authelia/internal/session/provider_test.go

package session

import (
	"testing"

	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"
	"github.com/valyala/fasthttp"

	"github.com/authelia/authelia/internal/authentication"
	"github.com/authelia/authelia/internal/configuration/schema"
)

func TestShouldInitializerSession(t *testing.T) {
	ctx := &fasthttp.RequestCtx{}
	configuration := schema.SessionConfiguration{}
	configuration.Domain = testDomain
	configuration.Name = testName
	configuration.Expiration = testExpiration

	provider := NewProvider(configuration, nil)
	session, err := provider.GetSession(ctx)
	require.NoError(t, err)

	assert.Equal(t, NewDefaultUserSession(), session)
}

func TestShouldUpdateSession(t *testing.T) {
	ctx := &fasthttp.RequestCtx{}
	configuration := schema.SessionConfiguration{}
	configuration.Domain = testDomain
	configuration.Name = testName
	configuration.Expiration = testExpiration

	provider := NewProvider(configuration, nil)
	session, _ := provider.GetSession(ctx)

	session.Username = testUsername
	session.AuthenticationLevel = authentication.TwoFactor

	err := provider.SaveSession(ctx, session)
	require.NoError(t, err)

	session, err = provider.GetSession(ctx)
	require.NoError(t, err)

	assert.Equal(t, UserSession{
		Username:            testUsername,
		AuthenticationLevel: authentication.TwoFactor,
	}, session)
}

func TestShouldDestroySessionAndWipeSessionData(t *testing.T) {
	ctx := &fasthttp.RequestCtx{}
	configuration := schema.SessionConfiguration{}
	configuration.Domain = testDomain
	configuration.Name = testName
	configuration.Expiration = testExpiration

	provider := NewProvider(configuration, nil)
	session, err := provider.GetSession(ctx)
	require.NoError(t, err)

	session.Username = testUsername
	session.AuthenticationLevel = authentication.TwoFactor

	err = provider.SaveSession(ctx, session)
	require.NoError(t, err)

	newUserSession, err := provider.GetSession(ctx)
	require.NoError(t, err)
	assert.Equal(t, testUsername, newUserSession.Username)
	assert.Equal(t, authentication.TwoFactor, newUserSession.AuthenticationLevel)

	err = provider.DestroySession(ctx)
	require.NoError(t, err)

	newUserSession, err = provider.GetSession(ctx)
	require.NoError(t, err)
	assert.Equal(t, "", newUserSession.Username)
	assert.Equal(t, authentication.NotAuthenticated, newUserSession.AuthenticationLevel)
}
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00			`package session`

			`import (`
			`"testing"`

			`"github.com/stretchr/testify/assert"`
Disable inactivity timeout when user checked remember me. Instead of checking the value of the cookie expiration we rely on the boolean stored in the user session to check whether inactivity timeout should be disabled. 2020-01-17 22:48:48 +00:00			`"github.com/stretchr/testify/require"`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00			`"github.com/valyala/fasthttp"`

[MISC] Update durations to notation format and housekeeping (#824) * added regulation validator * made regulations find_time and ban_time values duration notation strings * added DefaultRegulationConfiguration for the validator * made session expiration and inactivity values duration notation strings * TOTP period does not need to be converted because adjustment should be discouraged * moved TOTP defaults to DefaultTOTPConfiguration and removed the consts * arranged the root config validator in configuration file order * adjusted tests for the changes * moved duration notation docs to root of configuration * added references to duration notation where applicable * project wide gofmt and goimports: * run gofmt * run goimports -local github.com/authelia/authelia -w on all files * Make jwt_secret error uniform and add tests * now at 100% coverage for internal/configuration/validator/configuration.go 2020-04-05 12:37:21 +00:00			`"github.com/authelia/authelia/internal/authentication"`
Rename org from clems4ever to authelia Also fix references from config.yml to configuration.yml 2019-12-24 02:14:52 +00:00			`"github.com/authelia/authelia/internal/configuration/schema"`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00			`)`

			`func TestShouldInitializerSession(t *testing.T) {`
			`ctx := &fasthttp.RequestCtx{}`
			`configuration := schema.SessionConfiguration{}`
[CI] Add goconst linter (#961) * [CI] Add goconst linter * Implement goconst recommendations * Rename defaultPolicy to denyPolicy * Change order for test constants Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-05-02 16:20:40 +00:00			`configuration.Domain = testDomain`
			`configuration.Name = testName`
			`configuration.Expiration = testExpiration`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00
feat(session): add redis sentinel provider (#1768) * feat(session): add redis sentinel provider * refactor(session): use int for ports as per go standards * refactor(configuration): adjust tests and validation * refactor(configuration): add err format consts * refactor(configuration): explicitly map redis structs * refactor(session): merge redis/redis sentinel providers * refactor(session): add additional checks to redis providers * feat(session): add redis cluster provider * fix: update config for new values * fix: provide nil certpool to affected tests/mocks * test: add additional tests to cover uncovered code * docs: expand explanation of host and nodes relation for redis * ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum * fix(session): sentinel password * test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config * test: make entrypoint.sh executable, fix entrypoint.sh if/elif * test: add redis failover tests * test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging * test: add sentinel integration test * test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep * feat: use sentinel failover cluster * fix: renamed addrs to sentineladdrs upstream * test(session): sentinel failover * test: add redis standard back into testing * test: move redis standalone test to traefik2 * fix/docs: apply suggestions from code review 2021-03-09 23:03:05 +00:00			`provider := NewProvider(configuration, nil)`
Disable inactivity timeout when user checked remember me. Instead of checking the value of the cookie expiration we rely on the boolean stored in the user session to check whether inactivity timeout should be disabled. 2020-01-17 22:48:48 +00:00			`session, err := provider.GetSession(ctx)`
			`require.NoError(t, err)`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00
			`assert.Equal(t, NewDefaultUserSession(), session)`
			`}`

			`func TestShouldUpdateSession(t *testing.T) {`
			`ctx := &fasthttp.RequestCtx{}`
			`configuration := schema.SessionConfiguration{}`
[CI] Add goconst linter (#961) * [CI] Add goconst linter * Implement goconst recommendations * Rename defaultPolicy to denyPolicy * Change order for test constants Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-05-02 16:20:40 +00:00			`configuration.Domain = testDomain`
			`configuration.Name = testName`
			`configuration.Expiration = testExpiration`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00
feat(session): add redis sentinel provider (#1768) * feat(session): add redis sentinel provider * refactor(session): use int for ports as per go standards * refactor(configuration): adjust tests and validation * refactor(configuration): add err format consts * refactor(configuration): explicitly map redis structs * refactor(session): merge redis/redis sentinel providers * refactor(session): add additional checks to redis providers * feat(session): add redis cluster provider * fix: update config for new values * fix: provide nil certpool to affected tests/mocks * test: add additional tests to cover uncovered code * docs: expand explanation of host and nodes relation for redis * ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum * fix(session): sentinel password * test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config * test: make entrypoint.sh executable, fix entrypoint.sh if/elif * test: add redis failover tests * test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging * test: add sentinel integration test * test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep * feat: use sentinel failover cluster * fix: renamed addrs to sentineladdrs upstream * test(session): sentinel failover * test: add redis standard back into testing * test: move redis standalone test to traefik2 * fix/docs: apply suggestions from code review 2021-03-09 23:03:05 +00:00			`provider := NewProvider(configuration, nil)`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00			`session, _ := provider.GetSession(ctx)`

[CI] Add goconst linter (#961) * [CI] Add goconst linter * Implement goconst recommendations * Rename defaultPolicy to denyPolicy * Change order for test constants Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-05-02 16:20:40 +00:00			`session.Username = testUsername`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00			`session.AuthenticationLevel = authentication.TwoFactor`

Disable inactivity timeout when user checked remember me. Instead of checking the value of the cookie expiration we rely on the boolean stored in the user session to check whether inactivity timeout should be disabled. 2020-01-17 22:48:48 +00:00			`err := provider.SaveSession(ctx, session)`
			`require.NoError(t, err)`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00
Disable inactivity timeout when user checked remember me. Instead of checking the value of the cookie expiration we rely on the boolean stored in the user session to check whether inactivity timeout should be disabled. 2020-01-17 22:48:48 +00:00			`session, err = provider.GetSession(ctx)`
			`require.NoError(t, err)`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00
			`assert.Equal(t, UserSession{`
[CI] Add goconst linter (#961) * [CI] Add goconst linter * Implement goconst recommendations * Rename defaultPolicy to denyPolicy * Change order for test constants Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-05-02 16:20:40 +00:00			`Username: testUsername,`
Bootstrap Go implementation of Authelia. This is going to be the v4. Expected improvements: - More reliable due to static typing. - Bump of performance. - Improvement of logging. - Authelia can be shipped as a single binary. - Will likely work on ARM architecture. 2019-04-24 21:52:08 +00:00			`AuthenticationLevel: authentication.TwoFactor,`
			`}, session)`
			`}`
Disable inactivity timeout when user checked remember me. Instead of checking the value of the cookie expiration we rely on the boolean stored in the user session to check whether inactivity timeout should be disabled. 2020-01-17 22:48:48 +00:00
			`func TestShouldDestroySessionAndWipeSessionData(t *testing.T) {`
			`ctx := &fasthttp.RequestCtx{}`
			`configuration := schema.SessionConfiguration{}`
[CI] Add goconst linter (#961) * [CI] Add goconst linter * Implement goconst recommendations * Rename defaultPolicy to denyPolicy * Change order for test constants Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-05-02 16:20:40 +00:00			`configuration.Domain = testDomain`
			`configuration.Name = testName`
			`configuration.Expiration = testExpiration`
Disable inactivity timeout when user checked remember me. Instead of checking the value of the cookie expiration we rely on the boolean stored in the user session to check whether inactivity timeout should be disabled. 2020-01-17 22:48:48 +00:00
feat(session): add redis sentinel provider (#1768) * feat(session): add redis sentinel provider * refactor(session): use int for ports as per go standards * refactor(configuration): adjust tests and validation * refactor(configuration): add err format consts * refactor(configuration): explicitly map redis structs * refactor(session): merge redis/redis sentinel providers * refactor(session): add additional checks to redis providers * feat(session): add redis cluster provider * fix: update config for new values * fix: provide nil certpool to affected tests/mocks * test: add additional tests to cover uncovered code * docs: expand explanation of host and nodes relation for redis * ci: add redis-sentinel to suite highavailability, add redis-sentinel quorum * fix(session): sentinel password * test: use redis alpine library image for redis sentinel, use expose instead of ports, use redis ip, adjust redis ip range, adjust redis config * test: make entrypoint.sh executable, fix entrypoint.sh if/elif * test: add redis failover tests * test: defer docker start, adjust sleep, attempt logout before login, attempt visit before login and tune timeouts, add additional logging * test: add sentinel integration test * test: add secondary node failure to tests, fix password usage, bump test timeout, add sleep * feat: use sentinel failover cluster * fix: renamed addrs to sentineladdrs upstream * test(session): sentinel failover * test: add redis standard back into testing * test: move redis standalone test to traefik2 * fix/docs: apply suggestions from code review 2021-03-09 23:03:05 +00:00			`provider := NewProvider(configuration, nil)`
Disable inactivity timeout when user checked remember me. Instead of checking the value of the cookie expiration we rely on the boolean stored in the user session to check whether inactivity timeout should be disabled. 2020-01-17 22:48:48 +00:00			`session, err := provider.GetSession(ctx)`
			`require.NoError(t, err)`

[CI] Add goconst linter (#961) * [CI] Add goconst linter * Implement goconst recommendations * Rename defaultPolicy to denyPolicy * Change order for test constants Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-05-02 16:20:40 +00:00			`session.Username = testUsername`
Disable inactivity timeout when user checked remember me. Instead of checking the value of the cookie expiration we rely on the boolean stored in the user session to check whether inactivity timeout should be disabled. 2020-01-17 22:48:48 +00:00			`session.AuthenticationLevel = authentication.TwoFactor`

			`err = provider.SaveSession(ctx, session)`
			`require.NoError(t, err)`

			`newUserSession, err := provider.GetSession(ctx)`
			`require.NoError(t, err)`
[CI] Add goconst linter (#961) * [CI] Add goconst linter * Implement goconst recommendations * Rename defaultPolicy to denyPolicy * Change order for test constants Co-authored-by: Clément Michaud <clement.michaud34@gmail.com> 2020-05-02 16:20:40 +00:00			`assert.Equal(t, testUsername, newUserSession.Username)`
Disable inactivity timeout when user checked remember me. Instead of checking the value of the cookie expiration we rely on the boolean stored in the user session to check whether inactivity timeout should be disabled. 2020-01-17 22:48:48 +00:00			`assert.Equal(t, authentication.TwoFactor, newUserSession.AuthenticationLevel)`

			`err = provider.DestroySession(ctx)`
			`require.NoError(t, err)`

			`newUserSession, err = provider.GetSession(ctx)`
			`require.NoError(t, err)`
			`assert.Equal(t, "", newUserSession.Username)`
			`assert.Equal(t, authentication.NotAuthenticated, newUserSession.AuthenticationLevel)`
			`}`