fix #3102: add unit test for authentication
David Norton
Philip O'Toole
parent
8af9e62a5d
commit
3463d906e9
|
|
@ -1003,7 +1003,6 @@ func (s *Store) Authenticate(username, password string) (ui *UserInfo, err error
|
||||||
ui = u
|
ui = u
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// Compare password with user hash.
|
// Compare password with user hash.
|
||||||
if err := bcrypt.CompareHashAndPassword([]byte(u.Hash), []byte(password)); err != nil {
|
if err := bcrypt.CompareHashAndPassword([]byte(u.Hash), []byte(password)); err != nil {
|
||||||
return err
|
return err
|
||||||
|
|
|
||||||
|
|
@ -17,6 +17,7 @@ import (
|
||||||
"github.com/influxdb/influxdb/meta"
|
"github.com/influxdb/influxdb/meta"
|
||||||
"github.com/influxdb/influxdb/tcp"
|
"github.com/influxdb/influxdb/tcp"
|
||||||
"github.com/influxdb/influxdb/toml"
|
"github.com/influxdb/influxdb/toml"
|
||||||
|
"golang.org/x/crypto/bcrypt"
|
||||||
)
|
)
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
|
|
@ -656,6 +657,60 @@ func TestStore_UpdateUser(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Ensure Authentication works.
|
||||||
|
func TestStore_Authentication(t *testing.T) {
|
||||||
|
t.Parallel()
|
||||||
|
|
||||||
|
if testing.Short() {
|
||||||
|
t.SkipNow()
|
||||||
|
}
|
||||||
|
|
||||||
|
s := MustOpenStore()
|
||||||
|
defer s.Close()
|
||||||
|
|
||||||
|
// Set the hash function back to the real thing for this test.
|
||||||
|
oldHashFn := meta.HashPassword
|
||||||
|
meta.HashPassword = func(password string) ([]byte, error) {
|
||||||
|
return bcrypt.GenerateFromPassword([]byte(password), 4)
|
||||||
|
}
|
||||||
|
defer func() { meta.HashPassword = oldHashFn }()
|
||||||
|
|
||||||
|
// Create user.
|
||||||
|
s.CreateUser("susy", "pass", true)
|
||||||
|
|
||||||
|
// Authenticate user.
|
||||||
|
if ui, err := s.Authenticate("susy", "pass"); err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
} else if ui.Name != "susy" {
|
||||||
|
t.Fatalf(`expected "susy", got "%s"`, ui.Name)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Update user's password.
|
||||||
|
s.UpdateUser("susy", "pass2")
|
||||||
|
|
||||||
|
// Make sure authentication with old password does NOT work.
|
||||||
|
if _, err := s.Authenticate("susy", "pass"); err == nil {
|
||||||
|
t.Fatal("expected authentication error")
|
||||||
|
}
|
||||||
|
|
||||||
|
// Authenticate user with new password
|
||||||
|
if ui, err := s.Authenticate("susy", "pass2"); err != nil {
|
||||||
|
t.Fatal(err)
|
||||||
|
} else if ui.Name != "susy" {
|
||||||
|
t.Fatalf(`expected "susy", got "%s"`, ui.Name)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Drop user.
|
||||||
|
s.DropUser("susy")
|
||||||
|
|
||||||
|
// Make sure authentication with both old passwords does NOT work.
|
||||||
|
if _, err := s.Authenticate("susy", "pass"); err == nil {
|
||||||
|
t.Fatal("expected authentication error")
|
||||||
|
} else if _, err := s.Authenticate("susy", "pass2"); err == nil {
|
||||||
|
t.Fatal("expected authentication error")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Ensure the store can return the count of users in it.
|
// Ensure the store can return the count of users in it.
|
||||||
func TestStore_UserCount(t *testing.T) {
|
func TestStore_UserCount(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue