add one more auth test

just to clarify on how to use it properly
This commit is contained in:
Sönke Hahn 2016-04-07 18:04:36 +08:00
parent c2c9bef571
commit 8bf81190b2
2 changed files with 8 additions and 7 deletions

View file

@ -63,4 +63,3 @@ instance ( HasServer api context
where
authHandler = unAuthHandler (getContextEntry context)
authCheck = fmap (either FailFatal Route) . runExceptT . authHandler

View file

@ -52,7 +52,7 @@ import Servant.API ((:<|>) (..), (:>), AuthProtect,
Raw, RemoteHost, ReqBody,
StdMethod (..), Verb, addHeader)
import Servant.API.Internal.Test.ComprehensiveAPI
import Servant.Server (ServantErr (..), Server, err401, err404,
import Servant.Server (ServantErr (..), Server, err401, err403, err404,
serve, serveWithContext, Context((:.), EmptyContext))
import Test.Hspec (Spec, context, describe, it,
shouldBe, shouldContain)
@ -606,11 +606,10 @@ type instance AuthServerData (AuthProtect "auth") = ()
genAuthContext :: Context '[AuthHandler Request ()]
genAuthContext =
let authHandler = (\req ->
if elem ("Auth", "secret") (requestHeaders req)
then return ()
else throwE err401
)
let authHandler = \req -> case lookup "Auth" (requestHeaders req) of
Just "secret" -> return ()
Just _ -> throwE err403
Nothing -> throwE err401
in mkAuthHandler authHandler :. EmptyContext
genAuthSpec :: Spec
@ -622,6 +621,9 @@ genAuthSpec = do
it "returns 401 when missing headers" $ do
get "/auth" `shouldRespondWith` 401
it "returns 403 on wrong passwords" $ do
THW.request methodGet "/auth" [("Auth","wrong")] "" `shouldRespondWith` 403
it "returns 200 with the right header" $ do
THW.request methodGet "/auth" [("Auth","secret")] "" `shouldRespondWith` 200