-
Notifications
You must be signed in to change notification settings - Fork 0
/
crdbstore_test.go
159 lines (123 loc) · 4.04 KB
/
crdbstore_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
package crdbstore
import (
"encoding/base64"
"log"
"net/http"
"os"
"testing"
"github.com/gorilla/securecookie"
"github.com/gorilla/sessions"
)
type headerOnlyResponseWriter http.Header
func (ho headerOnlyResponseWriter) Header() http.Header {
return http.Header(ho)
}
func (ho headerOnlyResponseWriter) Write([]byte) (int, error) {
panic("NOIMPL")
}
func (ho headerOnlyResponseWriter) WriteHeader(int) {
panic("NOIMPL")
}
var secret = "EyaC2BPcJtNqU3tjEHy+c+Wmqc1yihYIbUWEl/jk0Ga73kWBclmuSFd9HuJKwJw/Wdsh1XnjY2Bw1HBVph6WOw=="
func TestCrDBStore(t *testing.T) {
dsn := os.Getenv("CRDB_TEST_CONN")
log.Println(dsn)
if dsn == "" {
t.Skip("This test requires a real database.")
}
ss, err := NewCrDBStore(dsn, []byte(secret))
if err != nil {
t.Fatal("Failed to get store", err)
}
defer ss.Close()
// ROUND 1 - Check that the cookie is being saved
req, err := http.NewRequest("GET", "http://www.example.com", nil)
if err != nil {
t.Fatal("failed to create request", err)
}
session, err := ss.Get(req, "mysess")
if err != nil {
t.Fatal("failed to get session", err.Error())
}
session.Values["counter"] = 1
m := make(http.Header)
if err = ss.Save(req, headerOnlyResponseWriter(m), session); err != nil {
t.Fatal("Failed to save session:", err.Error())
}
if m["Set-Cookie"][0][0:6] != "mysess" {
t.Fatal("Cookie wasn't set!")
}
// ROUND 2 - check that the cookie can be retrieved
req, err = http.NewRequest("GET", "http://www.example.com", nil)
if err != nil {
t.Fatal("failed to create round 2 request", err)
}
encoded, err := securecookie.EncodeMulti(session.Name(), session.ID, ss.Codecs...)
if err != nil {
t.Fatal("Failed to make cookie value", err)
}
req.AddCookie(sessions.NewCookie(session.Name(), encoded, session.Options))
session, err = ss.Get(req, "mysess")
if err != nil {
t.Fatal("failed to get round 2 session", err.Error())
}
if session.Values["counter"] != 1 {
t.Fatal("Retrieved session had wrong value:", session.Values["counter"])
}
session.Values["counter"] = 9 // set new value for round 3
if err = ss.Save(req, headerOnlyResponseWriter(m), session); err != nil {
t.Fatal("Failed to save session:", err.Error())
}
// ROUND 2 - check that the cookie has been updated
req, err = http.NewRequest("GET", "http://www.example.com", nil)
if err != nil {
t.Fatal("failed to create round 3 request", err)
}
req.AddCookie(sessions.NewCookie(session.Name(), encoded, session.Options))
session, err = ss.Get(req, "mysess")
if err != nil {
t.Fatal("failed to get session round 3", err.Error())
}
if session.Values["counter"] != 9 {
t.Fatal("Retrieved session had wrong value in round 3:", session.Values["counter"])
}
// ROUND 3 - Increase max length
req, err = http.NewRequest("GET", "http://www.example.com", nil)
if err != nil {
t.Fatal("failed to create round 3 request", err)
}
req.AddCookie(sessions.NewCookie(session.Name(), encoded, session.Options))
session, err = ss.New(req, "my session")
session.Values["big"] = make([]byte, base64.StdEncoding.DecodedLen(4096*2))
if err = ss.Save(req, headerOnlyResponseWriter(m), session); err == nil {
t.Fatal("expected an error, got nil")
}
ss.MaxLength(4096 * 3) // A bit more than the value size to account for encoding overhead.
if err = ss.Save(req, headerOnlyResponseWriter(m), session); err != nil {
t.Fatal("Failed to save session:", err.Error())
}
}
func TestSessionOptionsAreUniquePerSession(t *testing.T) {
dsn := os.Getenv("CRDB_TEST_CONN")
if dsn == "" {
t.Skip("This test requires a real database.")
}
ss, err := NewCrDBStore(dsn, []byte(secret))
if err != nil {
t.Fatal("Failed to get store", err)
}
defer ss.Close()
ss.Options.MaxAge = 900
req, err := http.NewRequest("GET", "http://www.example.com", nil)
if err != nil {
t.Fatal("Failed to create request", err)
}
session, err := ss.Get(req, "newsess")
if err != nil {
t.Fatal("Failed to create session", err)
}
session.Options.MaxAge = -1
if ss.Options.MaxAge != 900 {
t.Fatalf("CrDBStore.Options.MaxAge: expected %d, got %d", 900, ss.Options.MaxAge)
}
}