD '{pass}'");
|
|
let response = db.query(sql).await.unwrap();
|
|
response.check().unwrap();
|
|
db.signin(Namespace {
|
|
namespace: NS,
|
|
username: &user,
|
|
password: pass,
|
|
})
|
|
.await
|
|
.unwrap();
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn signin_db() {
|
|
let db = new_db().await;
|
|
let database = Ulid::new().to_string();
|
|
db.use_ns(NS).use_db(&database).await.unwrap();
|
|
let user = Ulid::new().to_string();
|
|
let pass = "password123";
|
|
let sql = format!("DEFINE LOGIN {user} ON DATABASE PASSWORD '{pass}'");
|
|
let response = db.query(sql).await.unwrap();
|
|
response.check().unwrap();
|
|
db.signin(Database {
|
|
namespace: NS,
|
|
database: &database,
|
|
username: &user,
|
|
password: pass,
|
|
})
|
|
.await
|
|
.unwrap();
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn signin_scope() {
|
|
let db = new_db().await;
|
|
let database = Ulid::new().to_string();
|
|
db.use_ns(NS).use_db(&database).await.unwrap();
|
|
let scope = Ulid::new().to_string();
|
|
let email = format!("{scope}@example.com");
|
|
let pass = "password123";
|
|
let sql = format!(
|
|
"
|
|
DEFINE SCOPE {scope} SESSION 1s
|
|
SIGNUP ( CREATE user SET email = $email, pass = crypto::argon2::generate($pass) )
|
|
SIGNIN ( SELECT * FROM user WHERE email = $email AND crypto::argon2::compare(pass, $pass) )
|
|
"
|
|
);
|
|
let response = db.query(sql).await.unwrap();
|
|
response.check().unwrap();
|
|
db.signup(Scope {
|
|
namespace: NS,
|
|
database: &database,
|
|
scope: &scope,
|
|
params: AuthParams {
|
|
pass,
|
|
email: &email,
|
|
},
|
|
})
|
|
.await
|
|
.unwrap();
|
|
db.signin(Scope {
|
|
namespace: NS,
|
|
database: &database,
|
|
scope: &scope,
|
|
params: AuthParams {
|
|
pass,
|
|
email: &email,
|
|
},
|
|
})
|
|
.await
|
|
.unwrap();
|
|
}
|
|
|
|
#[tokio::test]
|
|
async fn authenticate() {
|
|
let db = new_db().await;
|
|
db.use_ns(NS).use_db(Ulid::new().to_string()).await.unwrap();
|
|
let user = Ulid::new().to_string();
|
|
let pass = "password123";
|
|
let sql = format!("DEFINE LOGIN {user} ON NAMESPACE PASSWORD '{pass}'");
|
|
let response = db.query(sql).await.unwrap();
|
|
response.check().unwrap();
|
|
let token = db
|
|
.signin(Namespace {
|
|
namespace: NS,
|
|
username: &user,
|
|
password: pass,
|
|
})
|
|
.await
|
|
.unwrap();
|
|
db.authenticate(token).await.unwrap();
|
|
}
|