dec6f80d2b
What hash is used to store the password should ideally be an implementation detail, so that every user of the GUIConfiguration object automatically agrees on how to handle it. That is currently distribututed over the confighandler.go and api_auth.go files, plus tests. Add the SetHasedPassword() / CompareHashedPassword() API to keep the hashing method encapsulated. Add a separate test for it and adjust other users and tests. Remove all deprecated imports of the bcrypt package.
48 lines
897 B
Go
48 lines
897 B
Go
// Copyright (C) 2014 The Syncthing Authors.
|
|
//
|
|
// This Source Code Form is subject to the terms of the Mozilla Public
|
|
// License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
|
// You can obtain one at https://mozilla.org/MPL/2.0/.
|
|
|
|
package api
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/syncthing/syncthing/lib/config"
|
|
)
|
|
|
|
var guiCfg config.GUIConfiguration
|
|
|
|
func init() {
|
|
guiCfg.User = "user"
|
|
guiCfg.HashAndSetPassword("pass")
|
|
}
|
|
|
|
func TestStaticAuthOK(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
ok := authStatic("user", "pass", guiCfg)
|
|
if !ok {
|
|
t.Fatalf("should pass auth")
|
|
}
|
|
}
|
|
|
|
func TestSimpleAuthUsernameFail(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
ok := authStatic("userWRONG", "pass", guiCfg)
|
|
if ok {
|
|
t.Fatalf("should fail auth")
|
|
}
|
|
}
|
|
|
|
func TestStaticAuthPasswordFail(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
ok := authStatic("user", "passWRONG", guiCfg)
|
|
if ok {
|
|
t.Fatalf("should fail auth")
|
|
}
|
|
}
|