mirror of
https://github.com/verdaccio/verdaccio.git
synced 2024-12-30 22:34:10 -05:00
add a bunch of tests for htpasswd
This commit is contained in:
parent
490340fbb0
commit
3809d6eb32
10 changed files with 115 additions and 7 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -5,5 +5,6 @@ sinopia-*.tgz
|
||||||
|
|
||||||
###
|
###
|
||||||
bin/storage*
|
bin/storage*
|
||||||
|
bin/htpasswd
|
||||||
bin/*.yaml
|
bin/*.yaml
|
||||||
test-storage*
|
test-storage*
|
||||||
|
|
|
@ -5,6 +5,7 @@ sinopia-*.tgz
|
||||||
|
|
||||||
###
|
###
|
||||||
bin/storage*
|
bin/storage*
|
||||||
|
bin/htpasswd
|
||||||
bin/*.yaml
|
bin/*.yaml
|
||||||
test-storage*
|
test-storage*
|
||||||
|
|
||||||
|
|
|
@ -171,7 +171,7 @@ Config.prototype.authenticate = function(user, password, cb) {
|
||||||
|
|
||||||
Config.prototype.add_user = function(user, password, cb) {
|
Config.prototype.add_user = function(user, password, cb) {
|
||||||
if (this.users && this.users[user]) return cb(new UError({
|
if (this.users && this.users[user]) return cb(new UError({
|
||||||
status: 409,
|
status: 403,
|
||||||
message: 'this user already exists',
|
message: 'this user already exists',
|
||||||
}))
|
}))
|
||||||
|
|
||||||
|
|
|
@ -66,12 +66,12 @@ module.exports = function(path) {
|
||||||
function sanity_check() {
|
function sanity_check() {
|
||||||
if (users[user]) {
|
if (users[user]) {
|
||||||
return new UError({
|
return new UError({
|
||||||
status: 409,
|
status: 403,
|
||||||
message: 'this user already exists',
|
message: 'this user already exists',
|
||||||
})
|
})
|
||||||
} else if (Object.keys(users).length >= maxusers) {
|
} else if (Object.keys(users).length >= maxusers) {
|
||||||
return new UError({
|
return new UError({
|
||||||
status: 409,
|
status: 403,
|
||||||
message: 'maximum amount of users reached',
|
message: 'maximum amount of users reached',
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
@ -135,3 +135,7 @@ module.exports = function(path) {
|
||||||
return result
|
return result
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// exports for unit tests
|
||||||
|
module.exports._parse_htpasswd = parse_htpasswd
|
||||||
|
module.exports._verify_password = verify_password
|
||||||
|
module.exports._add_user_to_htpasswd = add_user_to_htpasswd
|
||||||
|
|
|
@ -31,14 +31,14 @@ dependencies:
|
||||||
|
|
||||||
optionalDependencies:
|
optionalDependencies:
|
||||||
fs-ext: '>= 0.3.2'
|
fs-ext: '>= 0.3.2'
|
||||||
crypt3: 'sendanor/node-crypt3'
|
crypt3: '*'
|
||||||
|
|
||||||
devDependencies:
|
devDependencies:
|
||||||
rimraf: '>= 2.2.5'
|
rimraf: '>= 2.2.5'
|
||||||
mocha: '>= 1.17.0'
|
mocha: '>= 1.17.0'
|
||||||
|
|
||||||
# linting tools
|
# linting tools
|
||||||
eslint: '>= 0.6'
|
eslint: '~ 0.6.0'
|
||||||
|
|
||||||
# for debugging memory leaks, it'll be require()'d if
|
# for debugging memory leaks, it'll be require()'d if
|
||||||
# installed, but I don't want it to be installed everytime
|
# installed, but I don't want it to be installed everytime
|
||||||
|
@ -56,7 +56,7 @@ keywords:
|
||||||
scripts:
|
scripts:
|
||||||
test: mocha ./test/functional ./test/unit
|
test: mocha ./test/functional ./test/unit
|
||||||
lint: eslint -c ./.eslint.yaml ./lib
|
lint: eslint -c ./.eslint.yaml ./lib
|
||||||
prepublish: js-yaml package.yaml > package.json
|
#prepublish: js-yaml package.yaml > package.json
|
||||||
|
|
||||||
# we depend on streams2 stuff
|
# we depend on streams2 stuff
|
||||||
# it can be replaced with isaacs/readable-stream, ask if you need to use 0.8
|
# it can be replaced with isaacs/readable-stream, ask if you need to use 0.8
|
||||||
|
|
36
test/functional/adduser.js
Normal file
36
test/functional/adduser.js
Normal file
|
@ -0,0 +1,36 @@
|
||||||
|
var assert = require('assert')
|
||||||
|
var Server = require('./lib/server')
|
||||||
|
|
||||||
|
module.exports = function() {
|
||||||
|
var server = new Server('http://localhost:55551/')
|
||||||
|
|
||||||
|
describe('adduser', function() {
|
||||||
|
var user = String(Math.random())
|
||||||
|
var pass = String(Math.random())
|
||||||
|
before(function(cb) {
|
||||||
|
server.auth(user, pass, function(res, body) {
|
||||||
|
assert.equal(res.statusCode, 201)
|
||||||
|
assert(body.ok.match(/user .* created/))
|
||||||
|
cb()
|
||||||
|
})
|
||||||
|
})
|
||||||
|
|
||||||
|
it('creating new user', function(){})
|
||||||
|
|
||||||
|
it('should log in', function(cb) {
|
||||||
|
server.auth(user, pass, function(res, body) {
|
||||||
|
assert.equal(res.statusCode, 201)
|
||||||
|
assert(body.ok.match(/you are authenticated as/))
|
||||||
|
cb()
|
||||||
|
})
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should not register more users', function(cb) {
|
||||||
|
server.auth(String(Math.random()), String(Math.random()), function(res, body) {
|
||||||
|
assert.equal(res.statusCode, 403)
|
||||||
|
assert(body.error.match(/maximum amount of users reached/))
|
||||||
|
cb()
|
||||||
|
})
|
||||||
|
})
|
||||||
|
})
|
||||||
|
}
|
|
@ -4,6 +4,9 @@ users:
|
||||||
test:
|
test:
|
||||||
password: a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
|
password: a94a8fe5ccb19ba61c4c0873d391e987982fbbd3
|
||||||
|
|
||||||
|
users_file: ./test-storage/htpasswd
|
||||||
|
max_users: 1
|
||||||
|
|
||||||
uplinks:
|
uplinks:
|
||||||
express:
|
express:
|
||||||
url: http://localhost:55550/
|
url: http://localhost:55550/
|
||||||
|
|
|
@ -46,6 +46,7 @@ describe('Func', function() {
|
||||||
require('./race')()
|
require('./race')()
|
||||||
require('./racycrash')()
|
require('./racycrash')()
|
||||||
require('./security')()
|
require('./security')()
|
||||||
|
require('./adduser')()
|
||||||
require('./addtag')()
|
require('./addtag')()
|
||||||
})
|
})
|
||||||
|
|
||||||
|
|
|
@ -36,7 +36,13 @@ Server.prototype.auth = function(user, pass, cb) {
|
||||||
uri: '/-/user/org.couchdb.user:'+encodeURIComponent(user)+'/-rev/undefined',
|
uri: '/-/user/org.couchdb.user:'+encodeURIComponent(user)+'/-rev/undefined',
|
||||||
method: 'PUT',
|
method: 'PUT',
|
||||||
json: {
|
json: {
|
||||||
content: "doesn't matter, 'cause sinopia uses info from Authorization header anywayz",
|
name: user,
|
||||||
|
password: pass,
|
||||||
|
email: 'test@example.com',
|
||||||
|
_id: 'org.couchdb.user:' + user,
|
||||||
|
type: 'user',
|
||||||
|
roles: [],
|
||||||
|
date: new Date(),
|
||||||
}
|
}
|
||||||
}, prep(cb))
|
}, prep(cb))
|
||||||
}
|
}
|
||||||
|
|
56
test/unit/htpasswd.js
Normal file
56
test/unit/htpasswd.js
Normal file
|
@ -0,0 +1,56 @@
|
||||||
|
var assert = require('assert')
|
||||||
|
, parse_htpasswd = require('../../lib/htpasswd')._parse_htpasswd
|
||||||
|
, verify_password = require('../../lib/htpasswd')._verify_password
|
||||||
|
, add_user_to_htpasswd = require('../../lib/htpasswd')._add_user_to_htpasswd
|
||||||
|
|
||||||
|
describe('parse_htpasswd', function() {
|
||||||
|
// TODO
|
||||||
|
})
|
||||||
|
|
||||||
|
describe('verify_password', function() {
|
||||||
|
it('should verify plain', function() {
|
||||||
|
assert(verify_password('user', 'pass', '{PLAIN}pass'))
|
||||||
|
assert(!verify_password('user', 'p', '{PLAIN}pass'))
|
||||||
|
})
|
||||||
|
it('should verify sha', function() {
|
||||||
|
assert(verify_password('user', 'pass', '{SHA}nU4eI71bcnBGqeO0t9tXvY1u5oQ='))
|
||||||
|
assert(!verify_password('user', 'p', '{SHA}nU4eI71bcnBGqeO0t9tXvY1u5oQ='))
|
||||||
|
})
|
||||||
|
it('should verify crypt', function() {
|
||||||
|
assert(verify_password('user', 'pass', 'ulINxGnqObi36'))
|
||||||
|
assert(!verify_password('user', 'p', 'ulINxGnqObi36'))
|
||||||
|
})
|
||||||
|
it('should verify crypt-sha', function() {
|
||||||
|
assert(verify_password('user', 'pass', '$6$Qx0eNSKPbxocgA==$ugjO0.z9yOFiaJXJK4ulvGYIxF/KZBV4lGqasArYPqPPT4orZ6NlnIE5KhtiOVs.5EoWxLg1sjp318G8RpI2x1'))
|
||||||
|
assert(!verify_password('user', 'p', '$6$Qx0eNSKPbxocgA==$ugjO0.z9yOFiaJXJK4ulvGYIxF/KZBV4lGqasArYPqPPT4orZ6NlnIE5KhtiOVs.5EoWxLg1sjp318G8RpI2x1'))
|
||||||
|
})
|
||||||
|
})
|
||||||
|
|
||||||
|
describe('add_user_to_htpasswd', function() {
|
||||||
|
it('should add user to empty file', function() {
|
||||||
|
var res = add_user_to_htpasswd('', 'user', 'passwd')
|
||||||
|
assert(res.match(/^user:[^:\n]+:autocreated [^\n]+\n$/))
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should append user / newline checks', function() {
|
||||||
|
var res = add_user_to_htpasswd('testtest', 'user', 'passwd')
|
||||||
|
assert(res.match(/^testtest\nuser:[^:\n]+:autocreated [^\n]+\n$/))
|
||||||
|
var res = add_user_to_htpasswd('testtest\n', 'user', 'passwd')
|
||||||
|
assert(res.match(/^testtest\nuser:[^:\n]+:autocreated [^\n]+\n$/))
|
||||||
|
var res = add_user_to_htpasswd('testtest\n\n', 'user', 'passwd')
|
||||||
|
assert(res.match(/^testtest\n\nuser:[^:\n]+:autocreated [^\n]+\n$/))
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should not append invalid users', function() {
|
||||||
|
assert.throws(function() {
|
||||||
|
add_user_to_htpasswd('', 'us:er', 'passwd')
|
||||||
|
}, /non-uri-safe/)
|
||||||
|
assert.throws(function() {
|
||||||
|
add_user_to_htpasswd('', 'us\ner', 'passwd')
|
||||||
|
}, /non-uri-safe/)
|
||||||
|
assert.throws(function() {
|
||||||
|
add_user_to_htpasswd('', 'us#er', 'passwd')
|
||||||
|
}, /non-uri-safe/)
|
||||||
|
})
|
||||||
|
})
|
||||||
|
|
Loading…
Reference in a new issue