YourSelfHosted/memos
1
0
Fork 0
mirror of https://github.com/usememos/memos.git synced 2025-06-05 22:09:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

chore: update server tests (#2118)

Browse Source
This commit is contained in:
boojack
2023-08-10 09:01:38 +08:00
committed by GitHub
parent 35f2d399e2
commit 723c444910
12 changed files with 296 additions and 145 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api/auth/auth.go
View File

@ -19,8 +19,6 @@ const (
// CookieExpDuration expires slightly earlier than the jwt expiration. Client would be logged out if the user // CookieExpDuration expires slightly earlier than the jwt expiration. Client would be logged out if the user
// cookie expires, thus the client would always logout first before attempting to make a request with the expired jwt. // cookie expires, thus the client would always logout first before attempting to make a request with the expired jwt.
// Suppose we have a valid refresh token, we will refresh the token in cases:
// 1. The access token has already expired, we refresh the token so that the ongoing request can pass through.
CookieExpDuration = AccessTokenDuration - 1*time.Minute CookieExpDuration = AccessTokenDuration - 1*time.Minute
// AccessTokenCookieName is the cookie name of access token. // AccessTokenCookieName is the cookie name of access token.
AccessTokenCookieName = "memos.access-token" AccessTokenCookieName = "memos.access-token"

148
api/v1/docs.go
View File

@ -23,50 +23,6 @@ const docTemplate = `{
"host": "{{.Host}}", "host": "{{.Host}}",
"basePath": "{{.BasePath}}", "basePath": "{{.BasePath}}",
"paths": { "paths": {
"/api/v1/GetSystemStatus": {
"get": {
"produces": [
"application/json"
],
"tags": [
"system"
],
"summary": "Get system GetSystemStatus",
"responses": {
"200": {
"description": "System GetSystemStatus",
"schema": {
"$ref": "#/definitions/v1.SystemStatus"
}
},
"401": {
"description": "Missing user in session | Unauthorized"
},
"500": {
"description": "Failed to find host user | Failed to find system setting list | Failed to unmarshal system setting customized profile value"
}
}
}
},
"/api/v1/PingSystem": {
"get": {
"produces": [
"application/json"
],
"tags": [
"system"
],
"summary": "Ping the system",
"responses": {
"200": {
"description": "System profile",
"schema": {
"$ref": "#/definitions/profile.Profile"
}
}
}
}
},
"/api/v1/auth/signin": { "/api/v1/auth/signin": {
"post": { "post": {
"consumes": [ "consumes": [
@ -1152,6 +1108,25 @@ const docTemplate = `{
} }
} }
}, },
"/api/v1/ping": {
"get": {
"produces": [
"application/json"
],
"tags": [
"system"
],
"summary": "Ping the system",
"responses": {
"200": {
"description": "If succeed to ping the system",
"schema": {
"type": "boolean"
}
}
}
}
},
"/api/v1/resource": { "/api/v1/resource": {
"get": { "get": {
"security": [ "security": [
@ -1386,6 +1361,31 @@ const docTemplate = `{
} }
} }
}, },
"/api/v1/status": {
"get": {
"produces": [
"application/json"
],
"tags": [
"system"
],
"summary": "Get system GetSystemStatus",
"responses": {
"200": {
"description": "System GetSystemStatus",
"schema": {
"$ref": "#/definitions/v1.SystemStatus"
}
},
"401": {
"description": "Missing user in session | Unauthorized"
},
"500": {
"description": "Failed to find host user | Failed to find system setting list | Failed to unmarshal system setting customized profile value"
}
}
}
},
"/api/v1/storage": { "/api/v1/storage": {
"get": { "get": {
"security": [ "security": [
@ -1555,36 +1555,6 @@ const docTemplate = `{
} }
} }
}, },
"/api/v1/system/ExecVacuum": {
"post": {
"security": [
{
"ApiKeyAuth": []
}
],
"produces": [
"application/json"
],
"tags": [
"system"
],
"summary": "Vacuum the database",
"responses": {
"200": {
"description": "Database vacuumed",
"schema": {
"type": "boolean"
}
},
"401": {
"description": "Missing user in session | Unauthorized"
},
"500": {
"description": "Failed to find user | Failed to ExecVacuum database"
}
}
}
},
"/api/v1/system/setting": { "/api/v1/system/setting": {
"get": { "get": {
"security": [ "security": [
@ -1666,6 +1636,36 @@ const docTemplate = `{
} }
} }
}, },
"/api/v1/system/vacuum": {
"post": {
"security": [
{
"ApiKeyAuth": []
}
],
"produces": [
"application/json"
],
"tags": [
"system"
],
"summary": "Vacuum the database",
"responses": {
"200": {
"description": "Database vacuumed",
"schema": {
"type": "boolean"
}
},
"401": {
"description": "Missing user in session | Unauthorized"
},
"500": {
"description": "Failed to find user | Failed to ExecVacuum database"
}
}
}
},
"/api/v1/tag": { "/api/v1/tag": {
"get": { "get": {
"security": [ "security": [

6
api/v1/jwt.go
View File

@ -37,7 +37,7 @@ func GenerateTokensAndSetCookies(c echo.Context, user *store.User, secret string
return nil return nil
} }
// RemoveTokensAndCookies removes the jwt token and refresh token from the cookies. // RemoveTokensAndCookies removes the jwt token from the cookies.
func RemoveTokensAndCookies(c echo.Context) { func RemoveTokensAndCookies(c echo.Context) {
cookieExp := time.Now().Add(-1 * time.Hour) cookieExp := time.Now().Add(-1 * time.Hour)
setTokenCookie(c, auth.AccessTokenCookieName, "", cookieExp) setTokenCookie(c, auth.AccessTokenCookieName, "", cookieExp)
@ -121,8 +121,6 @@ func audienceContains(audience jwt.ClaimStrings, token string) bool {
} }
// JWTMiddleware validates the access token. // JWTMiddleware validates the access token.
// If the access token is about to expire or has expired and the request has a valid refresh token, it
// will try to generate new access token and refresh token.
func JWTMiddleware(server *APIV1Service, next echo.HandlerFunc, secret string) echo.HandlerFunc { func JWTMiddleware(server *APIV1Service, next echo.HandlerFunc, secret string) echo.HandlerFunc {
return func(c echo.Context) error { return func(c echo.Context) error {
ctx := c.Request().Context() ctx := c.Request().Context()
@ -172,7 +170,7 @@ func JWTMiddleware(server *APIV1Service, next echo.HandlerFunc, secret string) e
return echo.NewHTTPError(http.StatusUnauthorized, fmt.Sprintf("Invalid access token, audience mismatch, got %q, expected %q.", claims.Audience, auth.AccessTokenAudienceName)) return echo.NewHTTPError(http.StatusUnauthorized, fmt.Sprintf("Invalid access token, audience mismatch, got %q, expected %q.", claims.Audience, auth.AccessTokenAudienceName))
} }
// We either have a valid access token or we will attempt to generate new access token and refresh token // We either have a valid access token or we will attempt to generate new access token.
userID, err := util.ConvertStringToInt32(claims.Subject) userID, err := util.ConvertStringToInt32(claims.Subject)
if err != nil { if err != nil {
return echo.NewHTTPError(http.StatusUnauthorized, "Malformed ID in the token.") return echo.NewHTTPError(http.StatusUnauthorized, "Malformed ID in the token.")

94
api/v1/swagger.yaml
View File

@ -748,35 +748,6 @@ info:
title: memos API title: memos API
version: "1.0" version: "1.0"
paths: paths:
/api/v1/GetSystemStatus:
get:
produces:
- application/json
responses:
"200":
description: System GetSystemStatus
schema:
$ref: '#/definitions/v1.SystemStatus'
"401":
description: Missing user in session | Unauthorized
"500":
description: Failed to find host user | Failed to find system setting list
| Failed to unmarshal system setting customized profile value
summary: Get system GetSystemStatus
tags:
- system
/api/v1/PingSystem:
get:
produces:
- application/json
responses:
"200":
description: System profile
schema:
$ref: '#/definitions/profile.Profile'
summary: Ping the system
tags:
- system
/api/v1/auth/signin: /api/v1/auth/signin:
post: post:
consumes: consumes:
@ -1509,6 +1480,18 @@ paths:
summary: Get memo stats by creator ID or username summary: Get memo stats by creator ID or username
tags: tags:
- memo - memo
/api/v1/ping:
get:
produces:
- application/json
responses:
"200":
description: If succeed to ping the system
schema:
type: boolean
summary: Ping the system
tags:
- system
/api/v1/resource: /api/v1/resource:
get: get:
parameters: parameters:
@ -1660,6 +1643,23 @@ paths:
summary: Upload resource summary: Upload resource
tags: tags:
- resource - resource
/api/v1/status:
get:
produces:
- application/json
responses:
"200":
description: System GetSystemStatus
schema:
$ref: '#/definitions/v1.SystemStatus'
"401":
description: Missing user in session | Unauthorized
"500":
description: Failed to find host user | Failed to find system setting list
| Failed to unmarshal system setting customized profile value
summary: Get system GetSystemStatus
tags:
- system
/api/v1/storage: /api/v1/storage:
get: get:
produces: produces:
@ -1769,24 +1769,6 @@ paths:
summary: Update a storage summary: Update a storage
tags: tags:
- storage - storage
/api/v1/system/ExecVacuum:
post:
produces:
- application/json
responses:
"200":
description: Database vacuumed
schema:
type: boolean
"401":
description: Missing user in session | Unauthorized
"500":
description: Failed to find user | Failed to ExecVacuum database
security:
- ApiKeyAuth: []
summary: Vacuum the database
tags:
- system
/api/v1/system/setting: /api/v1/system/setting:
get: get:
produces: produces:
@ -1837,6 +1819,24 @@ paths:
summary: Create system setting summary: Create system setting
tags: tags:
- system-setting - system-setting
/api/v1/system/vacuum:
post:
produces:
- application/json
responses:
"200":
description: Database vacuumed
schema:
type: boolean
"401":
description: Missing user in session | Unauthorized
"500":
description: Failed to find user | Failed to ExecVacuum database
security:
- ApiKeyAuth: []
summary: Vacuum the database
tags:
- system
/api/v1/tag: /api/v1/tag:
get: get:
produces: produces:

12
api/v1/system.go
View File

@ -53,10 +53,10 @@ func (s *APIV1Service) registerSystemRoutes(g *echo.Group) {
// @Summary Ping the system // @Summary Ping the system
// @Tags system // @Tags system
// @Produce json // @Produce json
// @Success 200 {object} profile.Profile "System profile" // @Success 200 {boolean} true "If succeed to ping the system"
// @Router /api/v1/PingSystem [GET] // @Router /api/v1/ping [GET]
func (s *APIV1Service) PingSystem(c echo.Context) error { func (*APIV1Service) PingSystem(c echo.Context) error {
return c.JSON(http.StatusOK, s.Profile) return c.JSON(http.StatusOK, true)
} }
// GetSystemStatus godoc // GetSystemStatus godoc
@ -67,7 +67,7 @@ func (s *APIV1Service) PingSystem(c echo.Context) error {
// @Success 200 {object} SystemStatus "System GetSystemStatus" // @Success 200 {object} SystemStatus "System GetSystemStatus"
// @Failure 401 {object} nil "Missing user in session | Unauthorized" // @Failure 401 {object} nil "Missing user in session | Unauthorized"
// @Failure 500 {object} nil "Failed to find host user | Failed to find system setting list | Failed to unmarshal system setting customized profile value" // @Failure 500 {object} nil "Failed to find host user | Failed to find system setting list | Failed to unmarshal system setting customized profile value"
// @Router /api/v1/GetSystemStatus [GET] // @Router /api/v1/status [GET]
func (s *APIV1Service) GetSystemStatus(c echo.Context) error { func (s *APIV1Service) GetSystemStatus(c echo.Context) error {
ctx := c.Request().Context() ctx := c.Request().Context()
@ -165,7 +165,7 @@ func (s *APIV1Service) GetSystemStatus(c echo.Context) error {
// @Failure 401 {object} nil "Missing user in session | Unauthorized" // @Failure 401 {object} nil "Missing user in session | Unauthorized"
// @Failure 500 {object} nil "Failed to find user | Failed to ExecVacuum database" // @Failure 500 {object} nil "Failed to find user | Failed to ExecVacuum database"
// @Security ApiKeyAuth // @Security ApiKeyAuth
// @Router /api/v1/system/ExecVacuum [POST] // @Router /api/v1/system/vacuum [POST]
func (s *APIV1Service) ExecVacuum(c echo.Context) error { func (s *APIV1Service) ExecVacuum(c echo.Context) error {
ctx := c.Request().Context() ctx := c.Request().Context()
userID, ok := c.Get(auth.UserIDContextKey).(int32) userID, ok := c.Get(auth.UserIDContextKey).(int32)

9
plugin/idp/oauth2/oauth2_test.go
View File

@ -90,11 +90,10 @@ func newMockServer(t *testing.T, code, accessToken string, userinfo []byte) *htt
w.Header().Set("Content-Type", "application/json") w.Header().Set("Content-Type", "application/json")
err = json.NewEncoder(w).Encode(map[string]any{ err = json.NewEncoder(w).Encode(map[string]any{
"access_token": accessToken, "access_token": accessToken,
"token_type": "Bearer", "token_type": "Bearer",
"refresh_token": "test-refresh-token", "expires_in": 3600,
"expires_in": 3600, "id_token": rawIDToken,
"id_token": rawIDToken,
}) })
require.NoError(t, err) require.NoError(t, err)
}) })

48
test/server/auth_test.go
View File

@ -21,12 +21,24 @@ func TestAuthServer(t *testing.T) {
Username: "testuser", Username: "testuser",
Password: "testpassword", Password: "testpassword",
} }
user, err := s.postAuthSignup(signup) user, err := s.postAuthSignUp(signup)
require.NoError(t, err) require.NoError(t, err)
require.Equal(t, signup.Username, user.Username) require.Equal(t, signup.Username, user.Username)
signin := &apiv1.SignIn{
Username: "testuser",
Password: "testpassword",
}
user, err = s.postAuthSignIn(signin)
require.NoError(t, err)
require.Equal(t, signup.Username, user.Username)
err = s.postSignOut()
require.NoError(t, err)
_, err = s.getCurrentUser()
require.Error(t, err)
} }
func (s *TestingServer) postAuthSignup(signup *apiv1.SignUp) (*apiv1.User, error) { func (s *TestingServer) postAuthSignUp(signup *apiv1.SignUp) (*apiv1.User, error) {
rawData, err := json.Marshal(&signup) rawData, err := json.Marshal(&signup)
if err != nil { if err != nil {
return nil, errors.Wrap(err, "failed to marshal signup") return nil, errors.Wrap(err, "failed to marshal signup")
@ -49,3 +61,35 @@ func (s *TestingServer) postAuthSignup(signup *apiv1.SignUp) (*apiv1.User, error
} }
return user, nil return user, nil
} }
func (s *TestingServer) postAuthSignIn(signip *apiv1.SignIn) (*apiv1.User, error) {
rawData, err := json.Marshal(&signip)
if err != nil {
return nil, errors.Wrap(err, "failed to marshal signin")
}
reader := bytes.NewReader(rawData)
body, err := s.post("/api/v1/auth/signin", reader, nil)
if err != nil {
return nil, errors.Wrap(err, "fail to post request")
}
buf := &bytes.Buffer{}
_, err = buf.ReadFrom(body)
if err != nil {
return nil, errors.Wrap(err, "fail to read response body")
}
user := &apiv1.User{}
if err = json.Unmarshal(buf.Bytes(), user); err != nil {
return nil, errors.Wrap(err, "fail to unmarshal post signin response")
}
return user, nil
}
func (s *TestingServer) postSignOut() error {
_, err := s.post("/api/v1/auth/signout", nil, nil)
if err != nil {
return errors.Wrap(err, "fail to post request")
}
return nil
}

2
test/server/memo_relation_test.go
View File

@ -22,7 +22,7 @@ func TestMemoRelationServer(t *testing.T) {
Username: "testuser", Username: "testuser",
Password: "testpassword", Password: "testpassword",
} }
user, err := s.postAuthSignup(signup) user, err := s.postAuthSignUp(signup)
require.NoError(t, err) require.NoError(t, err)
require.Equal(t, signup.Username, user.Username) require.Equal(t, signup.Username, user.Username)
memo, err := s.postMemoCreate(&apiv1.CreateMemoRequest{ memo, err := s.postMemoCreate(&apiv1.CreateMemoRequest{

2
test/server/memo_test.go
View File

@ -22,7 +22,7 @@ func TestMemoServer(t *testing.T) {
Username: "testuser", Username: "testuser",
Password: "testpassword", Password: "testpassword",
} }
user, err := s.postAuthSignup(signup) user, err := s.postAuthSignUp(signup)
require.NoError(t, err) require.NoError(t, err)
require.Equal(t, signup.Username, user.Username) require.Equal(t, signup.Username, user.Username)
memo, err := s.postMemoCreate(&apiv1.CreateMemoRequest{ memo, err := s.postMemoCreate(&apiv1.CreateMemoRequest{

2
test/server/server.go
View File

@ -142,7 +142,7 @@ func (s *TestingServer) request(method, uri string, body io.Reader, params, head
return nil, errors.Errorf("unable to find access token in the login response headers") return nil, errors.Errorf("unable to find access token in the login response headers")
} }
s.cookie = cookie s.cookie = cookie
} else if strings.Contains(uri, "/api/v1/auth/logout") { } else if strings.Contains(uri, "/api/v1/auth/signout") {
s.cookie = "" s.cookie = ""
} }
} }

13
test/server/system_test.go
View File

@ -25,15 +25,24 @@ func TestSystemServer(t *testing.T) {
Username: "testuser", Username: "testuser",
Password: "testpassword", Password: "testpassword",
} }
user, err := s.postAuthSignup(signup) user, err := s.postAuthSignUp(signup)
require.NoError(t, err) require.NoError(t, err)
require.Equal(t, signup.Username, user.Username) require.Equal(t, signup.Username, user.Username)
err = s.pingSystem()
require.NoError(t, err)
status, err = s.getSystemStatus() status, err = s.getSystemStatus()
require.NoError(t, err) require.NoError(t, err)
require.Equal(t, user.ID, status.Host.ID) require.Equal(t, user.ID, status.Host.ID)
} }
func (s *TestingServer) pingSystem() error {
_, err := s.get("/api/v1/ping", nil)
if err != nil {
return err
}
return nil
}
func (s *TestingServer) getSystemStatus() (*apiv1.SystemStatus, error) { func (s *TestingServer) getSystemStatus() (*apiv1.SystemStatus, error) {
body, err := s.get("/api/v1/status", nil) body, err := s.get("/api/v1/status", nil)
if err != nil { if err != nil {

103
test/server/user_test.go Normal file
View File

@ -0,0 +1,103 @@
package testserver
import (
"bytes"
"context"
"encoding/json"
"fmt"
"testing"
"github.com/pkg/errors"
"github.com/stretchr/testify/require"
apiv1 "github.com/usememos/memos/api/v1"
)
func TestUserServer(t *testing.T) {
ctx := context.Background()
s, err := NewTestingServer(ctx, t)
require.NoError(t, err)
defer s.Shutdown(ctx)
signup := &apiv1.SignUp{
Username: "testuser",
Password: "testpassword",
}
user, err := s.postAuthSignUp(signup)
require.NoError(t, err)
require.Equal(t, signup.Username, user.Username)
user, err = s.getCurrentUser()
require.NoError(t, err)
require.Equal(t, signup.Username, user.Username)
user, err = s.getUserByID(user.ID)
require.NoError(t, err)
require.Equal(t, signup.Username, user.Username)
newEmail := "test@usermemos.com"
userPatch := &apiv1.UpdateUserRequest{
Email: &newEmail,
}
user, err = s.patchUser(user.ID, userPatch)
require.NoError(t, err)
require.Equal(t, newEmail, user.Email)
}
func (s *TestingServer) getCurrentUser() (*apiv1.User, error) {
body, err := s.get("/api/v1/user/me", nil)
if err != nil {
return nil, err
}
buf := &bytes.Buffer{}
_, err = buf.ReadFrom(body)
if err != nil {
return nil, errors.Wrap(err, "fail to read response body")
}
user := &apiv1.User{}
if err = json.Unmarshal(buf.Bytes(), &user); err != nil {
return nil, errors.Wrap(err, "fail to unmarshal get user response")
}
return user, nil
}
func (s *TestingServer) getUserByID(userID int32) (*apiv1.User, error) {
body, err := s.get(fmt.Sprintf("/api/v1/user/%d", userID), nil)
if err != nil {
return nil, err
}
buf := &bytes.Buffer{}
_, err = buf.ReadFrom(body)
if err != nil {
return nil, errors.Wrap(err, "fail to read response body")
}
user := &apiv1.User{}
if err = json.Unmarshal(buf.Bytes(), &user); err != nil {
return nil, errors.Wrap(err, "fail to unmarshal get user response")
}
return user, nil
}
func (s *TestingServer) patchUser(userID int32, request *apiv1.UpdateUserRequest) (*apiv1.User, error) {
rawData, err := json.Marshal(&request)
if err != nil {
return nil, errors.Wrap(err, "failed to marshal request")
}
reader := bytes.NewReader(rawData)
body, err := s.patch(fmt.Sprintf("/api/v1/user/%d", userID), reader, nil)
if err != nil {
return nil, err
}
buf := &bytes.Buffer{}
_, err = buf.ReadFrom(body)
if err != nil {
return nil, errors.Wrap(err, "fail to read response body")
}
user := &apiv1.User{}
if err = json.Unmarshal(buf.Bytes(), user); err != nil {
return nil, errors.Wrap(err, "fail to unmarshal patch user response")
}
return user, nil
}