add one more auth test

just to clarify on how to use it properly
2016-04-07 18:04:36 +08:00 · 2016-04-07 18:04:36 +08:00 · be4f08a4fb
commit be4f08a4fb
parent 353b1aada0
2 changed files with 8 additions and 7 deletions
--- a/servant-server/src/Servant/Server/Experimental/Auth.hs
+++ b/servant-server/src/Servant/Server/Experimental/Auth.hs
@ -63,4 +63,3 @@ instance ( HasServer api context
      where
        authHandler = unAuthHandler (getContextEntry context)
        authCheck = fmap (either FailFatal Route) . runExceptT . authHandler
-
--- a/servant-server/test/Servant/ServerSpec.hs
+++ b/servant-server/test/Servant/ServerSpec.hs
@ -52,7 +52,7 @@ import           Servant.API                ((:<|>) (..), (:>), AuthProtect,
                                             Raw, RemoteHost, ReqBody,
                                             StdMethod (..), Verb, addHeader)
 import           Servant.API.Internal.Test.ComprehensiveAPI
-import           Servant.Server             (ServantErr (..), Server, err401, err404,
+import           Servant.Server             (ServantErr (..), Server, err401, err403, err404,
                                             serve, serveWithContext, Context((:.), EmptyContext))
 import           Test.Hspec                 (Spec, context, describe, it,
                                             shouldBe, shouldContain)
@ -606,11 +606,10 @@ type instance AuthServerData (AuthProtect "auth") = ()

 genAuthContext :: Context '[AuthHandler Request ()]
 genAuthContext =
-  let authHandler = (\req ->
-        if elem ("Auth", "secret") (requestHeaders req)
-        then return ()
-        else throwE err401
-        )
+  let authHandler = \req -> case lookup "Auth" (requestHeaders req) of
+        Just "secret" -> return ()
+        Just _ -> throwE err403
+        Nothing -> throwE err401
  in mkAuthHandler authHandler :. EmptyContext

 genAuthSpec :: Spec
@ -622,6 +621,9 @@ genAuthSpec = do
        it "returns 401 when missing headers" $ do
          get "/auth" `shouldRespondWith` 401

+        it "returns 403 on wrong passwords" $ do
+          THW.request methodGet "/auth" [("Auth","wrong")] "" `shouldRespondWith` 403
+
        it "returns 200 with the right header" $ do
          THW.request methodGet "/auth" [("Auth","secret")] "" `shouldRespondWith` 200