Finish signup tests.

src/lib.rs

@@ -30,10 +30,7 @@ pub async fn app(db_pool: SqlitePool, secret: &[u8]) -> Router {
     Router::new()
         .route("/", get(handle_slash).post(handle_slash))
         .route("/signup", get(get_create_user).post(post_create_user))
-        .route(
+        .route("/signup_success/:id", get(handle_signup_success))
-            "/signup_success/:id",
-            get(handle_signup_success).post(handle_signup_success),
-        )
         .route("/login", get(get_login).post(post_login))
         .route("/logout", get(get_logout).post(post_logout))
         .fallback(handle_slash_redir)

src/login.rs

@@ -103,11 +103,9 @@ pub async fn post_logout(mut auth: AuthContext) -> impl IntoResponse {
 
 #[cfg(test)]
 mod test {
-    use axum::body::Bytes;
-
     use crate::{
         templates::{Index, LoginGet, LogoutGet, LogoutPost},
-        test_utils::{get_user, massage, server, FORM_CONTENT_TYPE},
+        test_utils::{get_test_user, massage, server, FORM_CONTENT_TYPE},
     };
 
     const LOGIN_FORM: &str = "username=test_user&password=a";
@@ -201,7 +199,7 @@ mod test {
             assert_eq!(resp.status_code(), 303);
 
             let logged_in = Index {
-                user: Some(get_user()),
+                user: Some(get_test_user()),
             }
             .to_string();
 

src/signup.rs

@@ -2,7 +2,6 @@ use argon2::{
     password_hash::{rand_core::OsRng, PasswordHasher, SaltString},
     Argon2,
 };
-use askama::Template;
 use axum::{
     extract::{Form, Path, State},
     http::StatusCode,
@@ -12,7 +11,10 @@ use sqlx::{query_as, SqlitePool};
 use unicode_segmentation::UnicodeSegmentation;
 use uuid::Uuid;
 
-use crate::{templates::CreateUser, User};
+use crate::{
+    templates::{CreateUser, CreateUserSuccess},
+    User,
+};
 
 pub(crate) const CREATE_QUERY: &str =
     "insert into witches (id, username, displayname, email, pwhash) values ($1, $2, $3, $4, $5)";
@@ -22,10 +24,6 @@ const ID_QUERY: &str = "select * from witches where id = $1";
 // Result types for user creation
 //-************************************************************************
 
-#[derive(Debug, Clone, Template)]
-#[template(path = "signup_success.html")]
-pub struct CreateUserSuccess(User);
-
 #[Error(desc = "Could not create user.")]
 #[non_exhaustive]
 pub struct CreateUserError(#[from] CreateUserErrorKind);
@@ -36,7 +34,7 @@ impl IntoResponse for CreateUserError {
             CreateUserErrorKind::UnknownDBError => {
                 (StatusCode::INTERNAL_SERVER_ERROR, format!("{self}")).into_response()
             }
-            _ => (StatusCode::BAD_REQUEST, format!("{self}")).into_response(),
+            _ => (StatusCode::OK, format!("{self}")).into_response(),
         }
     }
 }
@@ -133,7 +131,7 @@ pub async fn post_create_user(
     let id = user.id.as_simple().to_string();
     let location = format!("/signup_success/{id}");
 
-    let resp = axum::response::Redirect::temporary(&location);
+    let resp = axum::response::Redirect::to(&location);
 
     Ok(resp)
 }
@@ -157,7 +155,7 @@ pub async fn handle_signup_success(
 
     if user.username.is_empty() || id.is_empty() {
         // redirect to front page if we got here without a valid witch ID
-        *resp.status_mut() = StatusCode::TEMPORARY_REDIRECT;
+        *resp.status_mut() = StatusCode::SEE_OTHER;
         resp.headers_mut().insert("Location", "/".parse().unwrap());
     }
 
@@ -229,53 +227,241 @@ pub(crate) async fn create_user(
     }
 }
 
+//-************************************************************************
+// TESTS
+//-************************************************************************
+
 #[cfg(test)]
 mod test {
     use crate::{
         db::get_pool,
-        test_utils::{get_user, server_with_pool},
+        templates::{CreateUser, CreateUserSuccess},
+        test_utils::{get_test_user, insert_user, massage, server_with_pool, FORM_CONTENT_TYPE},
+        User,
     };
 
     const GOOD_FORM: &str = "username=test_user&displayname=Test+User&password=aaaa&pw_verify=aaaa";
 
     #[tokio::test]
-    async fn post_create_user_success() {
+    async fn post_create_user() {
-        todo!()
+        let pool = get_pool().await;
-    }
+        let server = server_with_pool(&pool).await;
+        let body = massage(GOOD_FORM);
 
-    mod failure {
+        let _resp = server
-        // various ways to fuck up signup
+            .post("/signup")
-        const MISMATCH_PW_FORM: &str =
+            .expect_failure() // 303 is "failure"
-            "username=test_user&displayname=Test+User&password=aaaa&pw_verify=bbbb";
+            .bytes(body)
-        const SHORT_PW_FORM: &str =
+            .content_type(FORM_CONTENT_TYPE)
-            "username=test_user&displayname=Test+User&password=a&pw_verify=a";
+            .await;
-        const LONG_USERNAME_FORM: &str =
-            "username=test_user12345678901234567890&displayname=Test+User&
-    password=aaaa&pw_verify=aaaa";
 
-        #[tokio::test]
+        // get the new user from the db
-        async fn mismatch_pw() {
+        let user = User::try_get("test_user", &pool).await;
-            todo!()
+        assert!(user.is_ok());
-        }
-
-        #[tokio::test]
-        async fn too_short_pw() {
-            todo!()
-        }
-
-        #[tokio::test]
-        async fn too_long_username() {
-            todo!()
-        }
     }
 
     #[tokio::test]
     async fn get_create_user() {
-        todo!()
+        let pool = get_pool().await;
+        let server = server_with_pool(&pool).await;
+
+        let resp = server.get("/signup").await;
+        let body = std::str::from_utf8(resp.bytes()).unwrap();
+        let expected = CreateUser::default().to_string();
+        assert_eq!(&expected, body);
     }
 
     #[tokio::test]
     async fn handle_signup_success() {
-        todo!()
+        let pool = get_pool().await;
+        let server = server_with_pool(&pool).await;
+
+        let user = get_test_user();
+        insert_user(&user, &pool).await;
+        let id = user.id.as_simple().to_string();
+
+        let path = format!("/signup_success/{id}");
+
+        let resp = server.get(&path).expect_success().await;
+        let body = std::str::from_utf8(resp.bytes()).unwrap();
+        let expected = CreateUserSuccess(user).to_string();
+        assert_eq!(&expected, body);
+    }
+
+    //-************************************************************************
+    // honestly this is basically the whole suite here
+    //-************************************************************************
+    mod failure {
+        use axum::http::StatusCode;
+
+        use super::*;
+        use crate::signup::CreateUserError;
+
+        // various ways to fuck up signup
+        const PASSWORD_MISMATCH_FORM: &str =
+            "username=test_user&displayname=Test+User&password=aaaa&pw_verify=bbbb";
+        const PASSWORD_SHORT_FORM: &str =
+            "username=test_user&displayname=Test+User&password=a&pw_verify=a";
+        const PASSWORD_LONG_FORM: &str = "username=test_user&displayname=Test+User&password=sphinx+of+black+qwartz+judge+my+vow+etc+etc+yadd+yadda&pw_verify=sphinx+of+black+qwartz+judge+my+vow+etc+etc+yadd+yadda";
+        const USERNAME_SHORT_FORM: &str =
+            "username=&displayname=Test+User&password=aaaa&pw_verify=aaaa";
+        const USERNAME_LONG_FORM: &str =
+            "username=test_user12345678901234567890&displayname=Test+User&password=aaaa&pw_verify=aaaa";
+        const DISPLAYNAME_LONG_FORM: &str = "username=test_user&displayname=Since+time+immemorial%2C+display+names+have+been+subject+to+a+number+of+conventions%2C+restrictions%2C+usages%2C+and+even+incentives.+Have+we+finally+gone+too+far%3F+In+this+essay%2C+&password=aaaa&pw_verify=aaaa";
+
+        #[tokio::test]
+        async fn password_mismatch() {
+            let pool = get_pool().await;
+            let server = server_with_pool(&pool).await;
+            let body = massage(PASSWORD_MISMATCH_FORM);
+
+            let resp = server
+                .post("/signup")
+                // failure to sign up is not failure to submit the request
+                .expect_success()
+                .bytes(body)
+                .content_type(FORM_CONTENT_TYPE)
+                .await;
+
+            // no user in db
+            let user = User::try_get("test_user", &pool).await;
+            assert!(user.is_err());
+
+            let body = std::str::from_utf8(resp.bytes()).unwrap();
+            let expected =
+                CreateUserError(crate::signup::CreateUserErrorKind::PasswordMismatch).to_string();
+            assert_eq!(&expected, body);
+        }
+
+        #[tokio::test]
+        async fn password_short() {
+            let pool = get_pool().await;
+            let server = server_with_pool(&pool).await;
+            let body = massage(PASSWORD_SHORT_FORM);
+
+            let resp = server
+                .post("/signup")
+                // failure to sign up is not failure to submit the request
+                .expect_success()
+                .bytes(body)
+                .content_type(FORM_CONTENT_TYPE)
+                .await;
+
+            // no user in db
+            let user = User::try_get("test_user", &pool).await;
+            assert!(user.is_err());
+
+            let body = std::str::from_utf8(resp.bytes()).unwrap();
+            let expected =
+                CreateUserError(crate::signup::CreateUserErrorKind::BadPassword).to_string();
+            assert_eq!(&expected, body);
+        }
+
+        #[tokio::test]
+        async fn password_long() {
+            let pool = get_pool().await;
+            let server = server_with_pool(&pool).await;
+            let body = massage(PASSWORD_LONG_FORM);
+
+            let resp = server
+                .post("/signup")
+                // failure to sign up is not failure to submit the request
+                .expect_success()
+                .bytes(body)
+                .content_type(FORM_CONTENT_TYPE)
+                .await;
+
+            // no user in db
+            let user = User::try_get("test_user", &pool).await;
+            assert!(user.is_err());
+
+            let body = std::str::from_utf8(resp.bytes()).unwrap();
+            let expected =
+                CreateUserError(crate::signup::CreateUserErrorKind::BadPassword).to_string();
+            assert_eq!(&expected, body);
+        }
+
+        #[tokio::test]
+        async fn username_short() {
+            let pool = get_pool().await;
+            let server = server_with_pool(&pool).await;
+            let body = massage(USERNAME_SHORT_FORM);
+
+            let resp = server
+                .post("/signup")
+                // failure to sign up is not failure to submit the request
+                .expect_success()
+                .bytes(body)
+                .content_type(FORM_CONTENT_TYPE)
+                .await;
+
+            // no user in db
+            let user = User::try_get("test_user", &pool).await;
+            assert!(user.is_err());
+
+            let body = std::str::from_utf8(resp.bytes()).unwrap();
+            let expected =
+                CreateUserError(crate::signup::CreateUserErrorKind::BadUsername).to_string();
+            assert_eq!(&expected, body);
+        }
+
+        #[tokio::test]
+        async fn username_long() {
+            let pool = get_pool().await;
+            let server = server_with_pool(&pool).await;
+            let body = massage(USERNAME_LONG_FORM);
+
+            let resp = server
+                .post("/signup")
+                // failure to sign up is not failure to submit the request
+                .expect_success()
+                .bytes(body)
+                .content_type(FORM_CONTENT_TYPE)
+                .await;
+
+            // no user in db
+            let user = User::try_get("test_user", &pool).await;
+            assert!(user.is_err());
+
+            let body = std::str::from_utf8(resp.bytes()).unwrap();
+            let expected =
+                CreateUserError(crate::signup::CreateUserErrorKind::BadUsername).to_string();
+            assert_eq!(&expected, body);
+        }
+
+        #[tokio::test]
+        async fn displayname_long() {
+            let pool = get_pool().await;
+            let server = server_with_pool(&pool).await;
+            let body = massage(DISPLAYNAME_LONG_FORM);
+
+            let resp = server
+                .post("/signup")
+                // failure to sign up is not failure to submit the request
+                .expect_success()
+                .bytes(body)
+                .content_type(FORM_CONTENT_TYPE)
+                .await;
+
+            // no user in db
+            let user = User::try_get("test_user", &pool).await;
+            assert!(user.is_err());
+
+            let body = std::str::from_utf8(resp.bytes()).unwrap();
+            let expected =
+                CreateUserError(crate::signup::CreateUserErrorKind::BadDisplayname).to_string();
+            assert_eq!(&expected, body);
+        }
+
+        #[tokio::test]
+        async fn handle_signup_success() {
+            let pool = get_pool().await;
+            let server = server_with_pool(&pool).await;
+
+            let path = format!("/signup_success/nope");
+
+            let resp = server.get(&path).expect_failure().await;
+            assert_eq!(resp.status_code(), StatusCode::SEE_OTHER);
+        }
     }
 }

src/templates.rs

@@ -13,6 +13,10 @@ pub struct CreateUser {
     pub pw_verify: String,
 }
 
+#[derive(Debug, Clone, Template, Default, Deserialize, Serialize, PartialEq, Eq)]
+#[template(path = "signup_success.html")]
+pub struct CreateUserSuccess(pub User);
+
 #[derive(Debug, Default, Template, Deserialize, Serialize, PartialEq, Eq)]
 #[template(path = "login_post.html")]
 pub struct LoginPost {

src/test_utils.rs

@@ -7,7 +7,7 @@ use crate::User;
 
 pub const FORM_CONTENT_TYPE: &str = "application/x-www-form-urlencoded";
 
-pub fn get_user() -> User {
+pub fn get_test_user() -> User {
     User {
         username: "test_user".to_string(),
         // corresponding to a password of "a":
@@ -22,7 +22,7 @@ pub async fn server() -> TestServer {
     let pool = crate::db::get_pool().await;
     let secret = [0u8; 64];
 
-    let user = get_user();
+    let user = get_test_user();
     sqlx::query(crate::signup::CREATE_QUERY)
         .bind(user.id)
         .bind(&user.username)