summaryrefslogtreecommitdiff
path: root/password_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'password_test.go')
-rw-r--r--password_test.go57
1 files changed, 57 insertions, 0 deletions
diff --git a/password_test.go b/password_test.go
new file mode 100644
index 0000000..f540cc4
--- /dev/null
+++ b/password_test.go
@@ -0,0 +1,57 @@
+package main
+
+import (
+ "testing"
+
+ "golang.org/x/crypto/bcrypt"
+ _ "github.com/mattn/go-sqlite3"
+)
+
+var passwords = []struct {
+ description string
+ username string
+ password string
+}{
+ {"basic", "testuser", "mypassword"},
+ {"password-characterset", "testuser", "mypSDFäÖ$🚧"},
+ {"user-characterset", "mypSDFäÖ$🚧", "mypassword"},
+}
+
+func TestRegister(t *testing.T) {
+ for _, p := range passwords {
+ t.Run(p.description, func(t *testing.T) {
+ db, _ := emptyDB(t)
+
+ err := MigrateToLatest(db)
+ if err != nil {
+ t.Fatalf("Could not execute function to test: %v", err)
+ }
+
+ err = Register(db, p.username, p.password)
+ if err != nil {
+ t.Fatalf("Could not register user: %v", err)
+ }
+
+ row := db.QueryRow(
+ `SELECT password_bcrypt FROM users WHERE username=?;`,
+ p.username,
+ )
+
+ var hash []byte
+ err = row.Scan(&hash)
+ if err != nil {
+ t.Fatalf("Could not scan for password: %v", err)
+ }
+
+ err = bcrypt.CompareHashAndPassword(hash, []byte(p.password))
+ if err != nil {
+ t.Fatalf("Password not valid after registration: %v", err)
+ }
+
+ err = bcrypt.CompareHashAndPassword(hash, []byte(""))
+ if err == nil {
+ t.Fatalf("Empty password is valid after registration.")
+ }
+ })
+ }
+}