diff --git a/internal/api/account_test.go b/internal/api/account_test.go index 6941a91ba..987153f58 100644 --- a/internal/api/account_test.go +++ b/internal/api/account_test.go @@ -12,8 +12,9 @@ import ( func TestGetAccounts(t *testing.T) { t.Run("successful request", func(t *testing.T) { - app, router, _, sess := NewAdminApiTest() + app, router, _ := NewApiTest() GetAccounts(router) + sess := AuthenticateAdmin(app, router) r := AuthenticatedRequest(app, "GET", "/api/v1/accounts?count=10", sess) val := gjson.Get(r.Body.String(), "#(AccName=\"Test Account\").AccURL") count := gjson.Get(r.Body.String(), "#") diff --git a/internal/api/api_test.go b/internal/api/api_test.go index 78718eddd..9e11a929f 100644 --- a/internal/api/api_test.go +++ b/internal/api/api_test.go @@ -1,7 +1,6 @@ package api import ( - "bytes" "encoding/json" "net/http" "net/http/httptest" @@ -25,15 +24,15 @@ func NewApiTest() (app *gin.Engine, router *gin.RouterGroup, conf *config.Config return app, router, service.Config() } -// NewAdminApiTest returns new API test helper with authenticated admin session. -func NewAdminApiTest() (app *gin.Engine, router *gin.RouterGroup, conf *config.Config, sessId string) { - return NewAuthApiTest("admin", "photoprism") +// AuthenticateAdmin Register session routes and returns valid SessionId. +// Call this func after registering other routes and before performing other requests. +func AuthenticateAdmin(app *gin.Engine, router *gin.RouterGroup) (sessId string) { + return AuthenticateUser(app, router, "admin", "photoprism") } -// NewAuthApiTest returns new API test helper with authenticated admin session. -func NewAuthApiTest(username string, password string) (app *gin.Engine, router *gin.RouterGroup, conf *config.Config, sessId string) { - app = gin.New() - router = app.Group("/api/v1") +// AuthenticateUser Register session routes and returns valid SessionId. +// Call this func after registering other routes and before performing other requests. +func AuthenticateUser(app *gin.Engine, router *gin.RouterGroup, username string, password string) (sessId string) { CreateSession(router) f := form.Login{ UserName: username, @@ -43,13 +42,9 @@ func NewAuthApiTest(username string, password string) (app *gin.Engine, router * if err != nil { log.Fatal(err) } - reader := bytes.NewReader(loginStr) - req, _ := http.NewRequest("POST", "/api/v1/session", reader) - w := httptest.NewRecorder() - app.ServeHTTP(w, req) - sessId = w.Header().Get("X-Session-ID") - gin.SetMode(gin.TestMode) - return app, router, service.Config(), sessId + r0 := PerformRequestWithBody(app, http.MethodPost, "/api/v1/session", string(loginStr)) + sessId = r0.Header().Get("X-Session-ID") + return } // Performs API request with empty request body. @@ -79,6 +74,16 @@ func PerformRequestWithBody(r http.Handler, method, path, body string) *httptest return w } +// Performs authenticated API request including request body as string. +func AuthenticatedRequestWithBody(r http.Handler, method, path, body string, sessionId string) *httptest.ResponseRecorder { + reader := strings.NewReader(body) + req, _ := http.NewRequest(method, path, reader) + req.Header.Add("X-Session-ID", sessionId) + w := httptest.NewRecorder() + r.ServeHTTP(w, req) + return w +} + func TestMain(m *testing.M) { log = logrus.StandardLogger() log.SetLevel(logrus.DebugLevel) diff --git a/internal/api/session_test.go b/internal/api/session_test.go index f8419dc34..03af506e1 100644 --- a/internal/api/session_test.go +++ b/internal/api/session_test.go @@ -1,12 +1,9 @@ package api import ( - "encoding/json" "net/http" "testing" - "github.com/photoprism/photoprism/internal/form" - "github.com/photoprism/photoprism/internal/i18n" "github.com/stretchr/testify/assert" "github.com/tidwall/gjson" @@ -80,36 +77,18 @@ func TestCreateSession(t *testing.T) { func TestDeleteSession(t *testing.T) { t.Run("delete admin session", func(t *testing.T) { app, router, _ := NewApiTest() - CreateSession(router) DeleteSession(router) - f := form.Login{ - UserName: "admin", - Password: "photoprism", - } - loginStr, err := json.Marshal(f) - if err != nil { - log.Fatal(err) - } - r0 := PerformRequestWithBody(app, http.MethodPost, "/api/v1/session", string(loginStr)) - sessId := r0.Header().Get("X-Session-ID") + + sessId := AuthenticateAdmin(app, router) r := PerformRequest(app, http.MethodDelete, "/api/v1/session/"+sessId) assert.Equal(t, http.StatusOK, r.Code) }) t.Run("delete user session", func(t *testing.T) { app, router, _ := NewApiTest() - CreateSession(router) DeleteSession(router) - f := form.Login{ - UserName: "alice", - Password: "Alice123!", - } - loginStr, err := json.Marshal(f) - if err != nil { - log.Fatal(err) - } - r0 := PerformRequestWithBody(app, http.MethodPost, "/api/v1/session", string(loginStr)) - sessId := r0.Header().Get("X-Session-ID") + + sessId := AuthenticateUser(app, router, "alice", "Alice123!") r := PerformRequest(app, http.MethodDelete, "/api/v1/session/"+sessId) assert.Equal(t, http.StatusOK, r.Code)