Pull request: 2470 session token

Merge in DNS/adguard-home from 2470-session-token to master Updates #2470. Squashed commit of the following: commit 02e874404808ee23000c49b4b2980b049dc4d0e6 Author: Eugene Burkov <e.burkov@adguard.com> Date: Mon Mar 1 20:11:35 2021 +0300 home: imp time formating commit 6f4a6c9b190b2672cecd3e3e31413b03d19f8771 Author: Eugene Burkov <e.burkov@adguard.com> Date: Mon Mar 1 18:48:15 2021 +0300 home: rm user's data from session token
2025-05-04 06:52:54 +03:00 · 2021-03-01 20:37:28 +03:00 · 2021-03-01 20:37:28 +03:00 · 94e783d572
commit 94e783d572
parent 91403d0b95
3 changed files with 68 additions and 26 deletions
--- a/internal/home/auth_test.go
+++ b/internal/home/auth_test.go
@ -1,6 +1,8 @@
 package home

 import (
+	"bytes"
+	"crypto/rand"
 	"encoding/hex"
 	"net/http"
 	"net/url"
@ -11,6 +13,7 @@ import (

 	"github.com/AdguardTeam/AdGuardHome/internal/aghtest"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )

 func TestMain(m *testing.M) {
@ -24,14 +27,34 @@ func prepareTestDir() string {
 	return dir
 }

+func TestNewSessionToken(t *testing.T) {
+	// Successful case.
+	token, err := newSessionToken()
+	require.Nil(t, err)
+	assert.Len(t, token, sessionTokenSize)
+
+	// Break the rand.Reader.
+	prevReader := rand.Reader
+	t.Cleanup(func() {
+		rand.Reader = prevReader
+	})
+	rand.Reader = &bytes.Buffer{}
+
+	// Unsuccessful case.
+	token, err = newSessionToken()
+	require.NotNil(t, err)
+	assert.Empty(t, token)
+}
+
 func TestAuth(t *testing.T) {
 	dir := prepareTestDir()
-	defer func() { _ = os.RemoveAll(dir) }()
+	t.Cleanup(func() { _ = os.RemoveAll(dir) })
 	fn := filepath.Join(dir, "sessions.db")

-	users := []User{
-		{Name: "name", PasswordHash: "$2y$05$..vyzAECIhJPfaQiOK17IukcQnqEgKJHy0iETyYqxn3YXJl8yZuo2"},
-	}
+	users := []User{{
+		Name:         "name",
+		PasswordHash: "$2y$05$..vyzAECIhJPfaQiOK17IukcQnqEgKJHy0iETyYqxn3YXJl8yZuo2",
+	}}
 	a := InitAuth(fn, nil, 60)
 	s := session{}

@ -41,7 +64,7 @@ func TestAuth(t *testing.T) {
 	assert.Equal(t, checkSessionNotFound, a.checkSession("notfound"))
 	a.RemoveSession("notfound")

-	sess, err := getSession(&users[0])
+	sess, err := newSessionToken()
 	assert.Nil(t, err)
 	sessStr := hex.EncodeToString(sess)