summaryrefslogtreecommitdiff
path: root/password_test.go
diff options
context:
space:
mode:
authorxengineering <me@xengineering.eu>2026-06-05 22:45:01 +0200
committerxengineering <me@xengineering.eu>2026-06-20 17:10:39 +0200
commit0143b6e4cb7c31abee7d71a2dbd713abcc98936d (patch)
treea0b1aa8c12647a7e92a80a689a1a3ba29f1fad3e /password_test.go
parent3934137fa15737145094ec4607de82e5b3dbf063 (diff)
downloadfinserv-0143b6e4cb7c31abee7d71a2dbd713abcc98936d.tar
finserv-0143b6e4cb7c31abee7d71a2dbd713abcc98936d.tar.zst
finserv-0143b6e4cb7c31abee7d71a2dbd713abcc98936d.zip
Add Register()
This function creates a new user and sets the username and bcrypt-hashed password.
Diffstat (limited to 'password_test.go')
-rw-r--r--password_test.go57
1 files changed, 57 insertions, 0 deletions
diff --git a/password_test.go b/password_test.go
new file mode 100644
index 0000000..f540cc4
--- /dev/null
+++ b/password_test.go
@@ -0,0 +1,57 @@
+package main
+
+import (
+ "testing"
+
+ "golang.org/x/crypto/bcrypt"
+ _ "github.com/mattn/go-sqlite3"
+)
+
+var passwords = []struct {
+ description string
+ username string
+ password string
+}{
+ {"basic", "testuser", "mypassword"},
+ {"password-characterset", "testuser", "mypSDFäÖ$🚧"},
+ {"user-characterset", "mypSDFäÖ$🚧", "mypassword"},
+}
+
+func TestRegister(t *testing.T) {
+ for _, p := range passwords {
+ t.Run(p.description, func(t *testing.T) {
+ db, _ := emptyDB(t)
+
+ err := MigrateToLatest(db)
+ if err != nil {
+ t.Fatalf("Could not execute function to test: %v", err)
+ }
+
+ err = Register(db, p.username, p.password)
+ if err != nil {
+ t.Fatalf("Could not register user: %v", err)
+ }
+
+ row := db.QueryRow(
+ `SELECT password_bcrypt FROM users WHERE username=?;`,
+ p.username,
+ )
+
+ var hash []byte
+ err = row.Scan(&hash)
+ if err != nil {
+ t.Fatalf("Could not scan for password: %v", err)
+ }
+
+ err = bcrypt.CompareHashAndPassword(hash, []byte(p.password))
+ if err != nil {
+ t.Fatalf("Password not valid after registration: %v", err)
+ }
+
+ err = bcrypt.CompareHashAndPassword(hash, []byte(""))
+ if err == nil {
+ t.Fatalf("Empty password is valid after registration.")
+ }
+ })
+ }
+}