You've already forked agentic-coding-workflow
44 lines
1005 B
Go
44 lines
1005 B
Go
package user
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestHashAndVerifyPassword(t *testing.T) {
|
|
hash, err := HashPassword("hello-world-12345")
|
|
require.NoError(t, err)
|
|
require.NotEmpty(t, hash)
|
|
|
|
ok, err := VerifyPassword("hello-world-12345", hash)
|
|
require.NoError(t, err)
|
|
require.True(t, ok)
|
|
|
|
bad, err := VerifyPassword("wrong", hash)
|
|
require.NoError(t, err)
|
|
require.False(t, bad)
|
|
}
|
|
|
|
func TestHashPassword_RejectsTooShort(t *testing.T) {
|
|
_, err := HashPassword("short")
|
|
require.Error(t, err)
|
|
}
|
|
|
|
func TestNewSessionToken_LengthAndUniqueness(t *testing.T) {
|
|
t1, h1, err := NewSessionToken()
|
|
require.NoError(t, err)
|
|
require.GreaterOrEqual(t, len(t1), 32) // base64 of 24 bytes
|
|
require.Len(t, h1, 32) // sha256
|
|
|
|
t2, h2, _ := NewSessionToken()
|
|
require.NotEqual(t, t1, t2)
|
|
require.NotEqual(t, h1, h2)
|
|
}
|
|
|
|
func TestHashSessionToken_Deterministic(t *testing.T) {
|
|
h1 := HashSessionToken("foo")
|
|
h2 := HashSessionToken("foo")
|
|
require.Equal(t, h1, h2)
|
|
}
|