Authentication backend for Vervis, fork of Hackage package by the same name

[[ 🗃 ^VE2Kr yesod-auth-account ]] :: [📥 Inbox] [📤 Outbox] [🐤 Followers] [🤝 Collaborators] [🛠 Commits]

Clone

HTTPS: git clone https://vervis.peers.community/repos/VE2Kr

SSH: git clone USERNAME@vervis.peers.community:VE2Kr

Branches

Tags

master :: tests /

BasicTests.hs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89

{-# LANGUAGE CPP, OverloadedStrings #-}
module BasicTests (basicSpecs) where

import Yesod.Test
import Foundation

redirectCode :: Int
#if MIN_VERSION_yesod_test(1,4,0)
redirectCode = 303
#else
redirectCode = 302
#endif

basicSpecs :: YesodSpec MyApp
basicSpecs =
    ydescribe "Basic tests" $ do
        yit "checks the home page is not logged in" $ do
            get' "/"
            statusIs 200
            bodyContains "Please visit the <a href=\"/auth/login\">Login page"

        yit "tests an invalid login" $ do
            get' "/auth/login"
            statusIs 200

            post' "/auth/page/account/login" $ do
                byLabel "Username" "abc"
                byLabel "Password" "xxx"

            statusIs redirectCode
            get' "/auth/login"
            statusIs 200
            bodyContains "Invalid username/password combination"

        yit "new account page looks ok" $ do
            get' "/auth/page/account/newaccount"
            statusIs 200
            htmlAllContain "title" "Register a new account"
            bodyContains "Register"

        yit "reset password page looks ok" $ do
            get' "/auth/page/account/resetpassword"
            statusIs 200
            bodyContains "Send password reset email"

            post' "/auth/page/account/resetpassword" $ do
                byLabel "Username" "abc"
                addToken

            statusIs redirectCode
            get' "/"
            statusIs 200
            bodyContains "Invalid username"

        yit "verify page returns an error" $ do
            get' "/auth/page/account/verify/abc/xxxxxx"
            statusIs redirectCode
            get' "/"
            statusIs 200
            bodyContains "invalid verification key"

        yit "new password returns an error" $ do
            get' "/auth/page/account/newpassword/abc/xxxxxx"
            statusIs redirectCode
            get' "/"
            statusIs 200
            bodyContains "invalid verification key"

        yit "set password returns an error" $ do
            post' "/auth/page/account/setpassword" $ do
                addPostParam "f1" "xxx"
                addPostParam "f2" "xxx"
                addPostParam "f3" "xxx"
                addPostParam "f4" "xxx"
                addPostParam "f5" "xxx"

            statusIs redirectCode
            get' "/"
            statusIs 200
            bodyContains "As a protection against cross-site"

        yit "resend verify email returns an error" $ do
            post' "/auth/page/account/resendverifyemail" $ do
                addPostParam "f1" "xxx"
                addPostParam "f2" "xxx"

            statusIs 400
            bodyContains "As a protection against cross-site"
[See repo JSON]