livebook/test/livebook_web/plugs/auth_plug_test.exs

defmodule LivebookWeb.AuthPlugTest do
  use LivebookWeb.ConnCase, async: false

  setup context do
    {type, value} =
      cond do
        token = context[:token] -> {:token, token}
        password = context[:password] -> {:password, password}
        true -> {:disabled, ""}
      end

    unless type == :disabled do
      Application.put_env(:livebook, :authentication_mode, type)
      Application.put_env(:livebook, type, value)

      on_exit(fn ->
        Application.put_env(:livebook, :authentication_mode, :disabled)
        Application.delete_env(:livebook, type)
      end)
    end

    :ok
  end

  describe "token authentication" do
    test "skips authentication when no token is configured", %{conn: conn} do
      conn = get(conn, "/")

      assert conn.status == 200
      assert conn.resp_body =~ "New notebook"
    end

    @tag token: "grumpycat"
    test "returns authentication error when token is set and none provided", %{conn: conn} do
      {_, _, resp_body} =
        assert_error_sent 401, fn ->
          get(conn, "/")
        end

      assert resp_body =~ "Authentication required"
    end

    @tag token: "grumpycat"
    test "redirects to the same path when valid token is provided in query params", %{conn: conn} do
      conn = get(conn, "/?token=grumpycat")

      assert redirected_to(conn) == "/"
    end

    @tag token: "grumpycat"
    test "returns authentication error when invalid token is provided in query params",
         %{conn: conn} do
      {_, _, resp_body} =
        assert_error_sent 401, fn ->
          get(conn, "/?token=invalid")
        end

      assert resp_body =~ "Authentication required"
    end

    @tag token: "grumpycat"
    test "persists authentication across requests", %{conn: conn} do
      conn = get(conn, "/?token=grumpycat")
      assert get_session(conn, "80:token")

      conn = get(conn, "/")
      assert conn.status == 200
      assert conn.resp_body =~ "New notebook"
    end
  end

  describe "password authentication" do
    test "redirects to '/' if no authentication is required", %{conn: conn} do
      conn = get(conn, "/authenticate")
      assert redirected_to(conn) == "/"
    end

    @tag password: "grumpycat"
    test "redirects to '/authenticate' if not authenticated", %{conn: conn} do
      conn = get(conn, "/")
      assert redirected_to(conn) == "/authenticate"
    end

    @tag password: "grumpycat"
    test "redirects to '/' on valid authentication", %{conn: conn} do
      conn = post(conn, Routes.auth_path(conn, :authenticate), password: "grumpycat")
      assert redirected_to(conn) == "/"

      conn = get(conn, "/")
      assert html_response(conn, 200) =~ "New notebook"
    end

    @tag password: "grumpycat"
    test "redirects back to '/authenticate' on invalid password", %{conn: conn} do
      conn = post(conn, Routes.auth_path(conn, :authenticate), password: "invalid password")
      assert html_response(conn, 200) =~ "Authentication required"

      conn = get(conn, "/")
      assert redirected_to(conn) == "/authenticate"
    end

    @tag password: "grumpycat"
    test "persists authentication across requests", %{conn: conn} do
      conn = post(conn, Routes.auth_path(conn, :authenticate), password: "grumpycat")
      assert get_session(conn, "80:password")

      conn = get(conn, "/")
      assert conn.status == 200
      assert conn.resp_body =~ "New notebook"

      conn = get(conn, "/authenticate")
      assert redirected_to(conn) == "/"
    end
  end
end
Introduce token auth and add basic cli configuration (#148) * Add token authentication * Restructure CLI * Allow port configuration * Further refactoring * Make sure livebook node starts with unique name * Improve startup error handling * Further refactoring * Add authentication tests * Add authentication view for entering the token * Fix auth tests * Always use random Livebook name for distribution * Don't enable ANSI on Windows * Define CLI Task behaviour and move generic logic to the main module * Generalize convertion from cli arguments to configuration * Randomly generate secret key base * Update test/livebook_web/plugs/auth_plug_test.exs Co-authored-by: José Valim <jose.valim@dashbit.co> * Override app config in persistent manner * Update lib/litebook_cli.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Move auth error to ErrorView * Unify node name configuration and allow it via CLI * Set all applications configs at once * Move token generation to application.ex to work outside CLI * Clean up overriding configuration * Store auth token in separate cookies * Update lib/livebook_cli/server.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/endpoint.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/plugs/auth_plug.ex Co-authored-by: José Valim <jose.valim@dashbit.co> Co-authored-by: José Valim <jose.valim@dashbit.co> 2021-04-08 17:41:52 +08:00			`defmodule LivebookWeb.AuthPlugTest do`
			`use LivebookWeb.ConnCase, async: false`

			`setup context do`
Password access (#187) 2021-04-15 20:15:56 +08:00			`{type, value} =`
			`cond do`
			`token = context[:token] -> {:token, token}`
			`password = context[:password] -> {:password, password}`
			`true -> {:disabled, ""}`
			`end`

			`unless type == :disabled do`
			`Application.put_env(:livebook, :authentication_mode, type)`
			`Application.put_env(:livebook, type, value)`
Introduce token auth and add basic cli configuration (#148) * Add token authentication * Restructure CLI * Allow port configuration * Further refactoring * Make sure livebook node starts with unique name * Improve startup error handling * Further refactoring * Add authentication tests * Add authentication view for entering the token * Fix auth tests * Always use random Livebook name for distribution * Don't enable ANSI on Windows * Define CLI Task behaviour and move generic logic to the main module * Generalize convertion from cli arguments to configuration * Randomly generate secret key base * Update test/livebook_web/plugs/auth_plug_test.exs Co-authored-by: José Valim <jose.valim@dashbit.co> * Override app config in persistent manner * Update lib/litebook_cli.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Move auth error to ErrorView * Unify node name configuration and allow it via CLI * Set all applications configs at once * Move token generation to application.ex to work outside CLI * Clean up overriding configuration * Store auth token in separate cookies * Update lib/livebook_cli/server.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/endpoint.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/plugs/auth_plug.ex Co-authored-by: José Valim <jose.valim@dashbit.co> Co-authored-by: José Valim <jose.valim@dashbit.co> 2021-04-08 17:41:52 +08:00
			`on_exit(fn ->`
Password access (#187) 2021-04-15 20:15:56 +08:00			`Application.put_env(:livebook, :authentication_mode, :disabled)`
			`Application.delete_env(:livebook, type)`
Introduce token auth and add basic cli configuration (#148) * Add token authentication * Restructure CLI * Allow port configuration * Further refactoring * Make sure livebook node starts with unique name * Improve startup error handling * Further refactoring * Add authentication tests * Add authentication view for entering the token * Fix auth tests * Always use random Livebook name for distribution * Don't enable ANSI on Windows * Define CLI Task behaviour and move generic logic to the main module * Generalize convertion from cli arguments to configuration * Randomly generate secret key base * Update test/livebook_web/plugs/auth_plug_test.exs Co-authored-by: José Valim <jose.valim@dashbit.co> * Override app config in persistent manner * Update lib/litebook_cli.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Move auth error to ErrorView * Unify node name configuration and allow it via CLI * Set all applications configs at once * Move token generation to application.ex to work outside CLI * Clean up overriding configuration * Store auth token in separate cookies * Update lib/livebook_cli/server.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/endpoint.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/plugs/auth_plug.ex Co-authored-by: José Valim <jose.valim@dashbit.co> Co-authored-by: José Valim <jose.valim@dashbit.co> 2021-04-08 17:41:52 +08:00			`end)`
			`end`

			`:ok`
			`end`

			`describe "token authentication" do`
			`test "skips authentication when no token is configured", %{conn: conn} do`
			`conn = get(conn, "/")`

			`assert conn.status == 200`
			`assert conn.resp_body =~ "New notebook"`
			`end`

			`@tag token: "grumpycat"`
			`test "returns authentication error when token is set and none provided", %{conn: conn} do`
			`{_, _, resp_body} =`
			`assert_error_sent 401, fn ->`
			`get(conn, "/")`
			`end`

			`assert resp_body =~ "Authentication required"`
			`end`

			`@tag token: "grumpycat"`
			`test "redirects to the same path when valid token is provided in query params", %{conn: conn} do`
			`conn = get(conn, "/?token=grumpycat")`

			`assert redirected_to(conn) == "/"`
			`end`

			`@tag token: "grumpycat"`
			`test "returns authentication error when invalid token is provided in query params",`
			`%{conn: conn} do`
			`{_, _, resp_body} =`
			`assert_error_sent 401, fn ->`
			`get(conn, "/?token=invalid")`
			`end`

			`assert resp_body =~ "Authentication required"`
			`end`

			`@tag token: "grumpycat"`
Unify env variables and change auth to use session (#195) 2021-04-15 21:50:29 +08:00			`test "persists authentication across requests", %{conn: conn} do`
Introduce token auth and add basic cli configuration (#148) * Add token authentication * Restructure CLI * Allow port configuration * Further refactoring * Make sure livebook node starts with unique name * Improve startup error handling * Further refactoring * Add authentication tests * Add authentication view for entering the token * Fix auth tests * Always use random Livebook name for distribution * Don't enable ANSI on Windows * Define CLI Task behaviour and move generic logic to the main module * Generalize convertion from cli arguments to configuration * Randomly generate secret key base * Update test/livebook_web/plugs/auth_plug_test.exs Co-authored-by: José Valim <jose.valim@dashbit.co> * Override app config in persistent manner * Update lib/litebook_cli.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Move auth error to ErrorView * Unify node name configuration and allow it via CLI * Set all applications configs at once * Move token generation to application.ex to work outside CLI * Clean up overriding configuration * Store auth token in separate cookies * Update lib/livebook_cli/server.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/endpoint.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/plugs/auth_plug.ex Co-authored-by: José Valim <jose.valim@dashbit.co> Co-authored-by: José Valim <jose.valim@dashbit.co> 2021-04-08 17:41:52 +08:00			`conn = get(conn, "/?token=grumpycat")`
Unify env variables and change auth to use session (#195) 2021-04-15 21:50:29 +08:00			`assert get_session(conn, "80:token")`
Introduce token auth and add basic cli configuration (#148) * Add token authentication * Restructure CLI * Allow port configuration * Further refactoring * Make sure livebook node starts with unique name * Improve startup error handling * Further refactoring * Add authentication tests * Add authentication view for entering the token * Fix auth tests * Always use random Livebook name for distribution * Don't enable ANSI on Windows * Define CLI Task behaviour and move generic logic to the main module * Generalize convertion from cli arguments to configuration * Randomly generate secret key base * Update test/livebook_web/plugs/auth_plug_test.exs Co-authored-by: José Valim <jose.valim@dashbit.co> * Override app config in persistent manner * Update lib/litebook_cli.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Move auth error to ErrorView * Unify node name configuration and allow it via CLI * Set all applications configs at once * Move token generation to application.ex to work outside CLI * Clean up overriding configuration * Store auth token in separate cookies * Update lib/livebook_cli/server.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/endpoint.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/plugs/auth_plug.ex Co-authored-by: José Valim <jose.valim@dashbit.co> Co-authored-by: José Valim <jose.valim@dashbit.co> 2021-04-08 17:41:52 +08:00
Unify env variables and change auth to use session (#195) 2021-04-15 21:50:29 +08:00			`conn = get(conn, "/")`
Introduce token auth and add basic cli configuration (#148) * Add token authentication * Restructure CLI * Allow port configuration * Further refactoring * Make sure livebook node starts with unique name * Improve startup error handling * Further refactoring * Add authentication tests * Add authentication view for entering the token * Fix auth tests * Always use random Livebook name for distribution * Don't enable ANSI on Windows * Define CLI Task behaviour and move generic logic to the main module * Generalize convertion from cli arguments to configuration * Randomly generate secret key base * Update test/livebook_web/plugs/auth_plug_test.exs Co-authored-by: José Valim <jose.valim@dashbit.co> * Override app config in persistent manner * Update lib/litebook_cli.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Move auth error to ErrorView * Unify node name configuration and allow it via CLI * Set all applications configs at once * Move token generation to application.ex to work outside CLI * Clean up overriding configuration * Store auth token in separate cookies * Update lib/livebook_cli/server.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/endpoint.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/plugs/auth_plug.ex Co-authored-by: José Valim <jose.valim@dashbit.co> Co-authored-by: José Valim <jose.valim@dashbit.co> 2021-04-08 17:41:52 +08:00			`assert conn.status == 200`
			`assert conn.resp_body =~ "New notebook"`
			`end`
			`end`
Password access (#187) 2021-04-15 20:15:56 +08:00
			`describe "password authentication" do`
Unify env variables and change auth to use session (#195) 2021-04-15 21:50:29 +08:00			`test "redirects to '/' if no authentication is required", %{conn: conn} do`
			`conn = get(conn, "/authenticate")`
			`assert redirected_to(conn) == "/"`
			`end`

Password access (#187) 2021-04-15 20:15:56 +08:00			`@tag password: "grumpycat"`
Unify env variables and change auth to use session (#195) 2021-04-15 21:50:29 +08:00			`test "redirects to '/authenticate' if not authenticated", %{conn: conn} do`
Password access (#187) 2021-04-15 20:15:56 +08:00			`conn = get(conn, "/")`
			`assert redirected_to(conn) == "/authenticate"`
			`end`

			`@tag password: "grumpycat"`
			`test "redirects to '/' on valid authentication", %{conn: conn} do`
			`conn = post(conn, Routes.auth_path(conn, :authenticate), password: "grumpycat")`
			`assert redirected_to(conn) == "/"`

			`conn = get(conn, "/")`
			`assert html_response(conn, 200) =~ "New notebook"`
			`end`

			`@tag password: "grumpycat"`
			`test "redirects back to '/authenticate' on invalid password", %{conn: conn} do`
			`conn = post(conn, Routes.auth_path(conn, :authenticate), password: "invalid password")`
Unify env variables and change auth to use session (#195) 2021-04-15 21:50:29 +08:00			`assert html_response(conn, 200) =~ "Authentication required"`
Password access (#187) 2021-04-15 20:15:56 +08:00
			`conn = get(conn, "/")`
			`assert redirected_to(conn) == "/authenticate"`
			`end`

			`@tag password: "grumpycat"`
Unify env variables and change auth to use session (#195) 2021-04-15 21:50:29 +08:00			`test "persists authentication across requests", %{conn: conn} do`
Password access (#187) 2021-04-15 20:15:56 +08:00			`conn = post(conn, Routes.auth_path(conn, :authenticate), password: "grumpycat")`
Unify env variables and change auth to use session (#195) 2021-04-15 21:50:29 +08:00			`assert get_session(conn, "80:password")`
Password access (#187) 2021-04-15 20:15:56 +08:00
Unify env variables and change auth to use session (#195) 2021-04-15 21:50:29 +08:00			`conn = get(conn, "/")`
Password access (#187) 2021-04-15 20:15:56 +08:00			`assert conn.status == 200`
			`assert conn.resp_body =~ "New notebook"`
Unify env variables and change auth to use session (#195) 2021-04-15 21:50:29 +08:00
			`conn = get(conn, "/authenticate")`
			`assert redirected_to(conn) == "/"`
Password access (#187) 2021-04-15 20:15:56 +08:00			`end`
			`end`
Introduce token auth and add basic cli configuration (#148) * Add token authentication * Restructure CLI * Allow port configuration * Further refactoring * Make sure livebook node starts with unique name * Improve startup error handling * Further refactoring * Add authentication tests * Add authentication view for entering the token * Fix auth tests * Always use random Livebook name for distribution * Don't enable ANSI on Windows * Define CLI Task behaviour and move generic logic to the main module * Generalize convertion from cli arguments to configuration * Randomly generate secret key base * Update test/livebook_web/plugs/auth_plug_test.exs Co-authored-by: José Valim <jose.valim@dashbit.co> * Override app config in persistent manner * Update lib/litebook_cli.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Move auth error to ErrorView * Unify node name configuration and allow it via CLI * Set all applications configs at once * Move token generation to application.ex to work outside CLI * Clean up overriding configuration * Store auth token in separate cookies * Update lib/livebook_cli/server.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/endpoint.ex Co-authored-by: José Valim <jose.valim@dashbit.co> * Update lib/livebook_web/plugs/auth_plug.ex Co-authored-by: José Valim <jose.valim@dashbit.co> Co-authored-by: José Valim <jose.valim@dashbit.co> 2021-04-08 17:41:52 +08:00			`end`