chore: test that sign in and tokens refresh persists request metadata

tests/api/auth/sign_in.rs

@@ -3,6 +3,7 @@ use auth_server::{
     settings::JWT_CONFIG,
 };
 use jsonwebtoken::Validation;
+use reqwest::header::USER_AGENT;
 use serde_json::json;
 
 use crate::helpers::TestApplication;
@@ -56,6 +57,36 @@ async fn sign_in_with_valid_credentials_persists_refresh_token() {
     assert_eq!(saved_refresh_token.jit, refresh_token.jit);
 }
 
+#[tokio::test]
+async fn sign_in_persists_refresh_token_metadata() {
+    let app = TestApplication::spawn().await;
+
+    app.sign_up().await;
+
+    let user_agent = "user agent";
+
+    app.post("/auth/sign-in")
+        .json(&json!({
+            "email": app.test_user.email,
+            "password": app.test_user.password
+        }))
+        .header(USER_AGENT, user_agent)
+        .send()
+        .await
+        .expect("Failed to execute request.");
+
+    let saved_refresh_token = sqlx::query!("SELECT * from refresh_tokens")
+        .fetch_one(&app.pool)
+        .await
+        .expect("Failed to fetch new refresh_token");
+
+    assert_eq!(saved_refresh_token.user_agent, Some(user_agent.to_string()));
+    assert_eq!(
+        saved_refresh_token.ip_address,
+        Some(app.address.ip().to_string())
+    );
+}
+
 #[tokio::test]
 async fn sign_in_with_valid_credentials_return_tokens_that_expire() {
     let app = TestApplication::spawn().await;

tests/api/auth/tokens.rs

@@ -1,4 +1,5 @@
 use auth_server::handlers::TokensResponse;
+use reqwest::header::USER_AGENT;
 use serde_json::json;
 
 use crate::helpers::TestApplication;
@@ -40,14 +41,46 @@ async fn refresh_tokens_with_invalid_refresh_token_returns_401() {
 }
 
 #[tokio::test]
-async fn refresh_tokens_with_used_refresh_token_invalids_token_family() {
+async fn refresh_tokens_persists_refresh_token_metadata() {
     let app = TestApplication::spawn().await;
 
     app.sign_up().await;
 
     let sign_in_response = app.sign_in().await;
 
-    assert_eq!(200, sign_in_response.status().as_u16());
+    let sign_in_tokens: TokensResponse = sign_in_response
+        .json()
+        .await
+        .expect("Valid sign-in didn't return pair of tokens.");
+
+    let user_agent = "user agent";
+
+    app.post("/auth/tokens/refresh")
+        .json(&json!({"refresh_token": sign_in_tokens.refresh_token}))
+        .header(USER_AGENT, user_agent)
+        .send()
+        .await
+        .expect("Failed to execute request.");
+
+    let saved_refresh_token = sqlx::query!("SELECT * from refresh_tokens")
+        .fetch_one(&app.pool)
+        .await
+        .expect("Failed to fetch new refresh_token");
+
+    assert_eq!(saved_refresh_token.user_agent, Some(user_agent.to_string()));
+    assert_eq!(
+        saved_refresh_token.ip_address,
+        Some(app.address.ip().to_string())
+    );
+}
+
+#[tokio::test]
+async fn refresh_tokens_with_used_refresh_token_invalids_token_family() {
+    let app = TestApplication::spawn().await;
+
+    app.sign_up().await;
+
+    let sign_in_response = app.sign_in().await;
 
     let sign_in_tokens: TokensResponse = sign_in_response
         .json()