| Akron | 0c4cd22 | 2019-07-19 16:33:34 +0200 | [diff] [blame] | 1 | use Mojo::Base -strict; |
| 2 | use Test::More; |
| 3 | use Test::Mojo; |
| 4 | use Mojo::File qw/path/; |
| 5 | use utf8; |
| 6 | |
| 7 | my $t = Test::Mojo->new('Kalamar' => { |
| 8 | Kalamar => { |
| 9 | plugins => ['Auth'] |
| 10 | } |
| 11 | }); |
| 12 | |
| 13 | $t->app->mode('production'); |
| 14 | |
| Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 15 | my $q = qr!(?:\"|")!; |
| 16 | |
| Akron | e208d30 | 2020-11-28 11:14:50 +0100 | [diff] [blame] | 17 | $t->post_ok('/user/login' => form => { handle => 'test', pwd => 'fail' }) |
| Akron | 0c4cd22 | 2019-07-19 16:33:34 +0200 | [diff] [blame] | 18 | ->status_is(302) |
| 19 | ->header_is('Location' => '/'); |
| 20 | |
| 21 | $t->get_ok('/') |
| 22 | ->status_is(200) |
| 23 | ->element_exists('link[rel=stylesheet][href^=/css/kalamar-]') |
| 24 | ->element_exists('script[src^=/js/kalamar-]') |
| 25 | ->element_exists('div.notify-error') |
| 26 | ->text_is('div.notify-error', 'Bad CSRF token') |
| Akron | e208d30 | 2020-11-28 11:14:50 +0100 | [diff] [blame] | 27 | ->element_exists('input[name=handle][value=test]') |
| Akron | 0c4cd22 | 2019-07-19 16:33:34 +0200 | [diff] [blame] | 28 | ->element_exists_not('div.button.top a') |
| Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 29 | ->attr_is('body','data-korap-url','') |
| Akron | 1bee5a4 | 2021-01-13 17:44:18 +0100 | [diff] [blame] | 30 | ->header_exists_not('Strict-Transport-Security') |
| Akron | 0c4cd22 | 2019-07-19 16:33:34 +0200 | [diff] [blame] | 31 | ; |
| 32 | |
| 33 | is('kalamar',$t->app->sessions->cookie_name); |
| 34 | ok(!$t->app->sessions->secure); |
| 35 | |
| 36 | $t = Test::Mojo->new('Kalamar' => { |
| 37 | Kalamar => { |
| 38 | plugins => ['Auth'], |
| 39 | https_only => 1 |
| 40 | } |
| 41 | }); |
| 42 | |
| Akron | e208d30 | 2020-11-28 11:14:50 +0100 | [diff] [blame] | 43 | $t->post_ok('/user/login' => form => { handle => 'test', pwd => 'fail' }) |
| Akron | 0c4cd22 | 2019-07-19 16:33:34 +0200 | [diff] [blame] | 44 | ->status_is(302) |
| Akron | 1bee5a4 | 2021-01-13 17:44:18 +0100 | [diff] [blame] | 45 | ->header_is('Location' => '/') |
| 46 | ->header_is('Strict-Transport-Security', 'max-age=3600; includeSubDomains') |
| 47 | ; |
| Akron | 0c4cd22 | 2019-07-19 16:33:34 +0200 | [diff] [blame] | 48 | |
| 49 | $t->get_ok('/') |
| 50 | ->status_is(200) |
| 51 | ->element_exists_not('div.notify-error') |
| 52 | ; |
| 53 | |
| 54 | is('kalamar',$t->app->sessions->cookie_name); |
| 55 | ok($t->app->sessions->secure); |
| 56 | |
| 57 | $t = Test::Mojo->new('Kalamar' => { |
| 58 | Kalamar => { |
| 59 | plugins => ['Auth'], |
| 60 | proxy_prefix => '/korap/test', |
| 61 | https_only => 1 |
| 62 | } |
| 63 | }); |
| 64 | |
| 65 | $t->app->mode('production'); |
| 66 | |
| 67 | $t->get_ok('/') |
| 68 | ->status_is(200) |
| 69 | ->element_exists('link[rel=stylesheet][href^=/korap/test/css/kalamar-]') |
| 70 | ->element_exists('script[src^=/korap/test/js/kalamar-]') |
| 71 | ; |
| 72 | |
| 73 | is('kalamar-koraptest',$t->app->sessions->cookie_name); |
| 74 | ok($t->app->sessions->secure); |
| 75 | |
| Akron | e208d30 | 2020-11-28 11:14:50 +0100 | [diff] [blame] | 76 | $t->post_ok('/user/login' => form => { handle => 'test', pwd => 'fail' }) |
| Akron | 0c4cd22 | 2019-07-19 16:33:34 +0200 | [diff] [blame] | 77 | ->status_is(302) |
| 78 | ->header_is('Location' => '/'); |
| 79 | |
| 80 | # Session can't be used |
| 81 | $t->get_ok('/') |
| 82 | ->status_is(200) |
| 83 | ->element_exists_not('div.notify-error') |
| Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 84 | ->attr_is('body','data-korap-url','/korap/test') |
| Akron | 0c4cd22 | 2019-07-19 16:33:34 +0200 | [diff] [blame] | 85 | ; |
| 86 | |
| 87 | |
| 88 | done_testing(); |