dataforge/fn_registry
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity
Files
master
fn_registry/functions/infra/http_session_cookie_middleware_test.go
T
egutierrez 2a3d780347 feat(doctor): add fn doctor CLI + 14 functions for system management 
Adds `fn doctor` read-only diagnostic command with subcommands artefacts,
services, sync, uses-functions, unused, and --json flag for agents.
Each subcommand wraps a registry function in functions/infra/.

New functions:
- artefact_doctor, services_status, pc_locations_drift,
  audit_uses_functions, find_unused_functions (Go diagnostics)
- backup_sqlite_db, rotate_backups, wait_for_http, wait_for_port,
  port_kill, tail_journal, pre_commit_hook_install (bash utilities)
- notify_telegram (Go HTTP)
- backup_all pipeline (tag launcher)

Plus prior session leftovers (scan_secrets_in_dirty, append_diary_entry,
git utilities, http_session_cookie_middleware, compile/full-git pipelines).

Fixes pc_locations_drift filepath.Join bug with absolute dir_path.
Documents fn doctor in CLAUDE.md, .claude/rules/fn_doctor.md (rule 23),
docs/architecture.md, CHANGELOG.md (2026-05-07), and diary entry.

First fn doctor uses-functions run found drift in 7/12 apps (deuda
para sincronizar app.md con imports reales).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-07 01:42:10 +02:00

109 lines
2.7 KiB
Go
Raw Permalink Blame History

package infra
import (
"database/sql"
"net/http"
"net/http/httptest"
"testing"
"time"
_ "github.com/mattn/go-sqlite3"
)
type ctxKey string
const testUserCtxKey ctxKey = "user_id"
func setupSessionDB(t *testing.T) (*sql.DB, string) {
t.Helper()
db, err := sql.Open("sqlite3", ":memory:")
if err != nil {
t.Fatalf("open db: %v", err)
}
sess, err := SessionCreate(db, "user-42", time.Hour, nil)
if err != nil {
t.Fatalf("session_create: %v", err)
}
return db, sess.Token
}
func TestHTTPSessionCookieMiddleware(t *testing.T) {
t.Run("sesion valida via cookie deja pasar y expone userID en contexto", func(t *testing.T) {
db, token := setupSessionDB(t)
defer db.Close()
cfg := SessionCookieConfig{
DB: db,
CookieName: "app_session",
SkipPaths: []string{"/api/auth/"},
UserCtxKey: testUserCtxKey,
}
var gotUserID string
handler := HTTPSessionCookieMiddleware(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
gotUserID, _ = UserIDFromContext(r.Context(), testUserCtxKey)
w.WriteHeader(http.StatusOK)
}))
req := httptest.NewRequest(http.MethodGet, "/api/board", nil)
req.AddCookie(&http.Cookie{Name: "app_session", Value: token})
rec := httptest.NewRecorder()
handler.ServeHTTP(rec, req)
if rec.Code != http.StatusOK {
t.Errorf("status: got %d, want 200", rec.Code)
}
if gotUserID != "user-42" {
t.Errorf("userID: got %q, want %q", gotUserID, "user-42")
}
})
t.Run("sin cookie ni header devuelve 401", func(t *testing.T) {
db, _ := setupSessionDB(t)
defer db.Close()
cfg := SessionCookieConfig{
DB: db,
CookieName: "app_session",
SkipPaths: []string{},
UserCtxKey: testUserCtxKey,
}
handler := HTTPSessionCookieMiddleware(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
}))
req := httptest.NewRequest(http.MethodGet, "/api/board", nil)
rec := httptest.NewRecorder()
handler.ServeHTTP(rec, req)
if rec.Code != http.StatusUnauthorized {
t.Errorf("status: got %d, want 401", rec.Code)
}
})
t.Run("skip path bypassa sin validar token", func(t *testing.T) {
db, _ := setupSessionDB(t)
defer db.Close()
cfg := SessionCookieConfig{
DB: db,
CookieName: "app_session",
SkipPaths: []string{"/api/auth/", "/health"},
UserCtxKey: testUserCtxKey,
}
handler := HTTPSessionCookieMiddleware(cfg)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
}))
req := httptest.NewRequest(http.MethodPost, "/api/auth/login", nil)
rec := httptest.NewRecorder()
handler.ServeHTTP(rec, req)
if rec.Code != http.StatusOK {
t.Errorf("skip path: got %d, want 200", rec.Code)
}
})
}
Reference in New Issue View Git Blame Copy Permalink