2021-04-08 17:41:52 +08:00
|
|
|
defmodule LivebookWeb.AuthPlugTest do
|
|
|
|
use LivebookWeb.ConnCase, async: false
|
|
|
|
|
|
|
|
setup context do
|
2021-04-15 20:15:56 +08:00
|
|
|
{type, value} =
|
|
|
|
cond do
|
|
|
|
token = context[:token] -> {:token, token}
|
|
|
|
password = context[:password] -> {:password, password}
|
|
|
|
true -> {:disabled, ""}
|
|
|
|
end
|
|
|
|
|
|
|
|
unless type == :disabled do
|
|
|
|
Application.put_env(:livebook, :authentication_mode, type)
|
|
|
|
Application.put_env(:livebook, type, value)
|
2021-04-08 17:41:52 +08:00
|
|
|
|
|
|
|
on_exit(fn ->
|
2021-04-15 20:15:56 +08:00
|
|
|
Application.put_env(:livebook, :authentication_mode, :disabled)
|
|
|
|
Application.delete_env(:livebook, type)
|
2021-04-08 17:41:52 +08:00
|
|
|
end)
|
|
|
|
end
|
|
|
|
|
|
|
|
:ok
|
|
|
|
end
|
|
|
|
|
|
|
|
describe "token authentication" do
|
|
|
|
test "skips authentication when no token is configured", %{conn: conn} do
|
|
|
|
conn = get(conn, "/")
|
|
|
|
|
|
|
|
assert conn.status == 200
|
|
|
|
assert conn.resp_body =~ "New notebook"
|
|
|
|
end
|
|
|
|
|
|
|
|
@tag token: "grumpycat"
|
2022-04-14 00:51:28 +08:00
|
|
|
test "redirects to '/authenticate' if not authenticated", %{conn: conn} do
|
|
|
|
conn = get(conn, "/")
|
|
|
|
assert redirected_to(conn) == "/authenticate"
|
2021-04-08 17:41:52 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
@tag token: "grumpycat"
|
|
|
|
test "redirects to the same path when valid token is provided in query params", %{conn: conn} do
|
|
|
|
conn = get(conn, "/?token=grumpycat")
|
|
|
|
|
|
|
|
assert redirected_to(conn) == "/"
|
|
|
|
end
|
|
|
|
|
|
|
|
@tag token: "grumpycat"
|
2022-04-14 00:51:28 +08:00
|
|
|
test "redirects to '/authenticate' when invalid token is provided in query params",
|
2021-04-08 17:41:52 +08:00
|
|
|
%{conn: conn} do
|
2022-04-14 00:51:28 +08:00
|
|
|
conn = get(conn, "/")
|
|
|
|
assert redirected_to(conn) == "/authenticate"
|
2021-04-08 17:41:52 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
@tag token: "grumpycat"
|
2021-04-15 21:50:29 +08:00
|
|
|
test "persists authentication across requests", %{conn: conn} do
|
2021-04-08 17:41:52 +08:00
|
|
|
conn = get(conn, "/?token=grumpycat")
|
2021-04-15 21:50:29 +08:00
|
|
|
assert get_session(conn, "80:token")
|
2021-04-08 17:41:52 +08:00
|
|
|
|
2021-04-15 21:50:29 +08:00
|
|
|
conn = get(conn, "/")
|
2021-04-08 17:41:52 +08:00
|
|
|
assert conn.status == 200
|
|
|
|
assert conn.resp_body =~ "New notebook"
|
|
|
|
end
|
|
|
|
end
|
2021-04-15 20:15:56 +08:00
|
|
|
|
|
|
|
describe "password authentication" do
|
2021-04-15 21:50:29 +08:00
|
|
|
test "redirects to '/' if no authentication is required", %{conn: conn} do
|
|
|
|
conn = get(conn, "/authenticate")
|
|
|
|
assert redirected_to(conn) == "/"
|
|
|
|
end
|
|
|
|
|
2021-04-15 20:15:56 +08:00
|
|
|
@tag password: "grumpycat"
|
2021-04-15 21:50:29 +08:00
|
|
|
test "redirects to '/authenticate' if not authenticated", %{conn: conn} do
|
2021-04-15 20:15:56 +08:00
|
|
|
conn = get(conn, "/")
|
|
|
|
assert redirected_to(conn) == "/authenticate"
|
|
|
|
end
|
|
|
|
|
|
|
|
@tag password: "grumpycat"
|
|
|
|
test "redirects to '/' on valid authentication", %{conn: conn} do
|
|
|
|
conn = post(conn, Routes.auth_path(conn, :authenticate), password: "grumpycat")
|
|
|
|
assert redirected_to(conn) == "/"
|
|
|
|
|
|
|
|
conn = get(conn, "/")
|
|
|
|
assert html_response(conn, 200) =~ "New notebook"
|
|
|
|
end
|
|
|
|
|
|
|
|
@tag password: "grumpycat"
|
|
|
|
test "redirects back to '/authenticate' on invalid password", %{conn: conn} do
|
|
|
|
conn = post(conn, Routes.auth_path(conn, :authenticate), password: "invalid password")
|
2021-04-15 21:50:29 +08:00
|
|
|
assert html_response(conn, 200) =~ "Authentication required"
|
2021-04-15 20:15:56 +08:00
|
|
|
|
|
|
|
conn = get(conn, "/")
|
|
|
|
assert redirected_to(conn) == "/authenticate"
|
|
|
|
end
|
|
|
|
|
|
|
|
@tag password: "grumpycat"
|
2021-04-15 21:50:29 +08:00
|
|
|
test "persists authentication across requests", %{conn: conn} do
|
2021-04-15 20:15:56 +08:00
|
|
|
conn = post(conn, Routes.auth_path(conn, :authenticate), password: "grumpycat")
|
2021-04-15 21:50:29 +08:00
|
|
|
assert get_session(conn, "80:password")
|
2021-04-15 20:15:56 +08:00
|
|
|
|
2021-04-15 21:50:29 +08:00
|
|
|
conn = get(conn, "/")
|
2021-04-15 20:15:56 +08:00
|
|
|
assert conn.status == 200
|
|
|
|
assert conn.resp_body =~ "New notebook"
|
2021-04-15 21:50:29 +08:00
|
|
|
|
|
|
|
conn = get(conn, "/authenticate")
|
|
|
|
assert redirected_to(conn) == "/"
|
2021-04-15 20:15:56 +08:00
|
|
|
end
|
|
|
|
end
|
2021-04-08 17:41:52 +08:00
|
|
|
end
|