2017-07-10 17:32:42 +02:00
package sessions_test
import (
2020-04-17 16:54:00 +02:00
"sync"
2017-07-10 17:32:42 +02:00
"testing"
2020-04-13 06:11:41 +02:00
"time"
2017-07-10 17:32:42 +02:00
2019-10-25 00:27:02 +02:00
"github.com/kataras/iris/v12"
"github.com/kataras/iris/v12/context"
"github.com/kataras/iris/v12/httptest"
"github.com/kataras/iris/v12/sessions"
2017-07-10 17:32:42 +02:00
)
func TestSessions ( t * testing . T ) {
app := iris . New ( )
sess := sessions . New ( sessions . Config { Cookie : "mycustomsessionid" } )
testSessions ( t , sess , app )
}
const (
2019-07-15 08:58:05 +02:00
testEnableSubdomain = true
2017-07-10 17:32:42 +02:00
)
func testSessions ( t * testing . T , sess * sessions . Sessions , app * iris . Application ) {
values := map [ string ] interface { } {
"Name" : "iris" ,
"Months" : "4" ,
"Secret" : "dsads£2132215£%%Ssdsa" ,
}
writeValues := func ( ctx context . Context ) {
s := sess . Start ( ctx )
sessValues := s . GetAll ( )
2020-02-02 15:29:06 +01:00
_ , err := ctx . JSON ( sessValues )
if err != nil {
t . Fatal ( err )
}
2017-07-10 17:32:42 +02:00
}
if testEnableSubdomain {
2019-07-15 08:58:05 +02:00
app . Party ( "subdomain." ) . Get ( "/get" , writeValues )
2017-07-10 17:32:42 +02:00
}
app . Post ( "/set" , func ( ctx context . Context ) {
s := sess . Start ( ctx )
2020-02-02 15:29:06 +01:00
vals := make ( map [ string ] interface { } )
2017-07-10 17:32:42 +02:00
if err := ctx . ReadJSON ( & vals ) ; err != nil {
2019-07-15 08:58:05 +02:00
t . Fatalf ( "Cannot read JSON. Trace %s" , err . Error ( ) )
2017-07-10 17:32:42 +02:00
}
for k , v := range vals {
s . Set ( k , v )
}
} )
app . Get ( "/get" , func ( ctx context . Context ) {
writeValues ( ctx )
} )
app . Get ( "/clear" , func ( ctx context . Context ) {
sess . Start ( ctx ) . Clear ( )
writeValues ( ctx )
} )
app . Get ( "/destroy" , func ( ctx context . Context ) {
sess . Destroy ( ctx )
writeValues ( ctx )
// the cookie and all values should be empty
} )
// request cookie should be empty
app . Get ( "/after_destroy" , func ( ctx context . Context ) {
} )
app . Get ( "/multi_start_set_get" , func ( ctx context . Context ) {
s := sess . Start ( ctx )
s . Set ( "key" , "value" )
ctx . Next ( )
} , func ( ctx context . Context ) {
s := sess . Start ( ctx )
2020-02-02 15:29:06 +01:00
_ , err := ctx . Writef ( s . GetString ( "key" ) )
if err != nil {
t . Fatal ( err )
}
2017-07-10 17:32:42 +02:00
} )
e := httptest . New ( t , app , httptest . URL ( "http://example.com" ) )
e . POST ( "/set" ) . WithJSON ( values ) . Expect ( ) . Status ( iris . StatusOK ) . Cookies ( ) . NotEmpty ( )
e . GET ( "/get" ) . Expect ( ) . Status ( iris . StatusOK ) . JSON ( ) . Object ( ) . Equal ( values )
if testEnableSubdomain {
2019-07-15 08:58:05 +02:00
es := e . Builder ( func ( req * httptest . Request ) {
req . WithURL ( "http://subdomain.example.com" )
} )
2017-07-10 17:32:42 +02:00
es . Request ( "GET" , "/get" ) . Expect ( ) . Status ( iris . StatusOK ) . JSON ( ) . Object ( ) . Equal ( values )
}
// test destroy which also clears first
d := e . GET ( "/destroy" ) . Expect ( ) . Status ( iris . StatusOK )
d . JSON ( ) . Object ( ) . Empty ( )
// This removed: d.Cookies().Empty(). Reason:
2019-06-07 20:07:08 +02:00
// httpexpect counts the cookies set or deleted at the response time, but cookie is not removed, to be really removed needs to SetExpire(now-1second) so,
2017-07-10 17:32:42 +02:00
// test if the cookies removed on the next request, like the browser's behavior.
e . GET ( "/after_destroy" ) . Expect ( ) . Status ( iris . StatusOK ) . Cookies ( ) . Empty ( )
// set and clear again
e . POST ( "/set" ) . WithJSON ( values ) . Expect ( ) . Status ( iris . StatusOK ) . Cookies ( ) . NotEmpty ( )
e . GET ( "/clear" ) . Expect ( ) . Status ( iris . StatusOK ) . JSON ( ) . Object ( ) . Empty ( )
// test start on the same request but more than one times
e . GET ( "/multi_start_set_get" ) . Expect ( ) . Status ( iris . StatusOK ) . Body ( ) . Equal ( "value" )
}
func TestFlashMessages ( t * testing . T ) {
app := iris . New ( )
sess := sessions . New ( sessions . Config { Cookie : "mycustomsessionid" } )
valueSingleKey := "Name"
valueSingleValue := "iris-sessions"
values := map [ string ] interface { } {
valueSingleKey : valueSingleValue ,
"Days" : "1" ,
"Secret" : "dsads£2132215£%%Ssdsa" ,
}
writeValues := func ( ctx context . Context , values map [ string ] interface { } ) error {
_ , err := ctx . JSON ( values )
return err
}
app . Post ( "/set" , func ( ctx context . Context ) {
2020-02-02 15:29:06 +01:00
vals := make ( map [ string ] interface { } )
2017-07-10 17:32:42 +02:00
if err := ctx . ReadJSON ( & vals ) ; err != nil {
t . Fatalf ( "Cannot readjson. Trace %s" , err . Error ( ) )
}
s := sess . Start ( ctx )
for k , v := range vals {
s . SetFlash ( k , v )
}
ctx . StatusCode ( iris . StatusOK )
} )
writeFlashValues := func ( ctx context . Context ) {
s := sess . Start ( ctx )
flashes := s . GetFlashes ( )
if err := writeValues ( ctx , flashes ) ; err != nil {
t . Fatalf ( "While serialize the flash values: %s" , err . Error ( ) )
}
}
app . Get ( "/get_single" , func ( ctx context . Context ) {
s := sess . Start ( ctx )
flashMsgString := s . GetFlashString ( valueSingleKey )
ctx . WriteString ( flashMsgString )
} )
app . Get ( "/get" , func ( ctx context . Context ) {
writeFlashValues ( ctx )
} )
app . Get ( "/clear" , func ( ctx context . Context ) {
s := sess . Start ( ctx )
s . ClearFlashes ( )
writeFlashValues ( ctx )
} )
app . Get ( "/destroy" , func ( ctx context . Context ) {
sess . Destroy ( ctx )
writeFlashValues ( ctx )
ctx . StatusCode ( iris . StatusOK )
// the cookie and all values should be empty
} )
// request cookie should be empty
app . Get ( "/after_destroy" , func ( ctx context . Context ) {
ctx . StatusCode ( iris . StatusOK )
} )
e := httptest . New ( t , app , httptest . URL ( "http://example.com" ) )
e . POST ( "/set" ) . WithJSON ( values ) . Expect ( ) . Status ( iris . StatusOK ) . Cookies ( ) . NotEmpty ( )
// get all
e . GET ( "/get" ) . Expect ( ) . Status ( iris . StatusOK ) . JSON ( ) . Object ( ) . Equal ( values )
// get the same flash on other request should return nothing because the flash message is removed after fetch once
e . GET ( "/get" ) . Expect ( ) . Status ( iris . StatusOK ) . JSON ( ) . Object ( ) . Empty ( )
// test destroy which also clears first
d := e . GET ( "/destroy" ) . Expect ( ) . Status ( iris . StatusOK )
d . JSON ( ) . Object ( ) . Empty ( )
e . GET ( "/after_destroy" ) . Expect ( ) . Status ( iris . StatusOK ) . Cookies ( ) . Empty ( )
// set and clear again
e . POST ( "/set" ) . WithJSON ( values ) . Expect ( ) . Status ( iris . StatusOK ) . Cookies ( ) . NotEmpty ( )
e . GET ( "/clear" ) . Expect ( ) . Status ( iris . StatusOK ) . JSON ( ) . Object ( ) . Empty ( )
// set again in order to take the single one ( we don't test Cookies.NotEmpty because httpexpect default conf reads that from the request-only)
e . POST ( "/set" ) . WithJSON ( values ) . Expect ( ) . Status ( iris . StatusOK )
e . GET ( "/get_single" ) . Expect ( ) . Status ( iris . StatusOK ) . Body ( ) . Equal ( valueSingleValue )
}
2020-04-13 06:11:41 +02:00
func TestSessionsUpdateExpiration ( t * testing . T ) {
app := iris . New ( )
cookieName := "mycustomsessionid"
sess := sessions . New ( sessions . Config {
2020-04-13 08:27:49 +02:00
Cookie : cookieName ,
Expires : 30 * time . Minute ,
AllowReclaim : true ,
2020-04-13 06:11:41 +02:00
} )
app . Use ( sess . Handler ( ) )
type response struct {
SessionID string ` json:"sessionID" `
Logged bool ` json:"logged" `
}
var writeResponse = func ( ctx context . Context ) {
session := sessions . Get ( ctx )
ctx . JSON ( response {
SessionID : session . ID ( ) ,
Logged : session . GetBooleanDefault ( "logged" , false ) ,
} )
}
app . Get ( "/get" , func ( ctx context . Context ) {
writeResponse ( ctx )
} )
app . Get ( "/set" , func ( ctx iris . Context ) {
sessions . Get ( ctx ) . Set ( "logged" , true )
writeResponse ( ctx )
} )
2020-04-13 08:27:49 +02:00
app . Post ( "/remember_me" , func ( ctx iris . Context ) {
2020-04-13 06:11:41 +02:00
// re-sends the cookie with the new Expires and MaxAge fields,
// test checks that on same session id too.
2020-04-13 21:15:55 +02:00
sessions . Get ( ctx ) . Man . UpdateExpiration ( ctx , 24 * time . Hour )
2020-04-13 06:11:41 +02:00
writeResponse ( ctx )
} )
2020-04-13 08:27:49 +02:00
app . Get ( "/destroy" , func ( ctx iris . Context ) {
2020-04-13 21:15:55 +02:00
sessions . Get ( ctx ) . Man . Destroy ( ctx ) // this will delete the cookie too.
2020-04-13 08:27:49 +02:00
} )
2020-04-13 06:11:41 +02:00
e := httptest . New ( t , app , httptest . URL ( "http://example.com" ) )
tt := e . GET ( "/set" ) . Expect ( ) . Status ( httptest . StatusOK )
2020-04-13 09:01:51 +02:00
tt . Cookie ( cookieName ) . MaxAge ( ) . InRange ( 29 * time . Minute , 30 * time . Minute )
2020-04-13 06:11:41 +02:00
sessionID := tt . JSON ( ) . Object ( ) . Raw ( ) [ "sessionID" ] . ( string )
expectedResponse := response { SessionID : sessionID , Logged : true }
e . GET ( "/get" ) . Expect ( ) . Status ( httptest . StatusOK ) .
JSON ( ) . Equal ( expectedResponse )
2020-04-13 08:27:49 +02:00
tt = e . POST ( "/remember_me" ) . Expect ( ) . Status ( httptest . StatusOK )
2020-04-13 09:01:51 +02:00
tt . Cookie ( cookieName ) . MaxAge ( ) . InRange ( 23 * time . Hour , 24 * time . Hour )
2020-04-13 06:11:41 +02:00
tt . JSON ( ) . Equal ( expectedResponse )
2020-04-13 08:27:49 +02:00
// Test call `UpdateExpiration` when cookie is firstly created.
e . GET ( "/destroy" ) . Expect ( ) . Status ( httptest . StatusOK )
e . POST ( "/remember_me" ) . Expect ( ) . Status ( httptest . StatusOK ) .
2020-04-13 09:01:51 +02:00
Cookie ( cookieName ) . MaxAge ( ) . InRange ( 23 * time . Hour , 24 * time . Hour )
2020-04-13 06:11:41 +02:00
}
2020-04-17 16:54:00 +02:00
// go test -v -count=100 -run=TestSessionsUpdateExpirationConcurrently$
// #1488
func TestSessionsUpdateExpirationConcurrently ( t * testing . T ) {
cookieName := "mycustomsessionid"
sess := sessions . New ( sessions . Config {
Cookie : cookieName ,
Expires : 30 * time . Minute ,
AllowReclaim : true ,
} )
app := iris . New ( )
app . Use ( sess . Handler ( ) )
app . Use ( func ( ctx iris . Context ) {
// session will expire after 30 minute at the last visit
sess . UpdateExpiration ( ctx , 30 * time . Minute )
ctx . Next ( )
} )
app . Get ( "/get" , func ( ctx iris . Context ) {
ctx . WriteString ( sessions . Get ( ctx ) . ID ( ) )
} )
e := httptest . New ( t , app , httptest . URL ( "http://example.com" ) )
id := e . GET ( "/get" ) . Expect ( ) . Status ( httptest . StatusOK ) . Body ( ) . Raw ( )
i := 0
wg := sync . WaitGroup { }
wg . Add ( 1000 )
for i < 1000 {
go func ( ) {
tt := e . GET ( "/get" ) . Expect ( ) . Status ( httptest . StatusOK )
tt . Body ( ) . Equal ( id )
tt . Cookie ( cookieName ) . MaxAge ( ) . InRange ( 29 * time . Minute , 30 * time . Minute )
wg . Done ( )
} ( )
i ++
}
wg . Wait ( )
tt := e . GET ( "/get" ) . Expect ( )
tt . Status ( httptest . StatusOK ) . Body ( ) . Equal ( id )
tt . Cookie ( cookieName ) . MaxAge ( ) . InRange ( 29 * time . Minute , 30 * time . Minute )
}
