diff options
Diffstat (limited to 'test/silmataivas_web/plugs/auth_test.exs')
| -rw-r--r-- | test/silmataivas_web/plugs/auth_test.exs | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/test/silmataivas_web/plugs/auth_test.exs b/test/silmataivas_web/plugs/auth_test.exs new file mode 100644 index 0000000..e6cf0e6 --- /dev/null +++ b/test/silmataivas_web/plugs/auth_test.exs @@ -0,0 +1,60 @@ +defmodule SilmataivasWeb.AuthTest do + use SilmataivasWeb.ConnCase + + import Silmataivas.UsersFixtures + + alias SilmataivasWeb.Plugs.Auth + + describe "auth plug" do + test "authenticates user with valid token", %{conn: conn} do + # Create a user + user = user_fixture() + + # Set up the connection with a valid token + conn = + conn + |> put_req_header("authorization", "Bearer #{user.user_id}") + |> Auth.call(%{}) + + # Verify the user is authenticated + assert conn.assigns.current_user.id == user.id + refute conn.halted + end + + test "rejects request with invalid token format", %{conn: conn} do + # Set up the connection with an invalid token format + conn = + conn + |> put_req_header("authorization", "Invalid #{Ecto.UUID.generate()}") + |> Auth.call(%{}) + + # Verify the connection is halted + assert conn.halted + assert conn.status == 401 + assert conn.resp_body == "Unauthorized" + end + + test "rejects request with non-existent user token", %{conn: conn} do + # Set up the connection with a non-existent user token + conn = + conn + |> put_req_header("authorization", "Bearer #{Ecto.UUID.generate()}") + |> Auth.call(%{}) + + # Verify the connection is halted + assert conn.halted + assert conn.status == 401 + assert conn.resp_body == "Unauthorized" + end + + test "rejects request without authorization header", %{conn: conn} do + # Set up the connection without an authorization header + conn = Auth.call(conn, %{}) + + # Verify the connection is halted + assert conn.halted + assert conn.status == 401 + assert conn.resp_body == "Unauthorized" + end + end +end |