photoprism/internal/api/session_test.go
Michael Mayer 5d59b50912 Sharing: ACL authorization for REST API #18
Signed-off-by: Michael Mayer <michael@liquidbytes.net>
2020-06-25 14:54:04 +02:00

47 lines
1.6 KiB
Go

package api
import (
"github.com/stretchr/testify/assert"
"github.com/tidwall/gjson"
"net/http"
"testing"
)
func TestCreateSession(t *testing.T) {
t.Run("successful request", func(t *testing.T) {
app, router, _ := NewApiTest()
CreateSession(router)
r := PerformRequestWithBody(app, "POST", "/api/v1/session", `{"username": "admin", "password": "photoprism"}`)
val2 := gjson.Get(r.Body.String(), "user.Email")
assert.Equal(t, "", val2.String())
assert.Equal(t, http.StatusOK, r.Code)
})
t.Run("bad request", func(t *testing.T) {
app, router, _ := NewApiTest()
CreateSession(router)
r := PerformRequestWithBody(app, "POST", "/api/v1/session", `{"username": 123, "password": "xxx"}`)
assert.Equal(t, http.StatusBadRequest, r.Code)
})
t.Run("invalid password", func(t *testing.T) {
app, router, _ := NewApiTest()
CreateSession(router)
r := PerformRequestWithBody(app, "POST", "/api/v1/session", `{"username": "admin", "password": "xxx"}`)
val := gjson.Get(r.Body.String(), "error")
assert.Equal(t, "Invalid user name or password", val.String())
assert.Equal(t, http.StatusBadRequest, r.Code)
})
}
func TestDeleteSession(t *testing.T) {
app, router, _ := NewApiTest()
CreateSession(router)
r := PerformRequestWithBody(app, "POST", "/api/v1/session", `{"username": "admin", "password": "photoprism"}`)
id := gjson.Get(r.Body.String(), "id")
t.Run("successful request", func(t *testing.T) {
app, router, _ := NewApiTest()
DeleteSession(router)
r := PerformRequest(app, "DELETE", "/api/v1/session/"+id.String())
assert.Equal(t, http.StatusOK, r.Code)
})
}